IETF-Announce List
![[Feed]](feedicon16.png) New RFCs
New and Revived Drafts
- SCION Overview (draft-dekater-panrg-scion-overview)
By Corine de Kater, Nicola Rustignoli, Adrian Perrig, 2022-05-18 TXT HTML PDF
Abstract: The Internet has been successful beyond even the most optimistic expectations and is intertwined with many aspects of our society. But although the world-wide communication system guarantees global reachability, the Internet has not primarily been built with security and high availability in mind. The next-generation inter-network architecture SCION (Scalability, Control, and Isolation On Next- generation networks) aims to address these issues. SCION was explicitly designed from the outset to offer security and availability by default. The architecture provides route control, failure isolation, and trust information for end-to-end communication. It also enables multi-path routing between hosts.
- An Advanced Scheduling Option for Multipath QUIC (draft-ma-quic-mpqoe)
By Yunfei Ma, Yanmei Liu, Christian Huitema, Xiaobo Yu, 2022-05-17 TXT HTML PDF
Abstract: This document specifies an advanced scheduling option for multipath QUIC protocol. The goal is to enable the use of multipath QUIC for applications that have tight latency constraints. For general purpose multipath packet scheduling, please refer to [I-D.bonaventure-iccrg-schedulers].
- IPv4-Only PE Design for IPv6-NLRI with IPv4-NH (draft-mishra-bess-ipv4-only-pe-design)
By Gyan Mishra, Jeff Tantsura, 2022-05-18 TXT HTML PDF
Abstract: As Enterprises and Service Providers try to decide whether or not to upgrade their brown field or green field MPLS/SR core to an IPv6 transport, Multiprotocol BGP (MP-BGP)now plays an important role in the transition of their Provider (P) core network as well as Provider Edge (PE) Edge network from IPv4 to IPv6. Operators must be able to continue to support IPv4 customers when both the Core and Edge networks are IPv4-Only.
- Connecting IPv4 Islands over IPv6 Core using IPv4 Provider Edge Routers (4PE) (draft-mishra-idr-v4-islands-v6-core-4pe)
By Gyan Mishra, Jeff Tantsura, 2022-05-18 TXT HTML PDF
Abstract: The 4Provider Edge (4PE) design explains how to interconnect IPv4 islands over a Multiprotocol Label Switching (MPLS) LDPv6 enabled, Segment Routing (SR) enabled SR-MPLS IPv6 or SRv6 IPv6-Only core. The 4PE routers exchange the IPv4 reachability information transparently over the core using the Multiprotocol Border Gateway Protocol (MP-BGP) over IPv6. In doing so, the BGP Next Hop field is used to convey the IPv6 address of the 4PE router so that dynamically established IPv6-signaled MPLS Label Switched Paths (LSPs) or SRv6 Network Programming IPv6 forwarding path instantiation and can be utilized without any explicit tunnel configuration.
- SRv6 Upper-Layer Checksum (draft-xiao-6man-srv6-checksum)
By Xiao Min, Liu Yao, Chongfeng Xie, 2022-05-18 TXT HTML PDF
Abstract: This document provides a unified mechanism that makes the upper-layer checksum computation rule defined in IPv6 Specification applicable, whether SRv6 SIDs or SRv6 compressed SIDs are used.
Updated Drafts
- The IPv6 Compact Routing Header (CRH) (draft-bonica-6man-comp-rtg-hdr)
By Ron Bonica, Yuji Kamite, Andrew Alston, Daniam Henriques, Luay Jalil, 2022-05-18 TXT HTML PDF
Abstract: This document defines two new Routing header types. Collectively, they are called the Compact Routing Headers (CRH). Individually, they are called CRH-16 and CRH-32.
- Common implementation anti-patterns related to Domain Name System (DNS) resource record (RR) processing (draft-dashevskyi-dnsrr-antipatterns)
By Stanislav Dashevskyi, Daniel Santos, Jos Wetzels, Amine Amri, 2022-05-18 TXT HTML PDF
Abstract: This memo describes common vulnerabilities related to Domain Name System (DNS) response record (RR) processing as seen in several DNS client implementations. These vulnerabilities may lead to successful Denial-of-Service and Remote Code Execution attacks against the affected software. Where applicable, violations of RFC 1035 are mentioned.
- IPv6 Neighbor Discovery Multicast Address Listener Registration (draft-ietf-6lo-multicast-registration)
By Pascal Thubert, 2022-05-18 TXT HTML PDF
Abstract: This document updates RFC 8505 to enable a listener to register an IPv6 anycast or and subscribe to an IPv6 multicast address; the draft updates RFC 6550 (RPL) to add a new Non-Storing Multicast Mode and a new support for anycast addresses in Storing and Non-Storing Modes. This document extends RFC 9010 to enable the 6LR to inject the anycast and multicast addresses in RPL.
- Transmission of IPv6 Packets over PLC Networks (draft-ietf-6lo-plc)
By Jianqiang Hou, Bing Liu, Yong-Geun Hong, Xiaojun Tang, Charles Perkins, 2022-05-18 TXT HTML PDF
Abstract: Power Line Communication (PLC), namely using the electric-power lines for indoor and outdoor communications, has been widely applied to support Advanced Metering Infrastructure (AMI), especially smart meters for electricity. The existing electricity infrastructure facilitates the expansion of PLC deployments due to its potential advantages in terms of cost and convenience. Moreover, a wide variety of accessible devices raises the potential demand of IPv6 for future applications. This document describes how IPv6 packets are transported over constrained PLC networks, such as ITU-T G.9903, IEEE 1901.1 and IEEE 1901.2.
- I2NSF Consumer-Facing Interface YANG Data Model (draft-ietf-i2nsf-consumer-facing-interface-dm)
By Jaehoon Jeong, Chaehong Chung, Tae-Jin Ahn, Rakesh Kumar, Susan Hares, 2022-05-18 TXT HTML PDF
Abstract: This document describes an information model and the corresponding YANG data model for the Consumer-Facing Interface of the Security Controller in an Interface to Network Security Functions (I2NSF) system in a Network Functions Virtualization (NFV) environment. The information model defines various types of managed objects and the relationship among them needed to build the flow policies from users' perspective. This information model is based on the "Event- Condition-Action" (ECA) policy model defined by a capability information model for I2NSF, and the YANG data model is defined for enabling different users of a given I2NSF system to define, manage, and monitor flow policies within an administrative domain.
- Ephemeral Diffie-Hellman Over COSE (EDHOC) (draft-ietf-lake-edhoc)
By Goeran Selander, John Mattsson, Francesca Palombini, 2022-05-18 TXT HTML PDF
Abstract: This document specifies Ephemeral Diffie-Hellman Over COSE (EDHOC), a very compact and lightweight authenticated Diffie-Hellman key exchange with ephemeral keys. EDHOC provides mutual authentication, forward secrecy, and identity protection. EDHOC is intended for usage in constrained scenarios and a main use case is to establish an OSCORE security context. By reusing COSE for cryptography, CBOR for encoding, and CoAP for transport, the additional code size can be kept very low.
- IGP Flexible Algorithm (draft-ietf-lsr-flex-algo)
By Peter Psenak, Shraddha Hegde, Clarence Filsfils, Ketan Talaulikar, Arkadiy Gulko, 2022-05-18 TXT HTML PDF
Abstract: IGP protocols traditionally compute best paths over the network based on the IGP metric assigned to the links. Many network deployments use RSVP-TE based or Segment Routing based Traffic Engineering to steer traffic over a path that is computed using different metrics or constraints than the shortest IGP path. This document proposes a solution that allows IGPs themselves to compute constraint-based paths over the network. This document also specifies a way of using Segment Routing (SR) Prefix-SIDs and SRv6 locators to steer packets along the constraint-based paths.
- A Network YANG Model for Service Attachment Points (SAPs) (draft-ietf-opsawg-sap)
By Mohamed Boucadair, Oscar de Dios, samier barguil, Qin WU, Victor Lopez, 2022-05-18 TXT HTML PDF
Abstract: This document defines a YANG data model for representing an abstract view of the provider network topology that contains the points from which its services can be attached (e.g., basic connectivity, VPN, network slices). Also, the model can be used to retrieve the points where the services are actually being delivered to customers (including peer networks).
- A YANG Data Model for Challenge-Response-based Remote Attestation Procedures using TPMs (draft-ietf-rats-yang-tpm-charra)
By Henk Birkholz, Michael Eckel, Shwetha Bhandari, Eric Voit, Bill Sulzen, Liang Xia, Tom Laffey, Guy Fedorkow, 2022-05-18 TXT HTML PDF
Abstract: This document defines YANG RPCs and a few configuration nodes required to retrieve attestation evidence about integrity measurements from a device, following the operational context defined in TPM-based Network Device Remote Integrity Verification. Complementary measurement logs are also provided by the YANG RPCs, originating from one or more roots of trust for measurement (RTMs). The module defined requires at least one TPM 1.2 or TPM 2.0 as well as a corresponding TPM Software Stack (TSS), or equivalent hardware implementations that include the protected capabilities as provided by TPMs as well as a corresponding software stack, included in the device components of the composite device the YANG server is running on.
- Federated Authentication for the Registration Data Access Protocol (RDAP) using OpenID Connect (draft-ietf-regext-rdap-openid)
By Scott Hollenbeck, 2022-05-18 TXT HTML PDF
Abstract: The Registration Data Access Protocol (RDAP) provides "RESTful" web services to retrieve registration metadata from domain name and regional internet registries. RDAP allows a server to make access control decisions based on client identity, and as such it includes support for client identification features provided by the Hypertext Transfer Protocol (HTTP). Identification methods that require clients to obtain and manage credentials from every RDAP server operator present management challenges for both clients and servers, whereas a federated authentication system would make it easier to operate and use RDAP without the need to maintain server-specific client credentials. This document describes a federated authentication system for RDAP based on OpenID Connect.
- Intent Classification (draft-irtf-nmrg-ibn-intent-classification)
By Chen Li, Olga Havel, Adriana Olariu, Pedro Martinez-Julia, Jeferson Nobre, Diego Lopez, 2022-05-18 TXT HTML PDF
Abstract: Intent is an abstract, high-level policy used to operate the network. Intent-based management system includes an interface for users to input requests and an engine to translate the intents into the network configuration and manage their life-cycle.
- Uninterruptible Power Supply (UPS) Management Protocol -- Commands and Responses (draft-rprice-ups-management-protocol)
By Roger Price, 2022-05-18 TXT HTML PDF
Abstract: This document describes the command/response protocol currently used in the management of Uninterruptible Power Supply (UPS) units and other power devices often deployed in small offices, and in IT installations subject to an erratic public power supply. The UPS units typically interface to an Attachment Daemon in the system they protect. This daemon is in turn polled by a Management Daemon which notifies users and system administrators of power supply incidents, and automates system shutdown decisions. The commands and responses described by this document are exchanged between the UPS Attachment Daemon and the Management Daemon. The practice current when this protocol was first developed risks weak security and this is addressed in the Security Considerations sections of this document.
Expired Drafts
- Use Identity as Raw Public Key in EAP-TLS (draft-chen-emu-eap-tls-ibs)
By chenmeiling, Li Su, Haiguang Wang, 2021-11-14 TXT HTML PDF
Abstract: This document specifies the use of identity as a raw public key in EAP-TLS, EAP-TLS for TLS1.2 is defined in RFC 5216 and EAP-TLS for TLS1.3 is defined in the draft draft-ietf-emu-eap-tls13 and draft- ietf-tls-dtls13. The procedures of EAP-TLS-IBS will consistent with EAP-TLS's interactive process, Identity-based signature will be extended to support EAP-TLS's signature algorithms.
- Path Computation Element Protocol(PCEP) Extension for Color (draft-rajagopalan-pce-pcep-color)
By Balaji Rajagopalan, Vishnu Beeram, Shaofu Peng, Quan Xiong, Mike Koldychev, Gyan Mishra, 2021-11-14 TXT HTML PDF
Abstract: Color is a 32-bit numerical attribute that is used to associate a Traffic Engineering (TE) tunnel or policy with an intent or objective (e.g. low latency). This document specifies an extension to Path Computation Element Protocol (PCEP) to carry the color attribute.
- Provisioning Initial Device Identifiers into Home Routers (draft-richardson-homerouter-provisioning)
By Michael Richardson, 2021-11-14 TXT HTML PDF
Abstract: This document describes a method to provisioning an 802.1AR-style certificate into a router intended for use in the home.
|
Drafts Sent to IESG
IESG Progress
- IP-TFS: Aggregation and Fragmentation Mode for ESP and its Use for IP Traffic Flow Security (draft-ietf-ipsecme-iptfs): In Last Call » Waiting for Writeup
By Christian Hopps, 2021-11-08 TXT HTML PDF
Abstract: This document describes a mechanism for aggregation and fragmentation of IP packets when they are being encapsulated in ESP payload. This new payload type can be used for various purposes such as decreasing encapsulation overhead for small IP packets; however, the focus in this document is to enhance IPsec traffic flow security (IP-TFS) by adding Traffic Flow Confidentiality (TFC) to encrypted IP encapsulated traffic. TFC is provided by obscuring the size and frequency of IP traffic using a fixed-sized, constant-send-rate IPsec tunnel. The solution allows for congestion control as well as non- constant send-rate usage.
- Greasing the QUIC Bit (draft-ietf-quic-bit-grease): AD Evaluation » In Last Call
By Martin Thomson, 2022-05-17 TXT HTML PDF
Abstract: This document describes a method for negotiating the ability to send an arbitrary value for the second-to-most significant bit in QUIC packets.
Drafts Sent to RFC Editor
- On storing CBOR encoded items on stable storage (draft-ietf-cbor-file-magic): IESG Evaluation::AD Followup » RFC Ed Queue
By Michael Richardson, Carsten Bormann, 2022-05-05 TXT HTML PDF
Abstract: This document defines a stored ("file") format for CBOR data items that is friendly to common file type recognition systems such as the Unix file(1) command.
- I2NSF NSF Monitoring Interface YANG Data Model (draft-ietf-i2nsf-nsf-monitoring-data-model): Approved-announcement to be sent::AD Followup » RFC Ed Queue
By Jaehoon Jeong, Patrick Lingga, Susan Hares, Liang Xia, Henk Birkholz, 2022-04-19 TXT HTML PDF
Abstract: This document proposes an information model and the corresponding YANG data model of an interface for monitoring Network Security Functions (NSFs) in the Interface to Network Security Functions (I2NSF) framework. If the monitoring of NSFs is performed with the NSF monitoring interface in a standard way, it is possible to detect the indication of malicious activity, anomalous behavior, the potential sign of denial-of-service attacks, or system overload in a timely manner. This monitoring functionality is based on the monitoring information that is generated by NSFs. Thus, this document describes not only an information model for the NSF monitoring interface along with a YANG tree diagram, but also the corresponding YANG data model.
Other Status Changes
RFC Editor Status Changes
IPR Disclosures
IESG/IAB/IAOC/Trust Minutes
Liaison Statements
Classified Ads
|
WGs marked with an 
