Tomorrow sees kickoff of the Working Groups sessions at IETF 102 in Montreal, Canada, we’re bringing you daily blog posts highlighting the topics of interest to us in the ISOC Internet Technology Team. Monday is an important day, with meetings of the TLS, 6MAN and SIDROPS Working Groups, along with two other IoT related groups.
6MAN commences at 09.30 EDT/UTC-4, and has six new drafts up for discussion covering IPv6 Neighbor Discovery Extensions for Prefix Delegation, IPv6 VPNs, ICMPv6, OAM in Segment Routing Networks with an IPv6 Data plane, allowing low or zero valid lifetimes to be accepted in Router Advertisement Prefix Information Options where it’s known that there can only be one router on the link; as well as introducing a new IPv6 ‘unrecognised’ option for ICMPv6 that conveys whether an underlying network can transmit IPv6 packets.
There are also three working group sponsored drafts, adopted from the last meeting. Privacy Extensions for Stateless Address Autoconfiguration in IPv6 describes an extension that causes nodes to generate global scope addresses from interface identifiers that change over time; IPv6 Segment Routing Header specifies how a node can steer a packet through a controlled set of instructions (segments) by prepending an SR header to the packet; whilst IPv6 Router Advertisement IPv6-Only Flag is an update to RFC 5175 that indicates to hosts that a link is IPv6-only.
NOTE: If you are unable to attend IETF 102 in person, there are multiple ways to participate remotely.
ACE is running parallel with 6MAN, and will be discussing various drafts related to using DTLS, OAuth, and Object Security in RESTful Environments and Proof of Possession for Web Tokens. There is also an important draft on Enrollment over Secure Transport for provisioning certificates over HTTPS.
Then in the afternoon starting at 13.30 EDT/UTC-4, you’ll need to choose between three working groups. The first TLS session of the week (the meeting continues on Thursday afternoon) has several important items related to the deployment of TLS 1.3 and there’s a proposal to formally deprecate TLS versions 1.0 and 1.1.
There’s two other drafts updating DTLS to version 1.3 (see https://tools.ietf.org/html/draft-ietf-tls-dtls13-28 and https://tools.ietf.org/html/draft-ietf-tls-dtls-connection-id-01), and another describing a TLS extension to allow TLS clients to perform DANE authentication of a TLS server without needing to perform additional DNS record lookups. The remaining couple of drafts on the agenda relate to a mechanism that allows for exportable proof of ownership of a certificate that can be transmitted out of band and verified by another party, and on delegating credentials on TLS to allow server operators to
create their own credential delegations without breaking compatibility with clients that do not support this specification.
Over in SIDROPS, there’s three recommendations up for discussion that network operators avoid using the maxLength attribute when issuing Route Origin Authorizations under RPKI; how to improve Origin Validation within a trusted environment; and definition of a RPKI signed object that can be used by Trust Anchors to allow Relying Parties to migrate to new keys. There’s also a couple of profiles being defined for verifying that a Customer AS holder has authorised a Provider AS to be its upstream provider, and for AS Provider Authorization objects to verify the AS_PATH attribute of routes advertised by BGP. Finally, there will be a discussion on validation deployment planning.
There’s just the two drafts being discussed during the IPWAVE meeting, but important ones. The first is an update of the specification for transmitting IPv6 Packets over IEEE 802.11 Networks in Vehicular communications; the other defines the use cases for IP-based vehicular networks.
Relevant Working Groups
- IPv6 Maintenance (6man) – Laurier @ 09.30-12.00 UTC-4
- Authentication and Authorization for Constrained Environments (ace) – Viger @ 09.30-12.00 UTC-4
- IP Wireless Access in Vehicular Environments (ipwave) – Laurier @ 13.30-15.30 UTC-4
- SIDR Operation (sidrops) – Viger @ 13.30-15.30 UTC-4
- Transport Layer Security (tls) – Place du Canada @ 13.30-15.30 UTC-4