2017-12-11, rev -03: This document contains a specification of three YANG modules and one submodule. Together they form the core routing data model that serves as a framework for configuring and managing a routing subsystem. It is expected that these modules will be augmented by additional YANG modules defining data models for control-plane protocols, route filters, and other functions. The core routing data model provides common building blocks for such extensions -- routes, Routing Information Bases (RIBs), and control-plane protocols.
2017-12-11, rev -03: This document describes the AsciiDoc syntax extension called AsciiRFC designed for authoring IETF Internet-Drafts and RFCs.
2017-12-11, rev -04: Certification Authorities (CAs) within the Resource Public Key Infrastructure (RPKI) manage BGPsec router certificates as well as RPKI certificates. The rollover of BGPsec router certificates must be carefully performed in order to synchronize the distribution of router public keys with BGPsec Update messages verified with those router public keys. This document describes a safe rollover process, as well as discussing when and why the rollover of BGPsec router certificates are necessary. When this rollover process is followed the rollover will be performed without routing information being lost.
2017-12-11, rev -07: This document describes monitoring features related to media streams in Web real-time communication (WebRTC). It provides a list of RTCP Sender Report, Receiver Report and Extended Report metrics, which may need to be supported by RTP implementations in some diverse environments. It lists a set of identifiers for the WebRTC's statistics API. These identifiers are a set of RTCP SR, RR, and XR metrics related to the transport of multimedia flows.
2017-12-11, rev -02: This document defines a strategy to securely assign a pledge to an owner, using an artifact signed, directly or indirectly, by the pledge's manufacturer. This artifact is known as a "voucher".
2017-12-11, rev -04: This document describes a revised protocol for the TCP-based convergence layer (TCPCL) for Delay-Tolerant Networking (DTN). The protocol revision is based on implementation issues in the original TCPCL Version 3 and updates to the Bundle Protocol contents, encodings, and convergence layer requirements in Bundle Protocol Version 7. Specifically, the TCPCLv4 uses CBOR-encoded BPv7 bundles as its service data unit being transported and provides a reliable transport of such bundles. Several new IANA registries are defined for TCPCLv4 which define some behaviors inherited from TCPCLv3 but with updated encodings and/or semantics.
2017-12-11, rev -09: The standardization of network configuration interfaces for use with the Network Configuration Protocol (NETCONF) or RESTCONF protocol requires a structured and secure operating environment that promotes human usability and multi-vendor interoperability. There is a need for standard mechanisms to restrict NETCONF or RESTCONF protocol access for particular users to a pre-configured subset of all available NETCONF or RESTCONF protocol operations and content. This document defines such an access control model.
2017-12-11, rev -15: This document defines a resource-oriented approach for security automation information publication, discovery, and sharing. Using this approach, producers may publish, share, and exchange representations of software descriptors, security incidents, attack indicators, software vulnerabilities, configuration checklists, and other security automation information as web-addressable resources. Furthermore, consumers and other stakeholders may access and search this security information as needed, establishing a rapid and on- demand information exchange network for restricted internal use or public access repositories. This specification extends the Atom Publishing Protocol and Atom Syndication Format to transport and share security automation resource representations.
2017-12-11, rev -07: This document defines a standard algorithm to back-off link-state IGP Shortest Path First (SPF) computations.
2017-12-11, rev -05: Recent Active Queue Management (AQM) mechanisms allow for burst tolerance while enforcing short queues to minimise the time that packets spend enqueued at a bottleneck. This can cause noticeable performance degradation for TCP connections traversing such a bottleneck, especially if there are only a few flows or their bandwidth-delay-product is large. An Explicit Congestion Notification (ECN) signal indicates that an AQM mechanism is used at the bottleneck, and therefore the bottleneck network queue is likely to be short. This document therefore proposes an update to RFC3168, which changes the TCP sender-side ECN reaction in congestion avoidance to reduce the Congestion Window (cwnd) by a smaller amount than the congestion control algorithm's reaction to inferred packet loss.
2017-12-11, rev -03: Power Line Communication (PLC), namely using the electric-power lines for indoor and outdoor communications, has been widely applied to support Advanced Metering Infrastructure (AMI), especially the smart meters for electricity. The inherent advantage of existing electricity infrastructure facilitates the expansion of PLC deployments, and moreover, a wide variety of accessible devices raises the potential demand of IPv6 for future applications. As part of this technology, Narrowband PLC (NBPLC) is focused on the low- bandwidth and low-power scenarios that includes current standards such as ITU-T G.9903, IEEE 1901.2 and IEEE 1901.2a. This document describes how IPv6 packets are transported over constrained PLC networks.
2017-12-10, rev -00: The DNS Security Extensions (DNSSEC) were developed to provide origin authentication and integrity protection for DNS data by using digital signatures. These digital signatures can be verified by building a chain of trust starting from a trust anchor and proceeding down to a particular node in the DNS. This document specifies a mechanism that will allow an end user to determine the trusted key state of the resolvers that handle the user's DNS queries.
2017-12-10, rev -02: This document describes a solution to the Internet address depletion issue through the use of an existing Option mechanism that is part of the original IPv4 protocol. This proposal, named EzIP (phonetic for Easy IPv4), outlines the IPv4 public address pool expansion and the Internet system architecture enhancement considerations. The EzIP may expand an IPv4 address by a factor of 256M without affecting the existing IPv4 based Internet, nor the current private networks. The EzIP is in full conformance with the IPv4 protocol, and supports not only both direct and private network connectivities, but also their interoperability. The EzIP deployment may coexist with the current Internet traffic and the IoT (Internet of Things) operations without perturbing their setups, while offering end-users the freedom to choose either. If the IPv4 public pool allocations were allowed to be reorganized, the assignable pool could be multiplied by 512M times or even more. The EzIP may be implemented as a software / firmware enhancement to the Internet edge routers or private network routing gateways wherever needed, or simply installed as an inline adjunct hardware module between the two, enabling a seamless introduction. The 256M case detailed herein establishes a complete layer of routers for interfacing between the Internet core fabic and the end user premises. Incorporating the caching proxy technology in the gateway, a fairly large geographical area may deploy an EzIP based sub- Internet operating from as few as one ordinary IPv4 public address. This will immediately resolve the IPv4 address shortage anywhere, while transparent to the current Internet operation. Under the Dual- Stack environment, these proposed interim facilities will relieve the IPv4 address shortage issue, while affording the IPv6 more time to orderly reach the maturity and the availability levels required for delivering a long-term general service.
2017-12-10, rev -34: This document describes the functional interface, based on the ISO7816 standard, to EAP methods, fully and securely executed in smart cards. This class of tamper resistant device may deliver client or server services; it can compute Root Keys from an Extended Master Session Key (EMSK).
2017-12-10, rev -04: PIM is widely deployed multicast protocol. PIM protocol is defined in [RFC4601] and [RFC7761]. As deployment for PIM protocol growing day by day, user expect least traffic loss and fast convergence in case of any network failure. This document provides extension to existing defined protocol which would improve stability of PIM protocol with respect to traffic loss and convergence time when the PIM DR is down.
2017-12-10, rev -10: This document describes the Remote APDU Call Protocol Secure (RACS) protocol, dedicated to Grid of Secure Elements (GoSE). These servers host Secure Elements (SE), i.e. tamper resistant chips offering secure storage and cryptographic resources.
2017-12-10, rev -14: This memo documents terminology used in the documents produced by SACM (Security Automation and Continuous Monitoring).
2017-12-10, rev -05: Security and trust are very critical topics in the context of the anywhere, anytime, anything internet connectivity. TLS and DTLS are two major IETF protocols widely used to secure IP exchanges. According to CoAP, DTLS is the protocol used by constraint nodes in the Internet of Things (IoT) context.
2017-12-10, rev -02: The invention of a large-scale quantum computer would pose a serious challenge for the cryptographic algorithms that are widely deployed today. The Cryptographic Message Syntax (CMS) supports key transport and key agreement algorithms that could be broken by the invention of such a quantum computer. By storing communications that are protected with the CMS today, someone could decrypt them in the future when a large-scale quantum computer becomes available. Once quantum-secure key management algorithms are available, the CMS will be extended to support them, if current syntax the does not accommodated them. In the near-term, this document describes a mechanism to protect today's communication from the future invention of a large-scale quantum computer by mixing the output of key transport and key agreement algorithms with a pre-shared key.
2017-12-10, rev -07: This document provides information and requirements for how Forward Error Correction (FEC) should be used by WebRTC implementations.
2017-12-09, rev -03: RC4 is extremely weak as shown by RFC 6649 and RFC 7457, is prohibited in TLS by RFC 7465, is prohibited in Kerberos by RFC xxxx and it needs to be prohibited in all IETF protocols. This document obsoletes RFC 4345 "Improved Arcfour Modes for the Secure Shell (SSH) Transport Layer Protocol" (note Arcfour and RC4 are synonymous). RFC 3501, RFC 4253, RFC 6649 and RFC 6733 are updated to note the deprecation of RC4 in all IETF protocols.
2017-12-09, rev -16: In order to prevent the impersonation of telephone numbers on the Internet, some kind of credential system needs to exist that cryptographically asserts authority over telephone numbers. This document describes the use of certificates in establishing authority over telephone numbers, as a component of a broader architecture for managing telephone numbers as identities in protocols like SIP.
2017-12-09, rev -01: In Transport Layer Security (TLS) handshakes, certificate chains often take up the majority of the bytes transmitted.
2017-12-08, rev -01: This document specifies a Uniform Resource Name (URN) for Persistent Web IDentifiers to web material in web archives using the 'pwid' namespace identifier. The purpose of the standard is to support general, global, sustainable, humanly readable, technology agnostic, persistent and precise web references for web materials.
2017-12-08, rev -12: This document defines a YANG data model that can be used to configure and manage Protocol Independent Multicast (PIM) devices. The model covers the PIM protocol configuration, operational state, and event notifications data.
2017-12-08, rev -03: The goal of Application-Layer Traffic Optimization (ALTO) is to bridge the gap between network and applications by provisioning network related information in order to allow applications to make network informed decisions. The present draft extends the ALTO cost information so as to broaden the decision possibilities of applications to not only decide 'where' to connect to, but also 'when'. This is useful to applications that need to schedule their data transfers and connections and have a degree of freedom to do so. ALTO guidance to schedule application traffic can also efficiently help for load balancing and resources efficiency. Besides, the ALTO Cost Calendar allows to schedule the ALTO requests themselves and thus to save a number of ALTO transactions.
2017-12-08, rev -10: The document specifies a Distributed Denial-of-Service Open Threat Signaling (DOTS) data channel used for bulk exchange of data not easily or appropriately communicated through the DOTS signal channel under attack conditions.
2017-12-08, rev -00: This document updates RFC8203 by defining an Extended BGP Administrative Shutdown Communication to improve communication using multibyte character sets.
2017-12-08, rev -00: This document obsoletes RFC 8216. It describes a protocol for transferring unbounded streams of multimedia data. It specifies the data format of the files and the actions to be taken by the server (sender) and the clients (receivers) of the streams. It describes version 8 of this protocol.
2017-12-08, rev -02: The joint scheduling between industrial field network and backhaul network is important to satisfy the requirements of deterministic delay for data flows in factories. This document describes a joint scheduling architecture for deterministic industrial field/backhaul networks. Taking WIA-PA, an international standard about industrial wireless field network, and IPv6-based backhaul network as an example, this document depicts how the joint scheduling architecture works in detail.
2017-12-08, rev -25: This document specifies a new Network Address Translator (NAT) traversal mode for the Host Identity Protocol (HIP). The new mode is based on the Interactive Connectivity Establishment (ICE) methodology and UDP encapsulation of data and signaling traffic. The main difference from the previously specified modes is the use of HIP messages for all NAT traversal procedures.
2017-12-08, rev -03: This document specifies a Uniform Resource Identifier (URI) for Persistent Web IDentifiers to web material in web archives using the 'pwid' scheme name. The purpose of the standard is to support general, global, sustainable, humanly readable, technology agnostic, persistent and precise web references for web materials.
2017-12-08, rev -03: As the scale of MPLS RSVP-TE networks has grown, so the number of Label Switched Paths (LSPs) supported by individual network elements has increased. Various implementation recommendations have been proposed to manage the resulting increase in control plane state.
2017-12-08, rev -09: The Internet of Things (IoT) concept refers to the usage of standard Internet protocols to allow for human-to-thing and thing-to-thing communication. The security needs for the IoT are well-recognized and many standardization steps for providing security have been taken, for example, the specification of Constrained Application Protocol (CoAP) over Datagram Transport Layer Security (DTLS). However, security challenges still exist and there are some use cases that lack a suitable solution. In this document, we first discuss the various stages in the lifecycle of a thing. Next, we document the various security threats to a thing and the challenges that one might face to protect against these threats. Lastly, we discuss the next steps needed to facilitate the deployment of secure IoT systems. This document can be used by IoT standards specifications as a reference for details about security considerations applying to the specified protocol.
2017-12-08, rev -14: FNV (Fowler/Noll/Vo) is a fast, non-cryptographic hash algorithm with good dispersion. The purpose of this document is to make information on FNV and open source code performing FNV conveniently available to the Internet community.
2017-12-08, rev -07: This document describes the SM4 symmetric blockcipher algorithm published as GB/T 32907-2016 by the State Cryptography Administration of China (SCA).
2017-12-08, rev -07: This document defines a mechanism for describing and signaling several aspects that are used to calculate trust placed in a digital identity transaction.
2017-12-07, rev -10: This document specifies how Ethernet VPN (EVPN) can be used as a Network Virtualization Overlay (NVO) solution and explores the various tunnel encapsulation options over IP and their impact on the EVPN control-plane and procedures. In particular, the following encapsulation options are analyzed: VXLAN, NVGRE, and MPLS over GRE. This specification is also applicable to GENEVE encapsulation; however, some incremental work is required which will be covered in a separate document. This document also specifies new multi-homing procedures for split-horizon filtering and mass-withdraw. It also specifies EVPN route constructions for VxLAN/NvGRE encapsulations and ASBR procedures for multi-homing NV Edge devices.
2017-12-07, rev -09: This document defines a YANG data model for Routing Information Base (RIB) that aligns with the I2RS RIB information model.
2017-12-07, rev -04: To ensure an efficient data transport, meeting the requirements requested by today's transport services, the unification of control and management of microwave and millimeter wave radio link interfaces is a precondition for seamless multilayer networking and automated network wide provisioning and operation.
2017-12-07, rev -14: This document describes a method to perform packet loss, delay and jitter measurements on live traffic. This method is based on Alternate Marking (Coloring) technique. A report is provided in order to explain an example and show the method applicability. This technology can be applied in various situations as detailed in this document and could be considered passive or hybrid depending on the application.
2017-12-07, rev -01: This document summarizes benefits that operators perceive to be provided by intermediary devices that provide functions apart from normal IP forwarding. Such intermediary devices are often called "middleboxes".
2017-12-07, rev -00: This document specifies the fast redundancy protection mechanism, aimed at providing protection of the domain boundary nodes in Cross domain scenario.
2017-12-07, rev -05: This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes managed objects to configure and/or monitor MVPN, Multicast in MultiProtocol Label Switching/Border Gateway Protocol (MPLS/BGP) IP Virtual Private Networks (VPNs) on a Provider Edge router.
2017-12-07, rev -12: This document specifies the DOTS signal channel, a protocol for signaling the need for protection against Distributed Denial-of- Service (DDoS) attacks to a server capable of enabling network traffic mitigation on behalf of the requesting client.
2017-12-07, rev -00: This document describes a BGP-based method to communicate source IP reverse-path reachability for sources of multicast IP traffic which is available via AMT (RFC 7450). This document defines a new SAFI (Subsequent Address Family Identifier) Parameter type for MBGP which declares the next hop for RPF (Reverse Path Forwarding) of a source IP to be the AMT tunnel discovered via an explicitly provided anycast IP address for AMT Relay Discovery.
2017-12-07, rev -01: This document specifies an extension field for the Network Time Protocol (NTP) which allows network devices such as switches and routers to modify NTP packets with corrections to improve accuracy of the synchronization in the network.
2017-12-07, rev -43: This specification defines a new Session Description Protocol (SDP) Grouping Framework extension, 'BUNDLE'. The extension can be used with the SDP Offer/Answer mechanism to negotiate the usage of a single transport (5-tuple) for sending and receiving media described by multiple SDP media descriptions ("m=" sections). Such transport is referred to as a BUNDLE transport, and the media is referred to as bundled media. The "m=" sections that use the BUNDLE transport form a BUNDLE group.
2017-12-07, rev -02: This document poses open questions in path-aware networking, as a background for framing discussions in the Path Aware Networking proposed Research Group (PANRG). These are split into making properties of Internet paths available to endpoints, and allowing endpoints to select paths through the Internet for their traffic.
2017-12-07, rev -09: This document extends the RFC5011 rollover strategy with timing advice that must be followed by the publisher in order to maintain security. Specifically, this document describes the math behind the minimum time-length that a DNS zone publisher must wait before signing exclusively with recently added DNSKEYs. This document also describes the minimum time-length that a DNS zone publisher must wait after publishing a revoked DNSKEY before assuming that all active RFC5011 resolvers should have seen the revocation-marked key and removed it from their list of trust anchors.
2017-12-07, rev -01: This document defines the wire image, an abstraction of the information available to an on-path non-participant in a networking protocol. This abstraction is intended to shed light on current discussions within the IETF on the implications on increased encryption has for network functions that use the wire image.
2017-12-06, rev -12: This specification outlines current recommendations for the use of Transport Layer Security (TLS) to provide confidentiality of email traffic between a mail user agent (MUA) and a mail submission or mail access server.
2017-12-06, rev -00: This document describes the use of the LISP architecture and protocols to address the requirements of the worldwide Aeronautical Telecommunications Network with Internet Protocol Services, as articulated by the International Civil Aviation Organization.
2017-12-06, rev -03: This document describes a proposed meeting location policy for the IETF and the various stakeholders for realizing such a policy.
2017-12-06, rev -00: The Prefix Information Option in the IPv6 Neighbor Discovery Router Advertisement defines an 8-bit flag field with two flags defined and the remaining 6 bits reservered (Reserved1). RFC 6275 has defined a new flag from this field without creating a IANA registry or updating RFC 4861. The purpose of this document is to request that IANA to create a new registry for the PIO flags to avoid potential conflict in the use of these flags. This document updates RFC 4861.
2017-12-06, rev -05: A micro-loop is a packet forwarding loop that may occur transiently among two or more routers in a hop-by-hop packet forwarding paradigm.
2017-12-06, rev -00: Options for creating more apparent randomization in the QUIC header are discussed.
2017-12-06, rev -01: This document specifies Numbering Exchange Protocol (NEP).
2017-12-06, rev -02: This document describes a robust method for Path MTU Discovery (PMTUD) for datagram Packetization layers. The method allows a Packetization layer (or a datagram application that uses it) to probe an network path with progressively larger packets to determine a maximum packet size. The document describes as an extension to RFC 1191 and RFC 8201, which specify ICMP-based Path MTU Discovery for IPv4 and IPv6. This provides functionally for datagram transports that is equivalent to the Packetization layer PMTUD specification for TCP, specified in RFC4821.
2017-12-06, rev -00: This document proposes a packet transmission rate metric for parent selection. This metric represents the amount of traffic that the node is transmitting to the current parent node. This document also proposes an Objective Function (OF) using the packet transmission rate metric for parent selection in order to balance the amount of traffic between nodes.