IETF-Announce List
New RFCs
New and Revived Drafts
- Identity Use Cases in Browser Catalog (draft-bertocci-identity-in-browser)
By Vittorio Bertocci, George Fletcher, 2021-01-22 TXT HTML PDF
Abstract: This informational document aims to gather in a single place all the most important scenarios in which identity protocols in current use leverage web browser features to achieve their goals and deliver their intended user experience. The purpose of compiling this scenario collection is to make it easier for the identity community to engage with the browser vendors, and in particular to preserve (or enhance) user experience and expressive power of the identity protocols in mainstream use as browsers introduce new privacy preserving restrictions and new identity tailored features. By providing a single artifact, listing scenarios in a consistent format, we hope to anchor the conversation on concrete outcomes and impact of changes on end users, developers, providers and in general everyone contributing to identity in the industry.
- Enhanced JWT Claim Constraints for STIR Certificates (draft-housley-stir-enhance-rfc8226)
By Russ Housley, 2021-01-21 TXT HTML PDF
Abstract: RFC 8226 provides a certificate extension to constrain the JWT claims that can be included in the PASSporT as defined in RFC 8225. If the signer includes a JWT claim outside the constraint boundaries, then the recipient will reject the entire PASSporT. This document defines additional ways that the JWT claims can be constrained.
- YANG Data Model for IS-IS SRv6 (draft-hu-isis-srv6-yang)
By Zhibo Hu, Dan Ye, Yingzhen Qu, Xuesong Geng, Qiufang Ma, 2021-01-22 TXT HTML PDF
Abstract: This document defines a YANG data model that can be used to configure and manage IS-IS SRv6 [I-D.ietf-lsr-isis-srv6-extensions].
- Revised IANA Considerations for DNSSEC (draft-ietf-dnsop-dnssec-iana-cons)
By Paul Hoffman, 2021-01-22 TXT HTML PDF
Abstract: This document changes the review requirements needed to get some DNSSEC algorithms and resource records added to IANA registries. It updates RFC 6014 to include hash algorithms for DS records and NSEC3 parameters. It also updates RFC 5155 and RFC 6014, which have requirements for DNSSEC algorithms. It also updates RFC 8624 to say that algorithms that are described in RFCs that are not on standards track are only at the "MAY" level of implementation recommendation.
- Timing Parameters in the RPKI based Route Origin Validation Supply Chain (draft-ietf-sidrops-rpki-rov-timing)
By Randy Bush, Jay Borkenhagen, Tim Bruijnzeels, Job Snijders, 2021-01-21 TXT HTML PDF
Abstract: This document explores, and makes recommendations for, timing of Resource Public Key Infrastructure publication of ROV data, their propagation, and their use in Relying Parties and routers.
- A profile for Resource Tagged Attestations (RTAs) (draft-ietf-sidrops-rpki-rta)
By George Michaelson, Geoff Huston, Tom Harrison, Tim Bruijnzeels, Martin Hoffmann, 2021-01-21 TXT HTML PDF
Abstract: This document defines a Cryptographic Message Syntax (CMS) profile for a general purpose Resource Tagged Attestation (RTA), for use with the Resource Public Key Infrastructure (RPKI). The objective is to allow an attestation, in the form of an arbitrary digital object, to be signed "with resources", and for validation to provide an outcome of "valid with resources". The profile is intended to provide for the signing of an attestation with an arbitrary set of resources.
- Delegated Credentials for TLS (draft-ietf-tls-subcerts)
By Richard Barnes, Subodh Iyengar, Nick Sullivan, Eric Rescorla, 2021-01-24 TXT HTML PDF
Abstract: The organizational separation between the operator of a TLS endpoint and the certification authority can create limitations. For example, the lifetime of certificates, how they may be used, and the algorithms they support are ultimately determined by the certification authority. This document describes a mechanism by which operators may delegate their own credentials for use in TLS, without breaking compatibility with peers that do not support this specification.
- YANG Data Model for MPLS LSP Ping (draft-nainar-mpls-lsp-ping-yang)
By Nagendra Nainar, Carlos Pignataro, Guangying Zheng, 2021-01-21 TXT HTML PDF
Abstract: This document describes the YANG data model for Multi-Protocol Label Switching (MPLS) LSP Ping. The model is based on YANG 1.1 as defined in RFC 7950 and conforms to the Network Management Datastore Architecture (NMDA) as described in RFC 8342.
- Byzantine Fault Tolerant Set Reconciliation (draft-summermatter-set-union)
By Elias Summermatter, Christian Grothoff, 2021-01-23 TXT HTML PDF
Abstract: This document contains a protocol specification for Byzantine fault- tolerant Set Reconciliation.
- Using TLS Application-Layer Protocol Settings (ALPS) in HTTP (draft-vvv-httpbis-alps)
By Victor Vasiliev, 2021-01-21 TXT HTML PDF
Abstract: This document describes the use of TLS Application-Level Protocol Settings (ALPS) in HTTP/2 and HTTP/3. Additionally, it defines a set of additional HTTP SETTINGS parameters that would normally be impractical without ALPS.
Updated Drafts
- Application-Level Profile Semantics (ALPS) (draft-amundsen-richardson-foster-alps)
By Mike Amundsen, Leonard Richardson, Mark Foster, 2021-01-23 TXT HTML PDF
Abstract: This document describes ALPS, a data format for defining simple descriptions of application-level semantics, similar in complexity to HTML microformats. An ALPS document can be used as a profile to explain the application semantics of a document with an application- agnostic media type (such as HTML, HAL, Collection+JSON, Siren, etc.). This increases the reusability of profile documents across media types.
- Requirements for Discovering Designated Resolvers (draft-box-add-requirements)
By Chris Box, Tommy Pauly, Christopher Wood, Tirumaleswar Reddy.K, Daniel Migault, 2021-01-24 TXT HTML PDF
Abstract: Adaptive DNS Discovery is chartered to define mechanisms that allow clients to discover and select encrypted DNS resolvers. This document describes one common use case, namely that of clients that connect to a network but where they cannot securely authenticate the identity of that network. In such cases the client would like to learn which encrypted DNS resolvers are designated by that network or by the Do53 resolver offered by that network. It lists requirements that any proposed discovery mechanisms should seek to address.
- DHCP and Router Advertisement Options for Encrypted DNS Discovery (draft-btw-add-home)
By Mohamed Boucadair, Tirumaleswar Reddy.K, Dan Wing, Neil Cook, Tommy Jensen, 2021-01-22 TXT HTML PDF
Abstract: The document specifies new DHCP and IPv6 Router Advertisement options to discover encrypted DNS servers (e.g., DNS-over-HTTPS, DNS-over- TLS, DNS-over-QUIC). Particularly, it allows to learn an authentication domain name together with a list of IP addresses and a port number to reach such encrypted DNS servers. The discovery of DNS-over-HTTPS URI Templates is also discussed.
- Architecture for Use of BGP as Central Controller (draft-cth-rtgwg-bgp-control)
By Yujia Luo, Liang Ou, Xiang Huang, Gyan Mishra, Huaimo Chen, Shunwan Zhuang, Zhenbin Li, 2021-01-24 TXT HTML PDF
Abstract: BGP is a core part of a network including Software-Defined Networking (SDN) system. It has the traffic engineering information on the network topology and can compute optimal paths for a given traffic flow across the network.
- Security Needs for the NFSv4 Protocols (draft-dnoveck-nfsv4-security-needs)
By David Noveck, Chuck Lever, 2021-01-21 TXT HTML PDF
Abstract: This document discusses the inadequate approach to security within the family of NFSv4 protocol specifications and proposes steps to correct the situation. Because the security architecture is similar for all NFSv4 minor versions, we recommend a single new standards- track document to encapsulate NFSv4 security fundamentals, and propose the introduction of several additional security-related documents.
- IPv6 Source Routing for ultralow Latency (draft-foglar-ipv6-ull-routing)
By Andreas Foglar, Mike Parker, Theodoros Rokkas, 2021-01-22 TXT HTML PDF
Abstract: This Internet-Draft describes a hierarchical addressing scheme for IPv6, intentionally very much simplified to allow for very fast source routing experimentation using simple forwarding nodes. Research groups evaluate achievable latency reduction for special applications such as radio access networks, industrial networks or other networks requiring very low latency.
- BGP Usage for SDWAN Overlay Networks (draft-ietf-bess-bgp-sdwan-usage)
By Linda Dunbar, Jim Guichard, Ali Sajassi, John Drake, Basil Najem, David Carrel, 2021-01-22 TXT HTML PDF
Abstract: The document discusses the usage and applicability of BGP as control plane for multiple SDWAN scenarios. The goal of the document is to demonstrate how BGP-based control plane is used for large scale SDWAN overlay networks with little manual intervention.
- Multicast VPN Fast Upstream Failover (draft-ietf-bess-mvpn-fast-failover)
By Thomas Morin, Robert Kebler, Greg Mirsky, 2021-01-21 TXT HTML PDF
Abstract: This document defines Multicast Virtual Private Network (VPN) extensions and procedures that allow fast failover for upstream failures by allowing downstream Provider Edges (PEs) to consider the status of Provider-Tunnels (P-tunnels) when selecting the Upstream PE for a VPN multicast flow. The fast failover is enabled by using RFC 8562 Bidirectional Forwarding Detection (BFD) for Multipoint Networks and the new BGP Attribute - BFD Discriminator. Also, the document introduces a new BGP Community, Standby PE, extending BGP Multicast VPN routing so that a C-multicast route can be advertised toward a Standby Upstream PE.
- Experimental DMARC Extension For Public Suffix Domains (draft-ietf-dmarc-psd)
By Scott Kitterman, 2021-01-23 TXT HTML PDF
Abstract: DMARC (Domain-based Message Authentication, Reporting, and Conformance) is a scalable mechanism by which a mail-originating organization can express domain-level policies and preferences for message validation, disposition, and reporting, that a mail-receiving organization can use to improve mail handling. The design of DMARC presumes that domain names represent either nodes in the tree below which registrations occur, or nodes where registrations have occurred; it does not permit a domain name to have both of these properties simultaneously. Since its deployment in 2015, use of DMARC has shown a clear need for the ability to express policy for these domains as well.
- Drone Remote Identification Protocol (DRIP) Architecture (draft-ietf-drip-arch)
By Stuart Card, Adam Wiethuechter, Robert Moskowitz, Shuai Zhao, Andrei Gurtov, 2021-01-21 TXT HTML PDF
Abstract: This document defines an architecture for protocols and services to support Unmanned Aircraft System Remote Identification and tracking (UAS RID), plus RID-related communications, including required architectural building blocks and their interfaces.
- Internet Message Access Protocol (IMAP) - Version 4rev2 (draft-ietf-extra-imap4rev2)
By Alexey Melnikov, Barry Leiba, 2021-01-24 TXT HTML PDF
Abstract: The Internet Message Access Protocol, Version 4rev2 (IMAP4rev2) allows a client to access and manipulate electronic mail messages on a server. IMAP4rev2 permits manipulation of mailboxes (remote message folders) in a way that is functionally equivalent to local folders. IMAP4rev2 also provides the capability for an offline client to resynchronize with the server.
- Certificate Management Protocol (CMP) Updates (draft-ietf-lamps-cmp-updates)
By Hendrik Brockhaus, David von Oheimb, 2021-01-22 TXT HTML PDF
Abstract: This document contains a set of updates to the syntax and transport of Certificate Management Protocol (CMP) version 2. This document updates RFC 4210 and RFC 6712.
- Special Purpose Label terminology (draft-ietf-mpls-spl-terminology)
By Loa Andersson, Kireeti Kompella, Adrian Farrel, 2021-01-21 TXT HTML PDF
Abstract: This document discusses and recommends a terminology that may be used when MPLS Special Purpose Labels (SPL) are specified and documented.
- JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens (draft-ietf-oauth-access-token-jwt)
By Vittorio Bertocci, 2021-01-22 TXT HTML PDF
Abstract: This specification defines a profile for issuing OAuth 2.0 access tokens in JSON web token (JWT) format. Authorization servers and resource servers from different vendors can leverage this profile to issue and consume access tokens in interoperable manner.
- Network Telemetry Framework (draft-ietf-opsawg-ntf)
By Haoyu Song, Fengwei Qin, Pedro Martinez-Julia, Laurent Ciavaglia, Aijun Wang, 2021-01-21 TXT HTML PDF
Abstract: Network telemetry is a technology for gaining network insight and facilitating efficient and automated network management. It encompasses various techniques for remote data generation, collection, correlation, and consumption. This document describes an architectural framework for network telemetry, motivated by challenges that are encountered as part of the operation of networks and by the requirements that ensue. Network telemetry, as necessitated by best industry practices, covers technologies and protocols that extend beyond conventional network Operations, Administration, and Management (OAM). The presented network telemetry framework promises better flexibility, scalability, accuracy, coverage, and performance. In addition, it facilitates the implementation of automated control loops to address both today's and tomorrow's network operational needs. This document clarifies the terminologies and classifies the modules and components of a network telemetry system from several different perspectives. The framework and taxonomy help to set a common ground for the collection of related work and provide guidance for related technique and standard developments.
- PCEP Procedures and Protocol Extensions for Using PCE as a Central Controller (PCECC) of LSPs (draft-ietf-pce-pcep-extension-for-pce-controller)
By Zhenbin Li, Shuping Peng, Mahendra Negi, Quintin Zhao, Chao Zhou, 2021-01-22 TXT HTML PDF
Abstract: The Path Computation Element (PCE) is a core component of Software- Defined Networking (SDN) systems. It can compute optimal paths for traffic across a network and can also update the paths to reflect changes in the network or traffic demands.
- PCEP extension to support Segment Routing Policy Candidate Paths (draft-ietf-pce-segment-routing-policy-cp)
By Mike Koldychev, Siva Sivabalan, Colby Barth, Shuping Peng, Hooman Bidgoli, 2021-01-22 TXT HTML PDF
Abstract: This document introduces a mechanism to specify a Segment Routing (SR) policy, as a collection of SR candidate paths. An SR policy is identified by <headend, color, endpoint> tuple. An SR policy can contain one or more candidate paths where each candidate path is identified in PCEP by its uniquely assigned PLSP-ID. This document proposes extension to PCEP to support association among candidate paths of a given SR policy. The mechanism proposed in this document is applicable to both MPLS and IPv6 data planes of SR.
- Applicability of the QUIC Transport Protocol (draft-ietf-quic-applicability)
By Mirja Kuehlewind, Brian Trammell, 2021-01-22 TXT HTML PDF
Abstract: This document discusses the applicability of the QUIC transport protocol, focusing on caveats impacting application protocol development and deployment over QUIC. Its intended audience is designers of application protocol mappings to QUIC, and implementors of these application protocols.
- Manageability of the QUIC Transport Protocol (draft-ietf-quic-manageability)
By Mirja Kuehlewind, Brian Trammell, 2021-01-22 TXT HTML PDF
Abstract: This document discusses manageability of the QUIC transport protocol, focusing on caveats impacting network operations involving QUIC traffic. Its intended audience is network operators, as well as content providers that rely on the use of QUIC-aware middleboxes, e.g. for load balancing.
- Routing for RPL Leaves (draft-ietf-roll-unaware-leaves)
By Pascal Thubert, Michael Richardson, 2021-01-22 TXT HTML PDF
Abstract: This specification updates RFC6550, RFC6775, and RFC8505. It provides a mechanism for a host that implements a routing-agnostic interface based on 6LoWPAN Neighbor Discovery to obtain reachability services across a network that leverages RFC6550 for its routing operations.
- Integrity Protection for the Network Service Header (NSH) and Encryption of Sensitive Context Headers (draft-ietf-sfc-nsh-integrity)
By Mohamed Boucadair, Tirumaleswar Reddy.K, Dan Wing, 2021-01-22 TXT HTML PDF
Abstract: This specification adds integrity protection directly to the Network Service Header (NSH) used for Service Function Chaining (SFC). Also, this specification allows to encrypt sensitive metadata that is carried in the NSH.
- Path Computation Element (PCE) based Traffic Engineering (TE) in Native IP Networks (draft-ietf-teas-pce-native-ip)
By Aijun Wang, Boris Khasanov, Quintin Zhao, Huaimo Chen, 2021-01-21 TXT HTML PDF
Abstract: This document defines an architecture for providing traffic engineering in a native IP network using multiple BGP sessions and a Path Computation Element (PCE)-based central control mechanism. It defines the Central Control Dynamic Routing (CCDR) procedures and identifies needed extensions for the Path Computation Element Communication Protocol (PCEP).
- Deprecating TLSv1.0 and TLSv1.1 (draft-ietf-tls-oldversions-deprecate)
By Kathleen Moriarty, Stephen Farrell, 2021-01-21 TXT HTML PDF
Abstract: This document, if approved, formally deprecates Transport Layer Security (TLS) versions 1.0 (RFC 2246) and 1.1 (RFC 4346). Accordingly, those documents (will be moved|have been moved) to Historic status. These versions lack support for current and recommended cryptographic algorithms and mechanisms, and various government and industry profiles of applications using TLS now mandate avoiding these old TLS versions. TLSv1.2 became the recommended version for IETF protocols in 2008, (subsequently being obsoleted by TLSv1.3 in 2018), providing sufficient time to transition away from older versions. Removing support for older versions from implementations reduces the attack surface, reduces opportunity for misconfiguration, and streamlines library and product maintenance.
- CPace, a balanced composable PAKE (draft-irtf-cfrg-cpace)
By Michel Abdalla, Bjoern Haase, Julia Hesse, 2021-01-24 TXT HTML PDF
Abstract: This document describes CPace which is a protocol for two parties that share a low-entropy secret (password) to derive a strong shared key without disclosing the secret to offline dictionary attacks. This method was tailored for constrained devices, is compatible with any group of both prime- and non-prime order, and comes with a security proof providing composability guarantees.
- Network Coding for Content-Centric Networking / Named Data Networking: Considerations and Challenges (draft-irtf-nwcrg-nwc-ccn-reqs)
By Kazuhisa Matsuzono, Hitoshi Asaeda, Cedric Westphal, 2021-01-22 TXT HTML PDF
Abstract: This document describes the current research outcomes in Network Coding (NC) for Content-Centric Networking (CCNx) / Named Data Networking (NDN), and clarifies the technical considerations and potential challenges for applying NC in CCNx/NDN. This document is the product of the Coding for Efficient Network Communications Research Group (NWCRG) and the Information-Centric Networking Research Group (ICNRG).
- Applications and Use Cases for the Quantum Internet (draft-irtf-qirg-quantum-internet-use-cases)
By Chonggang Wang, Akbar Rahman, Ruidong Li, Melchior Aelmans, 2021-01-22 TXT HTML PDF
Abstract: The Quantum Internet has the potential to improve application functionality by incorporating quantum information technology into the infrastructure of the overall Internet. This document provide an overview of some applications expected to be used on the Quantum Internet, and then categorize them using various classification schemes. Some general requirements for the Quantum Internet are also discussed. The intent of this document is to provide a common understanding, framework of applications and use cases for the Quantum Internet.
- WebRTC Dependencies (draft-jennings-rtcweb-deps)
By Cullen Jennings, 2021-01-21 TXT HTML PDF
Abstract: This draft will never be published as an RFC and is meant purely to help track the IETF dependencies from the W3C WebRTC documents.
- Processing of the Hop-by-Hop Options Header (draft-peng-v6ops-hbh)
By Shuping Peng, Zhenbin Li, Chongfeng Xie, Zhuangzhuang Qin, Gyan Mishra, 2021-01-21 TXT HTML PDF
Abstract: This document describes the processing of the Hop-by-Hop Options Header (HBH) in today's routers in the aspects of standards specification, common implementations, and default operations. This document outlines the reasons why the Hop-by-Hop Options Header is rarely utilized in current networks. In addition, this document describes how the HBH could be used as a powerful mechanism allowing deployment and operations of new services requiring a more optimized way to leverage network resources of an infrastructure. The Hop-by- Hop Options Header is taken into consideration by several network operators as a valuable container for carrying the information facilitating the introduction of new services. The desired, and proposed, processing behavior of the HBH and the migration strategies towards it are also suggested.
- On storing CBOR encoded items on stable storage (draft-richardson-cbor-file-magic)
By Michael Richardson, 2021-01-21 TXT HTML PDF
Abstract: This document proposes an on-disk format for CBOR objects that is friendly to common on-disk recognition systems like the Unix file(1) command.
- Date and Time on the Internet: Timestamps with additional information (draft-ryzokuken-datetime-extended)
By Ujjwal Sharma, 2021-01-22 TXT HTML PDF
Abstract: This document defines a date and time format for use in Internet protocols for representation of dates and times using the proleptic Gregorian calendar, with optional extensions representing additional information including a time zone.
- Deadline-aware Transport Protocol (draft-shi-quic-dtp)
By Yong Cui, Zhiwen Liu, Hang Shi, Jie Zhang, Kai Zheng, Wei Wang, 2021-01-21 TXT HTML PDF
Abstract: This document defines Deadline-aware Transport Protocol (DTP) to provide block-based deliver-before-deadline transmission. The intention of this memo is to describe a mechanism to fulfill unreliable transmission based on QUIC as well as how to enhance timeliness of data delivery.
- IPv4+ The Extended Protocol Based On IPv4 (draft-tang-ipv4plus)
By ZiQiang Tang, 2021-01-23 TXT HTML PDF
Abstract: This document specifies version 4+ of the Internet Protocol (IPv4+). IPv4 is very successful,simple and elegant. continuation and expansion of the IPv4 is necessary. Existing systems, devices only need to upgrade the software to support IPv4+, without the need to update new hardwares,saving investment costs. Ipv4+ is also an interstellar Protocol, so the Internet will evolve into a star Internet.
- Secure NEighbor Discovery (SEND) over OMNI Interfaces (draft-templin-omni-send)
By Fred Templin, 2021-01-22 TXT HTML PDF
Abstract: The Overlay Multilink Network Interface (OMNI) specification can be used by nodes on public Internetworks when a suitable security service is provided to authenticate IPv6 Neighbor Discovery (IPv6 ND) control messages. The basic OMNI security service for transmission of IPv6 ND messages over public Internetworks uses a Hashed Message Authentication Code (HMAC) based on a shared secret. This document specifies use of the Secure NEighbor Discovery (SEND) protocol over OMNI interfaces which can provide a more flexible and robust service.
- A YANG Model for Network and VPN Service Performance Monitoring (draft-www-opsawg-yang-vpn-service-pm)
By Bo Wu, Qin WU, Mohamed Boucadair, Oscar de Dios, Bin Wen, Chang Liu, Honglei Xu, 2021-01-21 TXT HTML PDF
Abstract: The data model defined in RFC8345 introduces vertical layering relationships between networks that can be augmented to cover network/service topologies. This document defines a YANG model for both Network Performance Monitoring and VPN Service Performance Monitoring that can be used to monitor and manage network performance on the topology at higher layer or the service topology between VPN sites.
Expired Drafts
|
Drafts Sent to IESG
IESG Progress
- 5G Wireless Wireline Convergence User Plane Encapsulation (5WE) (draft-allan-5g-fmc-encapsulation): IESG Evaluation::AD Followup » In Last Call
By Dave Allan, Donald Eastlake, David Woolley, 2020-10-01 TXT HTML PDF
Abstract: As part of providing wireline access to the 5G Core (5GC), deployed wireline networks carry user data between 5G residential gateways and the 5G Access Gateway Function (AGF). The encapsulation method specified in this document supports the multiplexing of traffic for multiple PDU sessions within a VLAN delineated access circuit, permits legacy equipment in the data path to inspect certain packet fields, carries 5G QoS information associated with the packet data, and provides efficient encoding. It achieves this by specific points of similarity with the RFC 2516 PPPoE data packet encapsulation.
- DetNet Data Plane: IP over IEEE 802.1 Time Sensitive Networking (TSN) (draft-ietf-detnet-ip-over-tsn): Publication Requested » In Last Call
By Balazs Varga, Janos Farkas, Andrew Malis, Stewart Bryant, 2020-12-13 TXT HTML PDF
Abstract: This document specifies the Deterministic Networking IP data plane when operating over a TSN sub-network. This document does not define new procedures or processes. Whenever this document makes requirements statements or recommendations, these are taken from normative text in the referenced RFCs.
- DetNet Data Plane: MPLS over IEEE 802.1 Time Sensitive Networking (TSN) (draft-ietf-detnet-mpls-over-tsn): Publication Requested » In Last Call
By Balazs Varga, Janos Farkas, Andrew Malis, Stewart Bryant, 2020-12-13 TXT HTML PDF
Abstract: This document specifies the Deterministic Networking MPLS data plane when operating over a TSN sub-network. This document does not define new procedures or processes. Whenever this document makes requirements statements or recommendations, these are taken from normative text in the referenced RFCs.
- DetNet Data Plane: IEEE 802.1 Time Sensitive Networking over MPLS (draft-ietf-detnet-tsn-vpn-over-mpls): Publication Requested » In Last Call
By Balazs Varga, Janos Farkas, Andrew Malis, Stewart Bryant, Don Fedyk, 2020-12-13 TXT HTML PDF
Abstract: This document specifies the Deterministic Networking data plane when TSN networks are interconnected over a DetNet MPLS Network.
- OSPF Prefix Originator Extensions (draft-ietf-lsr-ospf-prefix-originator): Publication Requested » AD Evaluation
By Aijun Wang, Acee Lindem, Jie Dong, Peter Psenak, Ketan Talaulikar, 2020-10-20 TXT HTML PDF
Abstract: This document defines OSPF extensions to include information associated with the node originating a prefix along with the prefix advertisement.
- JSON Web Token (JWT) Profile for OAuth 2.0 Access Tokens (draft-ietf-oauth-access-token-jwt): AD Evaluation::Revised I-D Needed » ::AD Followup
By Vittorio Bertocci, 2021-01-22 TXT HTML PDF
Abstract: This specification defines a profile for issuing OAuth 2.0 access tokens in JSON web token (JWT) format. Authorization servers and resource servers from different vendors can leverage this profile to issue and consume access tokens in interoperable manner.
- Registration Data Access Protocol (RDAP) Query Format (draft-ietf-regext-rfc7482bis): Publication Requested » AD Evaluation
By Scott Hollenbeck, Andrew Newton, 2020-09-08 TXT HTML PDF
Abstract: This document describes uniform patterns to construct HTTP URLs that may be used to retrieve registration information from registries (including both Regional Internet Registries (RIRs) and Domain Name Registries (DNRs)) using "RESTful" web access patterns. These uniform patterns define the query syntax for the Registration Data Access Protocol (RDAP).
- JSON Responses for the Registration Data Access Protocol (RDAP) (draft-ietf-regext-rfc7483bis): Publication Requested » AD Evaluation
By Scott Hollenbeck, Andrew Newton, 2020-10-21 TXT HTML PDF
Abstract: This document describes JSON data structures representing registration information maintained by Regional Internet Registries (RIRs) and Domain Name Registries (DNRs). These data structures are used to form Registration Data Access Protocol (RDAP) query responses.
- Extensible Provisioning Protocol (EPP) Secure Authorization Information for Transfer (draft-ietf-regext-secure-authinfo-transfer): AD Evaluation » ::Revised I-D Needed
By James Gould, Richard Wilhelm, 2021-01-04 TXT HTML PDF
Abstract: The Extensible Provisioning Protocol (EPP), in RFC 5730, defines the use of authorization information to authorize a transfer. The authorization information is object-specific and has been defined in the EPP Domain Name Mapping, in RFC 5731, and the EPP Contact Mapping, in RFC 5733, as password-based authorization information. Other authorization mechanisms can be used, but in practice the password-based authorization information has been used at the time of object create, managed with the object update, and used to authorize an object transfer request. What has not been fully considered is the security of the authorization information that includes the complexity of the authorization information, the time-to-live (TTL) of the authorization information, and where and how the authorization information is stored. This document defines an operational practice, using the EPP RFCs, that leverages the use of strong random authorization information values that are short-lived, that are not stored by the client, and that are stored using a cryptographic hash by the server to provide for secure authorization information used for transfers.
- Extensible Provisioning Protocol (EPP) Unhandled Namespaces (draft-ietf-regext-unhandled-namespaces): AD Evaluation » ::Revised I-D Needed
By James Gould, Martin Casanova, 2020-12-07 TXT HTML PDF
Abstract: The Extensible Provisioning Protocol (EPP), as defined in RFC 5730, includes a method for the client and server to determine the objects to be managed during a session and the object extensions to be used during a session. The services are identified using namespace URIs. How should the server handle service data that needs to be returned in the response when the client does not support the required service namespace URI, which is referred to as an unhandled namespace? An unhandled namespace is a significant issue for the processing of RFC 5730 poll messages, since poll messages are inserted by the server prior to knowing the supported client services, and the client needs to be capable of processing all poll messages. This document defines an operational practice that enables the server to return information associated with unhandled namespace URIs that is compliant with the negotiated services defined in RFC 5730.
- Deprecating TLSv1.0 and TLSv1.1 (draft-ietf-tls-oldversions-deprecate): Approved-announcement to be sent::AD Followup » Approved-announcement to be sent
By Kathleen Moriarty, Stephen Farrell, 2021-01-21 TXT HTML PDF
Abstract: This document, if approved, formally deprecates Transport Layer Security (TLS) versions 1.0 (RFC 2246) and 1.1 (RFC 4346). Accordingly, those documents (will be moved|have been moved) to Historic status. These versions lack support for current and recommended cryptographic algorithms and mechanisms, and various government and industry profiles of applications using TLS now mandate avoiding these old TLS versions. TLSv1.2 became the recommended version for IETF protocols in 2008, (subsequently being obsoleted by TLSv1.3 in 2018), providing sufficient time to transition away from older versions. Removing support for older versions from implementations reduces the attack surface, reduces opportunity for misconfiguration, and streamlines library and product maintenance.
Drafts Sent to RFC Editor
Other Status Changes
- Evaluation of a Sample of RFC Produced in 2018 (draft-huitema-rfc-eval-project): Active » RFC 8963
rfc8963.txt
By Christian Huitema, 2020-10-25 TXT HTML PDF
Abstract: This document presents the author's effort to understand the delays involved in publishing an idea in the IETF or through the Independent Stream, from the first individual draft to the publication of the RFC. We analyze a set of randomly chosen RFC approved in 2018, looking for history and delays. We also use two randomly chosen sets of RFC published in 2008 and 1998 for comparing delays seen in 2018 to those observed 10 or 20 years ago. The average RFC in the 2018 sample was produced in 3 years and 4 months, of which 2 years and 10 months were spent in the Working Group, 3 to 4 months for IETF consensus and IESG review, and 3 to 4 months in RFC production. The main variation in RFC production delays comes from the AUTH-48 phase.
- draft-ietf-regext-bundling-registration: Expired » Replaced by draft-yao-regext-bundling-registration
No title available; expired document? TXT HTML PDF
- Network coding for satellite systems (draft-irtf-nwcrg-network-coding-satellites): Active » RFC 8975
rfc8975.txt
By Nicolas Kuhn, Emmanuel Lochin, 2020-10-30 TXT HTML PDF
Abstract: This document is one product of the Coding for Efficient Network Communications Research Group (NWCRG). It conforms to the directions found in the NWCRG taxonomy.
- draft-michaelson-rpki-rta: Active » Replaced by draft-ietf-sidrops-rpki-rta
No title available; expired document? TXT HTML PDF
RFC Editor Status Changes
IPR Disclosures
IESG/IAB/IAOC/Trust Minutes
Liaison Statements
Classified Ads
|