IETF-Announce List
New RFCs
New and Revived Drafts
- TLS DNSSEC Chain Extension (draft-dukhovni-tls-dnssec-chain)
By Viktor Dukhovni, Shumon Huque, Willem Toorop, Paul Wouters, Melinda Shore, 2021-04-15 TXT HTML PDF
Abstract: This document describes an experimental TLS extension for in-band transport of the complete set of DNSSEC validated records needed to perform DANE authentication of a TLS server without the need to perform separate out-of-band DNS lookups. When the requisite DNS records do not exist, the extension conveys a validated denial of existence proof.
- Problem Details for HTTP APIs (draft-ietf-httpapi-rfc7807bis)
By Mark Nottingham, Erik Wilde, Sanjay Dalal, 2021-04-15 TXT HTML PDF
Abstract: This document defines a "problem detail" as a way to carry machine- readable details of errors in a HTTP response to avoid the need to define new error response formats for HTTP APIs.
- Pros and Cons of IPv6 Transition Technologies for IPv4aaS (draft-ietf-v6ops-transition-comparison)
By Gabor Lencse, Jordi Martinez, Lee Howard, Richard Patterson, Ian Farrer, 2021-04-15 TXT HTML PDF
Abstract: Several IPv6 transition technologies have been developed to provide customers with IPv4-as-a-Service (IPv4aaS) for ISPs with an IPv6-only access and/or core network. All these technologies have their advantages and disadvantages, and depending on existing topology, skills, strategy and other preferences, one of these technologies may be the most appropriate solution for a network operator.
Updated Drafts
- PCE for BIER-TE Path (draft-chen-pce-bier-te-path)
By Huaimo Chen, Mike McBride, Aijun Wang, Gyan Mishra, Yisong Liu, Yanhe Fan, Lei Liu, Xufeng Liu, 2021-04-15 TXT HTML PDF
Abstract: This document describes extensions to Path Computation Element (PCE) communication Protocol (PCEP) for supporting Bit Index Explicit Replication (BIER) Traffic Engineering (TE) paths.
- Running an IETF Hackathon (draft-eckel-shmoo-ietf-hackathon)
By Charles Eckel, 2021-04-15 TXT HTML PDF
Abstract: IETF Hackathons encourage the IETF community to collaborate on running code related to existing and evolving Internet standards. This document provides a set of practices for running IETF Hackathons.
- Gateway Auto-Discovery and Route Advertisement for Segment Routing Enabled Domain Interconnection (draft-ietf-bess-datacenter-gateway)
By Adrian Farrel, John Drake, Eric Rosen, Keyur Patel, Luay Jalil, 2021-04-15 TXT HTML PDF
Abstract: Data centers are critical components of the infrastructure used by network operators to provide services to their customers. Data centers are attached to the Internet or a backbone network by gateway routers. One data center typically has more than one gateway for commercial, load balancing, and resiliency reasons.
- EVPN Operations, Administration and Maintenance Requirements and Framework (draft-ietf-bess-evpn-oam-req-frmwk)
By Samer Salam, Ali Sajassi, Sam Aldrin, John Drake, Donald Eastlake, 2021-04-15 TXT HTML PDF
Abstract: This document specifies the requirements and reference framework for Ethernet VPN (EVPN) Operations, Administration and Maintenance (OAM). The requirements cover the OAM aspects of EVPN and PBB-EVPN (Provider Backbone Bridge EVPN). The framework defines the layered OAM model encompassing the EVPN service layer, network layer, underlying Packet Switched Network (PSN) transport layer, and link layer but focuses on the service and network layers.
- DetNet Bounded Latency (draft-ietf-detnet-bounded-latency)
By Norman Finn, Jean-Yves Le Boudec, Ehsan Mohammadpour, Jiayi Zhang, Balazs Varga, Janos Farkas, 2021-04-15 TXT HTML PDF
Abstract: This document references specific queuing mechanisms, defined in other documents, that can be used to control packet transmission at each output port and achieve the DetNet qualities of service. This document presents a timing model for sources, destinations, and the DetNet transit nodes that relay packets that is applicable to all of those referenced queuing mechanisms. Using the model presented in this document, it should be possible for an implementor, user, or standards development organization to select a particular set of queuing mechanisms for each device in a DetNet network, and to select a resource reservation algorithm for that network, so that those elements can work together to provide the DetNet service.
- DNS Query Name Minimisation to Improve Privacy (draft-ietf-dnsop-rfc7816bis)
By Stephane Bortzmeyer, Ralph Dolmans, Paul Hoffman, 2021-04-15 TXT HTML PDF
Abstract: This document describes a technique called "QNAME minimisation" to improve DNS privacy, where the DNS resolver no longer always sends the full original QNAME and original QTYPE to the upstream name server. This document obsoletes RFC 7816.
- Registry Maintenance Notifications for the Extensible Provisioning Protocol (EPP) (draft-ietf-regext-epp-registry-maintenance)
By Tobias Sattler, Roger Carney, Jody Kolker, 2021-04-15 TXT HTML PDF
Abstract: This document describes an Extensible Provision Protocol (EPP) mapping for registry's maintenance notifications.
- Using JSContact in Registration Data Access Protocol (RDAP) JSON Responses (draft-ietf-regext-rdap-jscontact)
By Mario Loffredo, Gavin Brown, 2021-04-15 TXT HTML PDF
Abstract: This document describes an RDAP extension which represents entity contact information in JSON responses using JSContact.
- Enhanced JWT Claim Constraints for STIR Certificates (draft-ietf-stir-enhance-rfc8226)
By Russ Housley, 2021-04-15 TXT HTML PDF
Abstract: RFC 8226 provides a certificate extension to constrain the JWT claims that can be included in the PASSporT as defined in RFC 8225. If the signer includes a JWT claim outside the constraint boundaries, then the recipient will reject the entire PASSporT. This document defines an additional way that the JWT claims can be constrained.
- JWS Clear Text JSON Signature Option (JWS/CT) (draft-jordan-jws-ct)
By Bret Jordan, Samuel Erdtman, Anders Rundgren, 2021-04-15 TXT HTML PDF
Abstract: This document describes a method for extending the scope of the JSON Web Signature (JWS) standard, called JWS/CT. By combining the detached mode of JWS with the JSON Canonicalization Scheme (JCS), JWS/CT enables JSON objects to remain in the JSON format after being signed (also known as "Clear Text" signing). In addition to supporting a consistent data format, this arrangement also simplifies documentation, debugging, and logging. The ability to embed signed JSON objects in other JSON objects, makes the use of counter- signatures straightforward.
- Survey of Domain Verification Techniques using DNS (draft-sahib-domain-verification-techniques)
By Shivan Sahib, Shumon Huque, 2021-04-15 TXT HTML PDF
Abstract: Verification of ownership of domains in the Domain Name System (DNS) [RFC1034] [RFC1035] often relies on adding or editing DNS records within the domain. This document surveys various techniques in wide use today, the pros and cons of each, and possible improvements.
Expired Drafts
|
Drafts Sent to IESG
IESG Progress
- Gateway Auto-Discovery and Route Advertisement for Segment Routing Enabled Domain Interconnection (draft-ietf-bess-datacenter-gateway): AD Evaluation::Revised I-D Needed » In Last Call
By Adrian Farrel, John Drake, Eric Rosen, Keyur Patel, Luay Jalil, 2021-04-15 TXT HTML PDF
Abstract: Data centers are critical components of the infrastructure used by network operators to provide services to their customers. Data centers are attached to the Internet or a backbone network by gateway routers. One data center typically has more than one gateway for commercial, load balancing, and resiliency reasons.
- Nimble out-of-band authentication for EAP (EAP-NOOB) (draft-ietf-emu-eap-noob): Waiting for Writeup » IESG Evaluation
By Tuomas Aura, Mohit Sethi, Aleksi Peltonen, 2021-03-16 TXT HTML PDF
Abstract: The Extensible Authentication Protocol (EAP) provides support for multiple authentication methods. This document defines the EAP-NOOB authentication method for nimble out-of-band (OOB) authentication and key derivation. The EAP method is intended for bootstrapping all kinds of Internet-of-Things (IoT) devices that have no pre-configured authentication credentials. The method makes use of a user-assisted one-directional OOB message between the peer device and authentication server to authenticate the in-band key exchange. The device must have an input or output interface, such as a display, microphone, speaker or blinking light, which can send or receive dynamically generated messages of tens of bytes in length.
- The OAuth 2.0 Authorization Framework: JWT Secured Authorization Request (JAR) (draft-ietf-oauth-jwsreq): Approved-announcement to be sent » Approved-announcement sent
By Nat Sakimura, John Bradley, Michael Jones, 2021-04-08 TXT HTML PDF
Abstract: The authorization request in OAuth 2.0 described in RFC 6749 utilizes query parameter serialization, which means that Authorization Request parameters are encoded in the URI of the request and sent through user agents such as web browsers. While it is easy to implement, it means that (a) the communication through the user agents is not integrity protected and thus the parameters can be tainted, (b) the source of the communication is not authenticated, and (c) the communication through the user agents can be monitored. Because of these weaknesses, several attacks to the protocol have now been put forward.
Drafts Sent to RFC Editor
- Reaction: Indicating Summary Reaction to a Message (draft-crocker-inreply-react): IESG Evaluation::AD Followup » RFC Ed Queue
By Dave Crocker, R. Signes, Ned Freed, 2021-04-14 TXT HTML PDF
Abstract: The popularity of social media has led to user comfort with easily signaling basic reactions to an author's posting, such as with a 'thumbs up' or 'smiley' graphic. This specification permits a similar facility for Internet Mail.
- Software-Defined Networking (SDN)-based IPsec Flow Protection (draft-ietf-i2nsf-sdn-ipsec-flow-protection): Approved-announcement to be sent::AD Followup » RFC Ed Queue
By Rafael Marin-Lopez, Gabriel Lopez-Millan, Fernando Pereniguez-Garcia, 2021-03-25 TXT HTML PDF
Abstract: This document describes how to provide IPsec-based flow protection (integrity and confidentiality) by means of an Interface to Network Security Function (I2NSF) controller. It considers two main well- known scenarios in IPsec: (i) gateway-to-gateway and (ii) host-to- host. The service described in this document allows the configuration and monitoring of IPsec Security Associations (IPsec SAs) from a I2NSF Controller to one or several flow-based Network Security Functions (NSFs) that rely on IPsec to protect data traffic.
- Using the AES-GMAC Algorithm with the Cryptographic Message Syntax (CMS) (draft-ietf-lamps-cms-aes-gmac-alg): Approved-announcement sent » RFC Ed Queue
By Russ Housley, 2021-04-02 TXT HTML PDF
Abstract: This document specifies the conventions for using the AES-GMAC Message Authentication Code algorithms with the Cryptographic Message Syntax (CMS) as specified in RFC 5652.
- Algorithm Requirements Update to the Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF) (draft-ietf-lamps-crmf-update-algs): Approved-announcement to be sent::AD Followup » RFC Ed Queue
By Russ Housley, 2021-04-08 TXT HTML PDF
Abstract: This document updates the cryptographic algorithm requirements for the Password-Based Message Authentication Code in the Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF) specified in RFC 4211.
Other Status Changes
- draft-ietf-tls-dnssec-chain-extension: Expired » Replaced by draft-dukhovni-tls-dnssec-chain
No title available; expired document? TXT HTML PDF
- Pros and Cons of IPv6 Transition Technologies for IPv4aaS (draft-lmhp-v6ops-transition-comparison): Active » Replaced by draft-ietf-v6ops-transition-comparison
By Gabor Lencse, Jordi Martinez, Lee Howard, Richard Patterson, Ian Farrer, 2021-01-09 TXT HTML PDF
Abstract: Several IPv6 transition technologies have been developed to provide customers with IPv4-as-a-Service (IPv4aaS) for ISPs with an IPv6-only access and/or core network. All these technologies have their advantages and disadvantages, and depending on existing topology, skills, strategy and other preferences, one of these technologies may be the most appropriate solution for a network operator.
RFC Editor Status Changes
IPR Disclosures
IESG/IAB/IAOC/Trust Minutes
Liaison Statements
Classified Ads
|