draft-ietf-roll-enrollment-priority-05.txt   draft-ietf-roll-enrollment-priority-06.txt 
ROLL Working Group M. Richardson ROLL Working Group M. Richardson
Internet-Draft Sandelman Software Works Internet-Draft Sandelman Software Works
Intended status: Standards Track R.A. Jadhav Intended status: Standards Track R.A. Jadhav
Expires: 10 February 2022 Huawei Tech Expires: 1 September 2022 Huawei Tech
P. Thubert P. Thubert
H. She H. She
Cisco Systems Cisco Systems
9 August 2021 28 February 2022
Controlling Secure Network Enrollment in RPL networks Controlling Secure Network Enrollment in RPL networks
draft-ietf-roll-enrollment-priority-05 draft-ietf-roll-enrollment-priority-06
Abstract Abstract
[I-D.ietf-6tisch-enrollment-enhanced-beacon] defines a method by [RFC9032] defines a method by which a potential [RFC9031] enrollment
which a potential [I-D.ietf-6tisch-minimal-security] enrollment proxy proxy can announce itself as a available for new Pledges to enroll on
can announce itself as a available for new Pledges to enroll on a a network. The announcement includes a priority for enrollment.
network. The announcement includes a priority for enrollment. This This document provides a mechanism by which a RPL DODAG root can
document provides a mechanism by which a RPL DODAG root can disable disable enrollment announcements, or adjust the base priority for
enrollment announcements, or adjust the base priority for enrollment enrollment operation.
operation.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 10 February 2022. This Internet-Draft will expire on 1 September 2022.
Copyright Notice Copyright Notice
Copyright (c) 2021 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components and restrictions with respect to this document. Code Components
extracted from this document must include Simplified BSD License text extracted from this document must include Revised BSD License text as
as described in Section 4.e of the Trust Legal Provisions and are described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Simplified BSD License. provided without warranty as described in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
1.1. Motivation and Overview . . . . . . . . . . . . . . . . . 2 1.1. Motivation and Overview . . . . . . . . . . . . . . . . . 2
2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 3 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4
3. Protocol Definition . . . . . . . . . . . . . . . . . . . . . 4 3. Protocol Definition . . . . . . . . . . . . . . . . . . . . . 4
3.1. Upwards compatibility . . . . . . . . . . . . . . . . . . 5 3.1. Option Format . . . . . . . . . . . . . . . . . . . . . . 4
3.2. Upwards compatibility . . . . . . . . . . . . . . . . . . 5
4. Security Considerations . . . . . . . . . . . . . . . . . . . 6 4. Security Considerations . . . . . . . . . . . . . . . . . . . 6
5. Privacy Considerations . . . . . . . . . . . . . . . . . . . 7 5. Privacy Considerations . . . . . . . . . . . . . . . . . . . 7
6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7
8. References . . . . . . . . . . . . . . . . . . . . . . . . . 7 8. References . . . . . . . . . . . . . . . . . . . . . . . . . 7
8.1. Normative References . . . . . . . . . . . . . . . . . . 7 8.1. Normative References . . . . . . . . . . . . . . . . . . 7
8.2. Informative References . . . . . . . . . . . . . . . . . 8 8.2. Informative References . . . . . . . . . . . . . . . . . 8
Appendix A. Change history . . . . . . . . . . . . . . . . . . . 8 Appendix A. Change history . . . . . . . . . . . . . . . . . . . 8
Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 9 Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 9 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8
1. Introduction 1. Introduction
[RFC7554] describes the use of the time-slotted channel hopping [RFC7554] describes the use of the time-slotted channel hopping
(TSCH) mode of [ieee802154]. [I-D.ietf-6tisch-minimal-security] and (TSCH) mode of [ieee802154]. [RFC9031] and [RFC9032] describe
[I-D.ietf-6tisch-dtsecurity-secure-join] describe mechanisms by which mechanisms by which a new node (the "pledge") can use a friendly
a new node (the "pledge)" can use a friendly router as a Join Proxy. router as a Join Proxy. [RFC9032] describes an extension to the
[I-D.ietf-6tisch-enrollment-enhanced-beacon] describes an extension 802.15.4 Enhanced Beacon that is used by a Join Proxy to announce its
to the 802.15.4 Enhanced Beacon that is used by a Join Proxy to existence such that Pledges can find them.
announce its existence such that Pledges can find them.
1.1. Motivation and Overview 1.1. Motivation and Overview
It has become clear that not every routing member of the mesh ought It has become clear that not every routing member of the mesh ought
to announce itself as a _Join Proxy_. There are a variety of local to announce itself as a _Join Proxy_. There are a variety of local
reasons by which a 6LR might not want to provide the _Join Proxy_ reasons by which a 6LR might not want to provide the _Join Proxy_
function. They include available battery power, already committed function. They include available battery power, already committed
network bandwidth, and also total available memory available for network bandwidth, and also total available memory available for
Neighbor Cache Entry slots. Neighbor Cache Entry slots.
There are other situations where the operator of the network would There are other situations where the operator of the network would
like to selective enable or disable the enrollment process in a like to selectively enable or disable the enrollment process in a
particular DODAG. particular DODAG.
As the enrollment process involves permitting unencrypted traffic As the enrollment process involves permitting unencrypted traffic
into the best effort part of a (TSCH) network, it would be better to into the best effort part of a (TSCH) network, it would be better to
have the enrollment process off when no new nodes are expected. have the enrollment process off when no new nodes are expected.
A network operator might also be able to recognize when certain parts A network operator might also be able to recognize when certain parts
of the network are overloaded and can not accomodate additional of the network are overloaded and can not accomodate additional
enrollment traffic, and it would like to adjust the enrollment enrollment traffic, and it would like to adjust the enrollment
priority (the proxy priority field of priority (the proxy priority field of [RFC9032]) among all nodes in
[I-D.ietf-6tisch-enrollment-enhanced-beacon]) among all nodes in the the subtree of a congested link.
subtree of a congested link.
This document describes a RPL DIO option that can be used to announce It may derive from multiple constraining factors, e.g., the size of
a minimum enrollment priority. The minimum priority expresses the
(lack of) willingness by the RPL DODAG globally to accept new joins.
It may derive from multiple constaining factors, e.g., the size of
the DODAG, the occupancy of the bandwidth at the Root, the memory the DODAG, the occupancy of the bandwidth at the Root, the memory
capacity at the DODAG Root, or an administrative decision. capacity at the DODAG Root, or an administrative decision.
Each potential _Join Proxy_ would this value as a base on which to Each potential _Join Proxy_ would utilize this value as a base on
add values relating to local conditions such as its Rank and number which to add values relating to local conditions such as its Rank and
of pending joins, which would degrade even further the willingness to number of pending joins, which would degrade even further the
take more joins. willingness to take more joins.
When a RPL domain is composed of multiple DODAGs, nodes at the edge When a RPL domain is composed of multiple DODAGs, nodes at the edge
of 2 DODAGs may not only join either DODAG but also move from one to of 2 DODAGs may not only join either DODAG but also move from one to
the other in order to keep their relative sizes balanced. For this, the other in order to keep their relative sizes balanced. For this,
the approximate knowledge of size of the DODAG is an essential the approximate knowledge of size of the DODAG is an essential
metric. Depending on the network policy, the size of the DODAG may metric. Depending on the network policy, the size of the DODAG may
or may not affect the minimum enrollment priority. It would be or may not affect the minimum enrollment priority. It would be
limiting its value to enforce that one is proportional to the other. limiting its value to enforce that one is proportional to the other.
This is why the current size of the DODAG is advertised separately in This is why the current size of the DODAG is advertised separately in
the new option. the new option.
As explained in [I-D.ietf-6tisch-enrollment-enhanced-beacon], higher As explained in [RFC9032], higher values decrease the likelihood of
values decrease the likelyhood of an unenrolled node sending an unenrolled node sending enrollment traffic via this path.
enrollment traffic via this path.
A network operator can set this value to the maximum value allowed, A network operator can set this value to the maximum value allowed,
effectively disable all new enrollment traffic. effectively disabling all new enrollment traffic.
Updates to the option propagate through the network according to the
trickle algorithm. The contents of the option are generated at the
DODAG Root and do not change at any hop. If the contents represent
an update that is considered important (e.g., quickly disabling any
enrollments), the option can trigger trickle timer resets at the
nodes to speed up its propagation.
2. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in "OPTIONAL" in this document are to be interpreted as described in
BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here. capitals, as shown here.
The term (1)"Join" has been used in documents like The term (1)"Join" has been used in documents like [RFC9031] to
[I-D.ietf-6tisch-minimal-security] to denote the activity of a new denote the activity of a new node authenticating itself to the
node authenticating itself to the network in order to obtain network in order to obtain authorization to become a member of the
authorization to become a member of the network. network.
In the context of the [RFC6550] RPL protocol, the term (2)"Join" has In the context of the [RFC6550] RPL protocol, the term (2)"Join" has
an alternate meaning: that of a node (already authenticating to the an alternative meaning: that of a node (already authenticating to the
network, and already authorized to be a member of the network), network, and already authorized to be a member of the network),
deciding which part of the RPL DODAG to attach to. This term "Join" deciding which part of the RPL DODAG to attach to. This term "Join"
has to do with parent selection processes. has to do with preferred parent selection processes.
In order to avoid the ambiguity of this term, this document refers to In order to avoid the ambiguity of this term, this document refers to
the process (1)"Join" as enrollment, leaving the term "Join" to mean the process (1)"Join" as enrollment, leaving the term "Join" to mean
(2)"Join". The term "onboarding" (or IoT Onboarding) is sometimes (2)"Join". The term "onboarding" (or IoT Onboarding) is increasingly
used to describe the enrollment process. However, the term _Join used to describe what was called enrollment in other documents.
Proxy_ is retained with it's meaning from However, the term _Join Proxy_ is retained with its meaning from
[I-D.ietf-6tisch-minimal-security]. [RFC9031].
3. Protocol Definition 3. Protocol Definition
With this specification, the following option is defined for This document uses the extensions mechanism designed into [RFC6550].
transmission in the DIO issued by the DODAG root and it MUST be No mechanism is needed to enable it.
propagated down the DODAG.
A 6LR which would otherwise be willing to act as a _Join Proxy_, will
examine the minimum priority field, and to that number, add any
additional local consideration (such as upstream congestion).
The Enrollment Priority can only be increased by each 6LR in value, 3.1. Option Format
to the maximum value of 0x7f.
The resulting priority, if less than 0x7f should enable the _Join The resulting priority, if less than 0x7f should enable the _Join
Proxy_ function. Proxy_ function.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type |Opt Length = 3 | exp | DODAG_Size | | Type |Opt Length = 3 | exp | DODAG_Size |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|R| min priority| |R| min priority|
+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+
Type To be assigned by IANA Type to be assigned by IANA.
exp a 4 bit unsigned integer, indicating the power of 2 that defines exp a 4 bit unsigned integer, indicating the power of 2 that defines
the unit of the DODAG Size, such that (unit=2^exp). the unit of the DODAG Size, such that (unit=2^exp).
DODAG_Size a 12 bit unsigned integer, expressing the size of the DODAG_Size a 12 bit unsigned integer, expressing the size of the
DODAG in units that depend on the exp field. The size of the DODAG in units that depend on the exp field. The size of the
DODAG is computed as (DAG_Size*2^exp). DODAG is computed as (DAG_Size*2^exp).
min.priority a 7 bit field which provides a base value for the min.priority a 7 bit field which provides a base value for the
Enhanced Beacon Join priority. A value of 0x7f (127) disables the Enhanced Beacon Join priority. A value of 0x7f (127) disables the
skipping to change at page 5, line 20 skipping to change at page 5, line 22
R a reserved bit that SHOULD be set to 0 by senders, and MUST be R a reserved bit that SHOULD be set to 0 by senders, and MUST be
ignored by receivers. This reserved bit SHOULD be copied to ignored by receivers. This reserved bit SHOULD be copied to
options created. options created.
This document uses the extensions mechanism designed into [RFC6550]. This document uses the extensions mechanism designed into [RFC6550].
It does not need any mechanism to enable it. It does not need any mechanism to enable it.
The size of the DODAG is measured by the Root based one the DAO The size of the DODAG is measured by the Root based one the DAO
activity. It represents a number of routes not a number of nodes, activity. It represents a number of routes not a number of nodes,
and can only be used to infer a load in an homogeneous network where and can only be used to infer a load in a homogeneous network where
each node advertises the same number of addresses and generates each node advertises the same number of addresses and generates
roughly the same amount of traffic. The size may slightly change roughly the same amount of traffic. The size may slightly change
between a DIO and the next, so the value transmitted must be between a DIO and the next, so the value transmitted MUST be
considered as an approxmation. considered as an approximation.
Future work like [I-D.ietf-roll-capabilities] will enable collection Future work like [I-D.ietf-roll-capabilities] will enable collection
of capabilities such as this one in reports to the DODAG root. of capabilities such as this one in reports to the DODAG root.
3.1. Upwards compatibility 3.2. Upwards compatibility
A 6LR which did not support this option would not act on it, or copy A 6LR which did not support this option would not act on it, or copy
it into it's DIO messages. Children and grandchildren nodes would it into it's DIO messages. Children and grandchildren nodes would
therefore not receive any telemetry via that path, and need to assume therefore not receive any telemetry via that path, and need to assume
a default value. a default value.
6LRs that support this option, but whose parent does not send it A 6LR which did not support this option would not act on it or
SHOULD assume a value of 0x40 as their base value. The nodes then propagate it in its DIO messages. In effect, the 6LR's children and
adjust this base value based upon their observed congestion, emitting grandchildren nodes could not receive any telemetry via that path.
their adjusted DIO value to their children. Therefore, 6LRs that support this option but do not receive it via
any path SHOULD assume a default value of 0x40 as their base value
for the Enhanced Beacon Join Priority.
A 6LR downstream of a 6LR where there was an interruption in the A 6LR downstream of a 6LR where there was an interruption in the
telemetry could err in two directions: telemetry could err in two directions:
* if the value implied by the base value of 0x40 was too low, then a * if the value implied by the base value of 0x40 was too low, then a
6LR might continue to attract enrollment traffic when none should 6LR might continue to attract enrollment traffic when none should
have been collected. This is a stressor for the network, but this have been collected. This is a stressor for the network, but this
would also be what would occur without this option at all. would also be what would occur without this option at all.
* if the value implied by the base value of 0x40 was too high, then * if the value implied by the base value of 0x40 was too high, then
skipping to change at page 6, line 41 skipping to change at page 6, line 41
confidentiality mechanisms applied to it. confidentiality mechanisms applied to it.
A malicious node (that was part of the RPL control plane) could see A malicious node (that was part of the RPL control plane) could see
these options and could, based upon the observed minimal enrollment these options and could, based upon the observed minimal enrollment
priority signal a confederate that it was a good time to send priority signal a confederate that it was a good time to send
malicious join traffic. malicious join traffic.
Such as a malicious node, being already part of the RPL control Such as a malicious node, being already part of the RPL control
plane, could also send DIOs with a different minimal enrollment plane, could also send DIOs with a different minimal enrollment
priority which would cause downstream mesh routers to change their priority which would cause downstream mesh routers to change their
_Join Proxy_ behaviour. _Join Proxy_ behavior.
Lower minimal priorities would cause downstream nodes to accept more Lower minimal priorities would cause downstream nodes to accept more
pledges than the network was expecting, and higher minimal priorities pledges than the network was expecting, and higher minimal priorities
cause the enrollment process to stall. cause the enrollment process to stall.
The use of layer-2 or layer-3 security for RPL control messages The use of layer-2 or layer-3 security for RPL control messages
prevents the above two attacks, by preventing malicious nodes from prevents the above two attacks, by preventing malicious nodes from
becoming part of the control plane. A node that is attacked and has becoming part of the control plane. A node that is attacked and has
malware placed on it creates vulnerabilities in the same way such an malware placed on it creates vulnerabilities in the same way such an
attack on any node involved in Internet routing protocol does. The attack on any node involved in Internet routing protocol does. The
rekeying provisions of [I-D.ietf-6tisch-minimal-security] exist to rekeying provisions of [RFC9031] exist to permit an operator to
permit an operator to remove such nodes from the network easily. remove such nodes from the network easily.
5. Privacy Considerations 5. Privacy Considerations
There are no new privacy issues caused by this extension. There are no new privacy issues caused by this extension.
6. IANA Considerations 6. IANA Considerations
Allocate a new number TBD01 from Registry RPL Control Message Allocate a new number TBD01 from Registry RPL Control Message
Options. This entry should be called Minimum Enrollment Priority. Options. This entry should be called Minimum Enrollment Priority.
7. Acknowledgements 7. Acknowledgements
This has been reviewed by Konrad Iwanicki and Thomas Wattenye. This has been reviewed by Konrad Iwanicki and Thomas Watteyne.
8. References 8. References
8.1. Normative References 8.1. Normative References
[I-D.ietf-6tisch-enrollment-enhanced-beacon]
(editor), D. D. and M. Richardson, "Encapsulation of
6TiSCH Join and Enrollment Information Elements", Work in
Progress, Internet-Draft, draft-ietf-6tisch-enrollment-
enhanced-beacon-14, 21 February 2020,
<https://www.ietf.org/archive/id/draft-ietf-6tisch-
enrollment-enhanced-beacon-14.txt>.
[I-D.ietf-6tisch-minimal-security]
Vucinic, M., Simon, J., Pister, K., and M. Richardson,
"Constrained Join Protocol (CoJP) for 6TiSCH", Work in
Progress, Internet-Draft, draft-ietf-6tisch-minimal-
security-15, 10 December 2019,
<https://www.ietf.org/archive/id/draft-ietf-6tisch-
minimal-security-15.txt>.
[ieee802154] [ieee802154]
IEEE standard for Information Technology, ., "IEEE Std. IEEE standard for Information Technology, ., "IEEE Std.
802.15.4, Part. 15.4: Wireless Medium Access Control (MAC) 802.15.4, Part. 15.4: Wireless Medium Access Control (MAC)
and Physical Layer (PHY) Specifications for Low-Rate and Physical Layer (PHY) Specifications for Low-Rate
Wireless Personal Area Networks", n.d., Wireless Personal Area Networks", n.d.,
<http://standards.ieee.org/findstds/ <http://standards.ieee.org/findstds/
standard/802.15.4-2015.html>. standard/802.15.4-2015.html>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
skipping to change at page 8, line 33 skipping to change at page 8, line 21
[RFC7554] Watteyne, T., Ed., Palattella, M., and L. Grieco, "Using [RFC7554] Watteyne, T., Ed., Palattella, M., and L. Grieco, "Using
IEEE 802.15.4e Time-Slotted Channel Hopping (TSCH) in the IEEE 802.15.4e Time-Slotted Channel Hopping (TSCH) in the
Internet of Things (IoT): Problem Statement", RFC 7554, Internet of Things (IoT): Problem Statement", RFC 7554,
DOI 10.17487/RFC7554, May 2015, DOI 10.17487/RFC7554, May 2015,
<https://www.rfc-editor.org/info/rfc7554>. <https://www.rfc-editor.org/info/rfc7554>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>. May 2017, <https://www.rfc-editor.org/info/rfc8174>.
8.2. Informative References [RFC9031] Vučinić, M., Ed., Simon, J., Pister, K., and M.
Richardson, "Constrained Join Protocol (CoJP) for 6TiSCH",
RFC 9031, DOI 10.17487/RFC9031, May 2021,
<https://www.rfc-editor.org/info/rfc9031>.
[I-D.ietf-6tisch-dtsecurity-secure-join] [RFC9032] Dujovne, D., Ed. and M. Richardson, "Encapsulation of
Richardson, M., "6tisch Secure Join protocol", Work in 6TiSCH Join and Enrollment Information Elements",
Progress, Internet-Draft, draft-ietf-6tisch-dtsecurity- RFC 9032, DOI 10.17487/RFC9032, May 2021,
secure-join-01, 25 February 2017, <https://www.rfc-editor.org/info/rfc9032>.
<https://www.ietf.org/archive/id/draft-ietf-6tisch-
dtsecurity-secure-join-01.txt>. 8.2. Informative References
[I-D.ietf-roll-capabilities] [I-D.ietf-roll-capabilities]
Jadhav, R. A., Thubert, P., Richardson, M., and R. N. Jadhav, R. A., Thubert, P., Richardson, M., and R. N.
Sahoo, "RPL Capabilities", Work in Progress, Internet- Sahoo, "RPL Capabilities", Work in Progress, Internet-
Draft, draft-ietf-roll-capabilities-08, 17 March 2021, Draft, draft-ietf-roll-capabilities-09, 9 November 2021,
<https://www.ietf.org/archive/id/draft-ietf-roll- <https://www.ietf.org/archive/id/draft-ietf-roll-
capabilities-08.txt>. capabilities-09.txt>.
Appendix A. Change history Appendix A. Change history
version 00. version 00.
Contributors Contributors
Authors' Addresses Authors' Addresses
Michael Richardson Michael Richardson
 End of changes. 37 change blocks. 
99 lines changed or deleted 82 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/