summaryrefslogtreecommitdiff
path: root/doc/rfc/rfc8253.txt
diff options
context:
space:
mode:
authorThomas Voss <mail@thomasvoss.com> 2024-11-27 20:54:24 +0100
committerThomas Voss <mail@thomasvoss.com> 2024-11-27 20:54:24 +0100
commit4bfd864f10b68b71482b35c818559068ef8d5797 (patch)
treee3989f47a7994642eb325063d46e8f08ffa681dc /doc/rfc/rfc8253.txt
parentea76e11061bda059ae9f9ad130a9895cc85607db (diff)
doc: Add RFC documents
Diffstat (limited to 'doc/rfc/rfc8253.txt')
-rw-r--r--doc/rfc/rfc8253.txt1459
1 files changed, 1459 insertions, 0 deletions
diff --git a/doc/rfc/rfc8253.txt b/doc/rfc/rfc8253.txt
new file mode 100644
index 0000000..92974c9
--- /dev/null
+++ b/doc/rfc/rfc8253.txt
@@ -0,0 +1,1459 @@
+
+
+
+
+
+
+Internet Engineering Task Force (IETF) D. Lopez
+Request for Comments: 8253 O. Gonzalez de Dios
+Updates: 5440 Telefonica I+D
+Category: Standards Track Q. Wu
+ISSN: 2070-1721 D. Dhody
+ Huawei
+ October 2017
+
+
+ PCEPS: Usage of TLS to Provide a Secure Transport for the
+ Path Computation Element Communication Protocol (PCEP)
+
+Abstract
+
+ The Path Computation Element Communication Protocol (PCEP) defines
+ the mechanisms for the communication between a Path Computation
+ Client (PCC) and a Path Computation Element (PCE), or among PCEs.
+ This document describes PCEPS -- the usage of Transport Layer
+ Security (TLS) to provide a secure transport for PCEP. The
+ additional security mechanisms are provided by the transport protocol
+ supporting PCEP; therefore, they do not affect the flexibility and
+ extensibility of PCEP.
+
+ This document updates RFC 5440 in regards to the PCEP initialization
+ phase procedures.
+
+Status of This Memo
+
+ This is an Internet Standards Track document.
+
+ This document is a product of the Internet Engineering Task Force
+ (IETF). It represents the consensus of the IETF community. It has
+ received public review and has been approved for publication by the
+ Internet Engineering Steering Group (IESG). Further information on
+ Internet Standards is available in Section 2 of RFC 7841.
+
+ Information about the current status of this document, any errata,
+ and how to provide feedback on it may be obtained at
+ https://www.rfc-editor.org/info/rfc8253.
+
+
+
+
+
+
+
+
+
+
+
+
+Lopez, et al. Standards Track [Page 1]
+
+RFC 8253 PCEPS October 2017
+
+
+Copyright Notice
+
+ Copyright (c) 2017 IETF Trust and the persons identified as the
+ document authors. All rights reserved.
+
+ This document is subject to BCP 78 and the IETF Trust's Legal
+ Provisions Relating to IETF Documents
+ (https://trustee.ietf.org/license-info) in effect on the date of
+ publication of this document. Please review these documents
+ carefully, as they describe your rights and restrictions with respect
+ to this document. Code Components extracted from this document must
+ include Simplified BSD License text as described in Section 4.e of
+ the Trust Legal Provisions and are provided without warranty as
+ described in the Simplified BSD License.
+
+ This document may contain material from IETF Documents or IETF
+ Contributions published or made publicly available before November
+ 10, 2008. The person(s) controlling the copyright in some of this
+ material may not have granted the IETF Trust the right to allow
+ modifications of such material outside the IETF Standards Process.
+ Without obtaining an adequate license from the person(s) controlling
+ the copyright in such materials, this document may not be modified
+ outside the IETF Standards Process, and derivative works of it may
+ not be created outside the IETF Standards Process, except to format
+ it for publication as an RFC or to translate it into languages other
+ than English.
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Lopez, et al. Standards Track [Page 2]
+
+RFC 8253 PCEPS October 2017
+
+
+Table of Contents
+
+ 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 4
+ 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 5
+ 3. Applying PCEPS . . . . . . . . . . . . . . . . . . . . . . . 5
+ 3.1. Overview . . . . . . . . . . . . . . . . . . . . . . . . 5
+ 3.2. Initiating TLS Procedures . . . . . . . . . . . . . . . . 5
+ 3.3. The StartTLS Message . . . . . . . . . . . . . . . . . . 8
+ 3.4. TLS Connection Establishment . . . . . . . . . . . . . . 13
+ 3.5. Peer Identity . . . . . . . . . . . . . . . . . . . . . . 15
+ 3.6. Connection Establishment Failure . . . . . . . . . . . . 16
+ 4. Discovery Mechanisms . . . . . . . . . . . . . . . . . . . . 16
+ 4.1. DANE Applicability . . . . . . . . . . . . . . . . . . . 17
+ 5. Backward Compatibility . . . . . . . . . . . . . . . . . . . 17
+ 6. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 18
+ 6.1. New PCEP Message . . . . . . . . . . . . . . . . . . . . 18
+ 6.2. New Error-Values . . . . . . . . . . . . . . . . . . . . 19
+ 7. Security Considerations . . . . . . . . . . . . . . . . . . . 19
+ 8. Manageability Considerations . . . . . . . . . . . . . . . . 20
+ 8.1. Control of Function and Policy . . . . . . . . . . . . . 20
+ 8.2. Information and Data Models . . . . . . . . . . . . . . . 21
+ 8.3. Liveness Detection and Monitoring . . . . . . . . . . . . 21
+ 8.4. Verifying Correct Operations . . . . . . . . . . . . . . 21
+ 8.5. Requirements on Other Protocols . . . . . . . . . . . . . 22
+ 8.6. Impact on Network Operation . . . . . . . . . . . . . . . 22
+ 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 22
+ 9.1. Normative References . . . . . . . . . . . . . . . . . . 22
+ 9.2. Informative References . . . . . . . . . . . . . . . . . 23
+ Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . . 25
+ Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 26
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Lopez, et al. Standards Track [Page 3]
+
+RFC 8253 PCEPS October 2017
+
+
+1. Introduction
+
+ The Path Computation Element Communication Protocol (PCEP) [RFC5440]
+ defines the mechanisms for the communication between a Path
+ Computation Client (PCC) and a Path Computation Element (PCE), or
+ between two PCEs. These interactions include requests and replies
+ that can be critical for a sustainable network operation and adequate
+ resource allocation; therefore, appropriate security becomes a key
+ element in the PCE infrastructure. As the applications of the PCE
+ framework evolve and more complex service patterns emerge, the
+ definition of a secure mode of operation becomes more relevant.
+
+ The Security Considerations section of [RFC5440] analyzes the
+ potential threats to PCEP and their consequences; it also discusses
+ several mechanisms for protecting PCEP against security attacks,
+ without making a specific recommendation on a particular one or
+ defining their application in depth. Moreover, [RFC6952] states the
+ importance of ensuring PCEP communication confidentiality, especially
+ when PCEP communication endpoints do not reside in the same
+ Autonomous System (AS), as the interception of PCEP messages could
+ leak sensitive information related to computed paths and resources.
+
+ Transport Layer Security (TLS) [RFC5246] is one of the solutions that
+ seems most adequate among those mentioned in these documents, as it
+ provides support for peer authentication, message encryption, and
+ integrity. TLS provides well-known mechanisms to support key
+ configuration and exchange, as well as means to perform security
+ checks on the results of PCE Discovery (PCED) procedures via the
+ Interior Gateway Protocol (IGP) [RFC5088] [RFC5089].
+
+ This document describes a security container for the transport of
+ PCEP messages; therefore, it does not affect the flexibility and
+ extensibility of PCEP.
+
+ This document describes how to apply TLS to secure interactions with
+ PCE, including initiation of the TLS procedures, the TLS handshake
+ mechanism, the TLS methods for peer authentication, the applicable
+ TLS ciphersuites for data exchange, and the handling of errors in the
+ security checks. In the rest of this document, we refer to this
+ usage of TLS to provide a secure transport for PCEP as "PCEPS".
+
+ Within this document, PCEP communications are described through a
+ PCC-PCE relationship. The PCE architecture also supports PCE-PCE
+ communication; this is achieved by requesting the PCE to fill the
+ role of a PCC, as usual. Thus, in this document, the PCC refers to a
+ PCC or a PCE initiating the PCEP session and acting as a client.
+
+
+
+
+
+Lopez, et al. Standards Track [Page 4]
+
+RFC 8253 PCEPS October 2017
+
+
+2. Requirements Language
+
+ The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
+ "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
+ "OPTIONAL" in this document are to be interpreted as described in BCP
+ 14 [RFC2119] [RFC8174] when, and only when, they appear in all
+ capitals, as shown here.
+
+3. Applying PCEPS
+
+3.1. Overview
+
+ The steps involved in establishing a PCEPS session are as follows:
+
+ 1. Establishment of a TCP connection.
+
+ 2. Initiation of the TLS procedures by the StartTLS message from PCE
+ to PCC and from PCC to PCE.
+
+ 3. Negotiation and establishment of a TLS connection.
+
+ 4. Start exchange of PCEP messages as per [RFC5440].
+
+ This document uses the standard StartTLS procedure in PCEP instead of
+ using a different port for the secured session. This is done to
+ avoid requesting allocation of another port number for PCEPS. The
+ StartTLS procedure makes more efficient use of scarce port numbers
+ and allows simpler configuration of PCEP.
+
+ Implementations SHOULD follow the best practices and recommendations
+ for using TLS, as per [RFC7525].
+
+ It should be noted that this procedure updates what is defined in
+ Sections 4.2.1 and 6.7 of [RFC5440] regarding the initialization
+ phase and the processing of messages prior to the Open message. The
+ details of processing, including backward compatibility, are
+ discussed in the following sections.
+
+3.2. Initiating TLS Procedures
+
+ Since PCEP can operate either with or without TLS, it is necessary
+ for a PCEP speaker to indicate whether it wants to set up a TLS
+ connection or not. For this purpose, this document specifies a new
+ PCEP message called "StartTLS". Thus, the PCEP session is secured
+ via TLS from the start, before the exchange of any other PCEP message
+ (including the Open message). This document thus updates [RFC5440],
+ which requires the Open message to be the first PCEP message that is
+ exchanged. In the case of a PCEP session using TLS, the StartTLS
+
+
+
+Lopez, et al. Standards Track [Page 5]
+
+RFC 8253 PCEPS October 2017
+
+
+ message will be sent first. Also, a PCEP speaker that supports PCEPS
+ MUST NOT start the OpenWait timer after the TCP establishment;
+ instead, it starts a StartTLSWait timer as described in Section 3.3.
+
+ The PCEP speaker MAY discover that the PCEP peer supports PCEPS or
+ can be preconfigured to use PCEPS for a given peer (see Section 4 for
+ more details). An existing PCEP session cannot be secured via TLS;
+ the session MUST be closed and re-established with TLS as per the
+ procedure described in this document.
+
+ The StartTLS message is a PCEP message sent by a PCC to a PCE and by
+ a PCE to a PCC in order to initiate the TLS procedure for PCEP. The
+ PCC initiates the use of TLS by sending a StartTLS message. The PCE
+ agrees to the use of TLS by responding with its own StartTLS message.
+ If the PCE is configured to only support TLS, it may send the
+ StartTLS message immediately upon TCP connection establishment;
+ otherwise, it MUST wait to see if the PCC's first message is an Open
+ or a StartTLS message. The TLS negotiation and establishment
+ procedures are triggered once the PCEP speaker has sent and received
+ the StartTLS message. The Message-Type field of the PCEP common
+ header for the StartTLS message is set to 13.
+
+ Once the TCP connection has been successfully established, the first
+ message sent by the PCC to the PCE and by the PCE to the PCC MUST be
+ a StartTLS message for PCEPS. Note that this is a significant change
+ from [RFC5440], where the first PCEP message is the Open message.
+
+ A PCEP speaker receiving a StartTLS message, after any other PCEP
+ exchange has taken place (by receiving or sending any other messages
+ from either side), MUST treat it as an unexpected message and reply
+ with a PCEP Error (PCErr) message with Error-Type set to 25 (PCEP
+ StartTLS failure) and Error-value set to 1 (Reception of StartTLS
+ after any PCEP exchange), and it MUST close the TCP connection.
+
+ Any message received prior to the StartTLS or Open message MUST
+ trigger a protocol error condition causing a PCErr message to be sent
+ with Error-Type set to 25 (PCEP StartTLS failure) and Error-value set
+ to 2 (Reception of any other message apart from StartTLS, Open, or
+ PCErr), and it MUST close the TCP connection.
+
+ If the PCEP speaker that does not support PCEPS receives a StartTLS
+ message, it will behave according to the existing error mechanism
+ described in Section 6.2 of [RFC5440] (if the message is received
+ prior to an Open message) or Section 6.9 of [RFC5440] (if an unknown
+ message is received). See Section 5 for more details.
+
+
+
+
+
+
+Lopez, et al. Standards Track [Page 6]
+
+RFC 8253 PCEPS October 2017
+
+
+ If the PCEP speaker that only supports PCEPS connections (as a local
+ policy) receives an Open message, it MUST treat it as an unexpected
+ message and reply with a PCErr message with Error-Type set to 1 (PCEP
+ session establishment failure) and Error-value set to 1 (reception of
+ an invalid Open message or a non Open message), and it MUST close the
+ TCP connection.
+
+ If a PCC supports PCEPS connections and allows non-PCEPS connections
+ (as a local policy), it MUST first try to establish PCEPS by sending
+ a StartTLS message, and in case it receives a PCErr message from the
+ PCE, it MAY retry to establish a connection without PCEPS by sending
+ an Open message. If a PCE supports PCEPS connections and allows
+ non-PCEPS connections (as a local policy), it MUST wait to respond
+ after TCP establishment, based on the message received from the PCC.
+ In case of a StartTLS message, the PCE MUST respond by sending a
+ StartTLS message and moving to TLS establishment procedures as
+ described in this document. In case of an Open message, the PCE MUST
+ respond with an Open message and move to the PCEP session
+ establishment procedure as per [RFC5440]. If a PCE supports PCEPS
+ connections only (as a local policy), it MAY send a StartTLS message
+ to the PCC without waiting to receive a StartTLS message from the
+ PCC.
+
+ If a PCEP speaker that is unwilling or unable to negotiate TLS
+ receives a StartTLS message, it MUST return a PCErr message (in the
+ clear) with Error-Type set to 25 (PCEP StartTLS failure) and Error-
+ value set to:
+
+ o 3 (Failure, connection without TLS is not possible) if it is not
+ willing to exchange PCEP messages without the solicited TLS
+ connection, and it MUST close the TCP session.
+
+ o 4 (Failure, connection without TLS is possible) if it is willing
+ to exchange PCEP messages without the solicited TLS connection,
+ and it MUST close the TCP session. The receiver MAY choose to
+ attempt to re-establish the PCEP session without TLS next.
+ Re-establishing the PCEP session without TLS SHOULD be limited to
+ only one attempt.
+
+ If the PCEP speaker supports PCEPS and can establish a TLS
+ connection, it MUST start the TLS connection negotiation and
+ establishment steps described in Section 3.4 before the PCEP
+ initialization procedure (see Section 4.2.1 of [RFC5440]).
+
+ After the exchange of StartTLS messages, if the TLS negotiation fails
+ for some reason (e.g., the required mechanisms for certificate
+ revocation checking are not available), both peers MUST immediately
+ close the connection.
+
+
+
+Lopez, et al. Standards Track [Page 7]
+
+RFC 8253 PCEPS October 2017
+
+
+ A PCEP speaker that does not support PCEPS sends the Open message
+ directly, as per [RFC5440]. A PCEP speaker that supports PCEPS, but
+ has learned in the last exchange the peer's willingness to
+ re-establish the session without TLS, MAY send the Open message
+ directly, as per [RFC5440]. Re-establishing the PCEP session without
+ TLS SHOULD be limited to only one attempt.
+
+ Given the asymmetric nature of TLS for connection establishment, it
+ is relevant to identify the roles of each of the PCEP peers in it.
+ The PCC SHALL act as the TLS client, and the PCE SHALL act as the TLS
+ server as per [RFC5246].
+
+ As per the recommendation from [RFC7525] to avoid downgrade attacks,
+ PCEP peers that support PCEPS SHOULD default to strict TLS
+ configuration, i.e., not allowing non-TLS PCEP sessions to be
+ established. PCEPS implementations MAY provide an option to allow
+ the operator to manually override strict TLS configuration and allow
+ unsecured connections. Execution of this override SHOULD trigger a
+ warning about the security implications of permitting unsecured
+ connections.
+
+3.3. The StartTLS Message
+
+ The StartTLS message is used to initiate the TLS procedure for a
+ PCEPS session between the PCEP peers. A PCEP speaker sends the
+ StartTLS message to request negotiation and establishment of a TLS
+ connection for PCEP. On receiving a StartTLS message from the PCEP
+ peer (i.e., when the PCEP speaker has sent and received the StartTLS
+ message), it is ready to start the negotiation and establishment of
+ TLS and move to the steps described in Section 3.4.
+
+ The collision resolution procedures described in [RFC5440] for the
+ exchange of Open messages MUST be applied by the PCEP peers during
+ the exchange of StartTLS messages.
+
+ The format of a StartTLS message is as follows:
+
+ <StartTLS Message>::= <Common Header>
+
+ The StartTLS message MUST contain only the PCEP common header with
+ the Message-Type field set to 13.
+
+ Once the TCP connection has been successfully established, the PCEP
+ speaker MUST start a timer called the "StartTLSWait timer". After
+ the expiration of this timer, if neither the StartTLS message nor a
+ PCErr/Open message (in case of failure and PCEPS not being supported
+ by the peer, respectively) has been received, the PCEP speaker MUST
+ send a PCErr message with Error-Type set to 25 (PCEP StartTLS
+
+
+
+Lopez, et al. Standards Track [Page 8]
+
+RFC 8253 PCEPS October 2017
+
+
+ failure) and Error-value set to 5 (No StartTLS message (nor PCErr/
+ Open) before StartTLSWait timer expiry), and it MUST release the TCP
+ connection. A RECOMMENDED value for the StartTLSWait timer is 60
+ seconds. The value of the StartTLSWait timer MUST NOT be less than
+ that of the OpenWait timer.
+
+ The following figures illustrate the various interactions between a
+ PCC and a PCE, based on the support for the PCEPS capability, during
+ the PCEP session initialization.
+
+ +-+-+ +-+-+
+ |PCC| |PCE|
+ +-+-+ +-+-+
+ | |
+ | StartTLS |
+ | msg |
+ |------- |
+ | \ StartTLS |
+ | \ msg |
+ | \ ---------|
+ | \/ |
+ | /\ |
+ | / -------->|
+ | / |
+ |<------ |
+ |:::::::::TLS:::::::::|
+ |:::::Establishment:::|
+ | |
+ | |
+ |:::::::PCEP::::::::::|
+ | |
+
+ Figure 1: Both PCEP speakers support PCEPS (strict)
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Lopez, et al. Standards Track [Page 9]
+
+RFC 8253 PCEPS October 2017
+
+
+ +-+-+ +-+-+
+ |PCC| |PCE|
+ +-+-+ +-+-+
+ | |
+ | StartTLS |
+ | msg |
+ |------- |
+ | \ StartTLS |
+ | \ msg |
+ | \ ---------|
+ | \/ |
+ | /\ |
+ | / -------->|
+ | / |
+ |<------ |
+ |:::::::::TLS:::::::::| TLS Establishment
+ |:::::Establishment:::| Failure; both
+ | | peers close
+ the session
+
+ Figure 2: Both PCEP speakers support PCEPS (strict) but cannot
+ establish TLS
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Lopez, et al. Standards Track [Page 10]
+
+RFC 8253 PCEPS October 2017
+
+
+ +-+-+ +-+-+
+ |PCC| |PCE|
+ +-+-+ +-+-+
+ | | Does not support
+ | StartTLS | PCEPS and thus
+ | msg | sends Open
+ |------- |
+ | \ Open |
+ | \ msg |
+ | \ ---------|
+ | \/ |
+ | /\ |
+ | / -------->|
+ | / |
+ |<------ |
+ | |
+ |<--------------------| Send Error
+ | PCErr | Type=1,Value=1
+ | | (non-Open message
+ |<--------------------| received)
+ | Close |
+ ///////// TCP /////////
+ //////re-establish/////
+ Send Open | Open |
+ this time | msg |
+ |------- |
+ | \ Open |
+ | \ msg |
+ | \ ---------|
+ | \/ |
+ | /\ |
+ | / -------->|
+ | / |
+ |<------ |
+
+ Figure 3: PCE does not support connection with PCEPS, whereas PCC
+ supports connection with or without PCEPS
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Lopez, et al. Standards Track [Page 11]
+
+RFC 8253 PCEPS October 2017
+
+
+ +-+-+ +-+-+
+ |PCC| |PCE|
+ +-+-+ +-+-+
+ | |
+ | StartTLS |
+ | msg | PCE waits
+ |-------------------->| for PCC and
+ | StartTLS | responds with
+ |<--------------------| Start TLS
+ | |
+ |:::::::::TLS:::::::::|
+ |:::::Establishment:::|
+ | |
+ | |
+ |:::::::PCEP::::::::::|
+ | |
+
+ Figure 4: Both PCEP speakers support connection with or without PCEPS
+
+
+ +-+-+ +-+-+
+ |PCC| |PCE|
+ +-+-+ +-+-+
+ | |
+ | StartTLS |
+ | msg | PCE waits
+ |-------------------->| for PCC
+ | PCErr |
+ |<--------------------| Send Error
+ | | Type=25,Value=3
+ | | (Failure, connection
+ |<--------------------| without TLS is not
+ | Close | possible)
+
+ Figure 5: Both PCEP speakers support connection with or without
+ PCEPS, but PCE cannot start TLS negotiation
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Lopez, et al. Standards Track [Page 12]
+
+RFC 8253 PCEPS October 2017
+
+
+ +-+-+ +-+-+
+ |PCC| |PCE|
+ +-+-+ +-+-+
+ | |
+ | Open |
+ | msg | PCE waits
+ |-------------------->| for PCC and
+ | Open | responds with
+ |<--------------------| Open
+ | |
+ |:::::::PCEP::::::::::|
+ | |
+
+ Figure 6: PCE supports connection with or without PCEPS, whereas PCC
+ does not support connection with PCEPS
+
+3.4. TLS Connection Establishment
+
+ Once the establishment of TLS has been agreed upon by the PCEP peers,
+ the connection establishment SHALL follow the following steps:
+
+ 1. Immediately negotiate a TLS session according to [RFC5246]. The
+ following restrictions apply:
+
+ * Support for TLS v1.2 [RFC5246] or later is REQUIRED.
+
+ * Support for certificate-based mutual authentication is
+ REQUIRED.
+
+ * Negotiation of a ciphersuite providing for integrity
+ protection is REQUIRED.
+
+ * Negotiation of a ciphersuite providing for confidentiality is
+ RECOMMENDED.
+
+ * Support for and negotiation of compression is OPTIONAL.
+
+ * PCEPS implementations MUST, at a minimum, support negotiation
+ of the TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 [RFC6460] and
+ SHOULD support TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 as
+ well. Implementations SHOULD support the NIST P-256
+ (secp256r1) curve [RFC4492]. In addition, PCEPS
+ implementations MUST support negotiation of the
+ mandatory-to-implement ciphersuites required by the versions
+ of TLS that they support from TLS 1.3 onwards.
+
+
+
+
+
+
+Lopez, et al. Standards Track [Page 13]
+
+RFC 8253 PCEPS October 2017
+
+
+ 2. Peer authentication can be performed in any of the following two
+ REQUIRED operation models:
+
+ * TLS with X.509 certificates using Public-Key Infrastructure
+ Exchange (PKIX) trust models:
+
+ + Implementations MUST allow the configuration of a list of
+ trusted Certification Authorities (CAs) for incoming
+ connections.
+
+ + Certificate validation MUST include the verification rules
+ as per [RFC5280].
+
+ + PCEPS implementations SHOULD incorporate revocation methods
+ (Certificate Revocation List (CRL) downloading, Online
+ Certificate Status Protocol (OCSP), etc.) according to the
+ trusted CA policies.
+
+ + Implementations SHOULD indicate their trusted CAs. For TLS
+ 1.2, this is done using "certificate_authorities" on the
+ server side (see Section 7.4.4 of [RFC5246]) and the
+ "TrustedAuthorities" extension on the client side (see
+ Section 6 of [RFC6066]).
+
+ + Implementations MUST follow the rules and guidelines for
+ peer validation as defined in [RFC6125]. If an expected
+ DNS name or IP address for the peer is configured, then the
+ implementations MUST check them against the values in the
+ presented certificate. The DNS names and the IP addresses
+ can be contained in the Common Name Identifier (CN-ID)
+ [RFC6125] or the subjectAltName entries. For verification,
+ only one of these entries is considered. The following
+ precedence applies: for DNS name validation, DNS-ID
+ [RFC6125] has precedence over CN-ID, and for IP address
+ validation, subjectAltName:iPAddr has precedence over
+ CN-ID.
+
+ + Implementations MAY allow the configuration of a set of
+ additional properties of the certificate to check for a
+ peer's authorization to communicate (e.g., a set of allowed
+ values in URI-ID [RFC6125] or a set of allowed X.509 v3
+ Certificate Policies). The definitions of these properties
+ are out of scope of this document.
+
+ * TLS with X.509 certificates using certificate fingerprints:
+ Implementations MUST allow the configuration of a list of
+ certificates that are trusted to identify peers, identified
+ via the fingerprint of certificate octets encoded by the
+
+
+
+Lopez, et al. Standards Track [Page 14]
+
+RFC 8253 PCEPS October 2017
+
+
+ Distinguished Encoding Rules (DER). Implementations MUST
+ support SHA-256 as defined by [SHS] as the hash algorithm for
+ the fingerprint, but a later revision may demand support for a
+ stronger hash function.
+
+ 3. Start exchanging PCEP messages.
+
+ * Once the TLS connection has been successfully established, the
+ PCEP speaker MUST start the OpenWait timer [RFC5440]; after
+ the expiration of this timer, if no Open message has been
+ received, the PCEP speaker sends a PCErr message and releases
+ the TCP/TLS connection.
+
+3.5. Peer Identity
+
+ Depending on the peer authentication method in use, PCEPS supports
+ different operation modes to establish a peer's identity and whether
+ it is entitled to perform requests or can be considered authoritative
+ in its replies. PCEPS implementations SHOULD provide mechanisms for
+ associating peer identities with different levels of access and/or
+ authoritativeness, and they MUST provide a mechanism for establishing
+ a default level for properly identified peers. Any connection
+ established with a peer that cannot be properly identified SHALL be
+ terminated before any PCEP exchange takes place.
+
+ In TLS X.509 mode using fingerprints, a peer is uniquely identified
+ by the fingerprint of the presented certificate.
+
+ There are numerous trust models in PKIX environments, and it is
+ beyond the scope of this document to define how a particular
+ deployment determines whether a peer is trustworthy. Implementations
+ that want to support a wide variety of trust models should expose as
+ many details of the presented certificate to the administrator as
+ possible so that the trust model can be implemented by the
+ administrator. At least the following parameters of the X.509
+ certificate SHOULD be exposed:
+
+ o Peer's IP Address
+
+ o Peer's Fully Qualified Domain Name (FQDN)
+
+ o Certificate Fingerprint
+
+ o Issuer
+
+ o Subject
+
+ o All X.509 v3 Extended Key Usage
+
+
+
+Lopez, et al. Standards Track [Page 15]
+
+RFC 8253 PCEPS October 2017
+
+
+ o All X.509 v3 Subject Alternative Name
+
+ o All X.509 v3 Certificate Policies
+
+ Note that the remote IP address used for the TCP session
+ establishment is also exposed.
+
+ [RFC8232] specifies a Speaker Entity Identifier TLV
+ (SPEAKER-ENTITY-ID) as an optional TLV that is included in the OPEN
+ object. It contains a unique identifier for the node that does not
+ change during the lifetime of the PCEP speaker. An implementation
+ would thus expose the speaker entity identifier as part of the X.509
+ v3 certificate's subjectAltName:otherName, so that an implementation
+ could use this identifier for the peer identification trust model.
+
+ In addition, a PCC MAY apply the procedures described in "DNS-Based
+ Authentication of Named Entities (DANE)" [RFC6698] to verify its peer
+ identity when using DNS discovery. See Section 4.1 for further
+ details.
+
+3.6. Connection Establishment Failure
+
+ In case the initial TLS negotiation or the peer identity check fails,
+ according to the procedures listed in this document, both peers MUST
+ immediately close the connection.
+
+ The initiator SHOULD follow the procedure listed in [RFC5440] to
+ retry session setup as per the exponential back-off session
+ establishment retry procedure.
+
+4. Discovery Mechanisms
+
+ This document does not specify any discovery mechanism for support of
+ PCEPS. [PCE-DISCOVERY-PCEPS-SUPPORT] and [PCE-DISCOVERY-DNS] make
+ the following proposals:
+
+ o A PCE can advertise its capability to support PCEPS using the
+ IGP's advertisement mechanism of the PCED information. The
+ PCE-CAP-FLAGS sub-TLV is an optional sub-TLV used to advertise PCE
+ capabilities. It is present within the PCED sub-TLV carried by
+ OSPF or IS-IS. [RFC5088] and [RFC5089] provide the description
+ and processing rules for this sub-TLV when carried within OSPF and
+ IS-IS, respectively. PCE capability bits are defined in
+ [RFC5088]. A new capability flag bit for the PCE-CAP-FLAGS
+ sub-TLV that can be announced as an attribute to distribute PCEP
+ security support information is proposed in
+ [PCE-DISCOVERY-PCEPS-SUPPORT].
+
+
+
+
+Lopez, et al. Standards Track [Page 16]
+
+RFC 8253 PCEPS October 2017
+
+
+ o A PCE can advertise its capability to support PCEPS using DNS
+ [PCE-DISCOVERY-DNS] by identifying the support of TLS.
+
+4.1. DANE Applicability
+
+ DANE [RFC6698] defines a secure method to associate the certificate
+ that is obtained from a TLS server with a domain name using DNS,
+ i.e., using the TLSA DNS resource record (RR) to associate a TLS
+ server certificate or public key with the domain name where the
+ record is found, thus forming a "TLSA certificate association". The
+ DNS information needs to be protected by DNS Security (DNSSEC). A
+ PCC willing to apply DANE to verify server identity MUST conform to
+ the rules defined in Section 4 of [RFC6698]. The implementation MUST
+ support service certificate constraint (TLSA certificate usages type
+ 1) with Matching type 1 (SHA2-256) as described in [RFC6698] and
+ [RFC7671]. The server's domain name must be authorized separately,
+ as TLSA does not provide any useful authorization guarantees.
+
+5. Backward Compatibility
+
+ The procedures described in this document define a security container
+ for the transport of PCEP requests and replies carried by a TLS
+ connection initiated by means of a specific extended message
+ (StartTLS) that does not interfere with PCEP speaker implementations
+ not supporting it.
+
+ A PCC that does not support PCEPS will send an Open message as the
+ first message on TCP establishment. A PCE that only supports PCEPS
+ will send a StartTLS message on TCP establishment. The PCC would
+ consider the received StartTLS message as an error and behave
+ according to the existing error mechanism of [RFC5440], i.e., it
+ would send a PCErr message with Error-Type 1 (PCEP session
+ establishment failure) and Error-value 1 (reception of an invalid
+ Open message or a non Open message) and close the session.
+
+ A PCC that support PCEPS will send a StartTLS message as the first
+ message on TCP establishment. A PCE that does not support PCEPS
+ would consider receiving a StartTLS message as an error, respond with
+ a PCErr message with Error-Type 1 (PCEP session establishment
+ failure) and Error-value 1 (reception of an invalid Open message or a
+ non Open message), and close the session.
+
+ If a StartTLS message is received at any other time by a PCEP speaker
+ that does not implement PCEPS, it would consider it as an unknown
+ message and would behave according to the existing error mechanism of
+ [RFC5440], i.e., it would send a PCErr message with Error-Type 2
+ (Capability not supported) and close the session.
+
+
+
+
+Lopez, et al. Standards Track [Page 17]
+
+RFC 8253 PCEPS October 2017
+
+
+ An existing PCEP session cannot be upgraded to PCEPS; the session
+ needs to be terminated and re-established as per the procedure
+ described in this document. During the incremental upgrade, the PCEP
+ speaker SHOULD allow session establishment with and without TLS.
+ Once both PCEP speakers are upgraded to support PCEPS, the PCEP
+ session is re-established with TLS; otherwise, a PCEP session without
+ TLS is set up. A redundant PCE MAY also be used during the
+ incremental deployment to take over the PCE undergoing upgrade. Once
+ the upgrade is completed, support for the unsecured version SHOULD be
+ removed.
+
+ A PCE that accepts connections with or without PCEPS would respond
+ based on the message received from the PCC. A PCC that supports
+ connection with or without PCEPS would first attempt to connect with
+ PCEPS, and in case of error, it MAY retry to establish connection
+ without PCEPS. For successful TLS operations with PCEP, both PCEP
+ peers in the network would need to be upgraded to support this
+ document.
+
+ Note that a PCEP implementation that supports PCEPS would respond
+ with a PCErr message with Error-Type set to 25 (PCEP StartTLS
+ failure) and Error-value set to 2 (Reception of any other message
+ apart from StartTLS, Open, or PCErr) if any other message is sent
+ before a StartTLS or Open message. If the sender of the invalid
+ message is a PCEP implementation that does not support PCEPS, it will
+ not be able to understand this error. A PCEPS implementation could
+ also send the PCErr message as per [RFC5440] with Error-Type 1 (PCEP
+ session establishment failure) and Error-value 1 (reception of an
+ invalid Open message or a non Open message) before closing the
+ session.
+
+6. IANA Considerations
+
+6.1. New PCEP Message
+
+ The following new message type has been allocated within the "PCEP
+ Messages" sub-registry of the "Path Computation Element Protocol
+ (PCEP) Numbers" registry:
+
+ Value Description Reference
+ -------------------------------------------------------
+ 13 StartTLS This document
+
+
+
+
+
+
+
+
+
+Lopez, et al. Standards Track [Page 18]
+
+RFC 8253 PCEPS October 2017
+
+
+6.2. New Error-Values
+
+ The following new error types and error values have been allocated
+ within the "PCEP-ERROR Object Error Types and Values" sub-registry of
+ the "Path Computation Element Protocol (PCEP) Numbers" registry:
+
+ Error-Type Meaning Error-value Reference
+ ---------------------------------------------------------------------
+ 25 PCEP StartTLS 0: Unassigned This document
+ failure
+ 1: Reception of This document
+ StartTLS after
+ any PCEP exchange
+
+ 2: Reception of This document
+ any other message
+ apart from StartTLS,
+ Open, or PCErr
+
+ 3: Failure, connection This document
+ without TLS is not
+ possible
+
+ 4: Failure, connection This document
+ without TLS is
+ possible
+
+ 5: No StartTLS message This document
+ (nor PCErr/Open)
+ before StartTLSWait
+ timer expiry
+
+7. Security Considerations
+
+ While the application of TLS satisfies the requirement on
+ confidentiality as well as fine-grained, policy-based peer
+ authentication, there are security threats that it cannot address.
+ It may be advisable to apply additional protection measures, in
+ particular in what relates to attacks specifically addressed to
+ forging the TCP connection underpinning TLS, especially in the case
+ of long-lived connections. One of these measures is the application
+ of the TCP Authentication Option (TCP-AO) [RFC5925], which is fully
+ compatible with and deemed as complementary to TLS. The mechanisms
+ to configure the requirements to use TCP-AO and other lower-layer
+ protection measures with a particular peer are outside the scope of
+ this document.
+
+
+
+
+
+Lopez, et al. Standards Track [Page 19]
+
+RFC 8253 PCEPS October 2017
+
+
+ Since computational resources required by the TLS handshake and
+ ciphersuite are higher than unencrypted TCP, clients connecting to a
+ PCEPS server can more easily create high-load conditions, and a
+ malicious client might create a denial-of-service attack more easily.
+
+ Some TLS ciphersuites only provide integrity validation of their
+ payload and provide no encryption; such ciphersuites SHOULD NOT be
+ used by default. Administrators MAY allow the usage of these
+ ciphersuites after careful weighting of the risk of relevant internal
+ data leakage that can occur in such a case, as explicitly stated by
+ [RFC6952].
+
+ When using certificate fingerprints to identify PCEPS peers, any two
+ certificates that produce the same hash value will be considered the
+ same peer. Therefore, it is important to make sure that the hash
+ function used is cryptographically uncompromised, so that attackers
+ are very unlikely to be able to produce a hash collision with a
+ certificate of their choice. This document mandates support for
+ SHA-256 as defined by [SHS], but a later revision may demand support
+ for stronger functions if suitable attacks on it are known.
+
+ PCEPS implementations that continue to accept connections without TLS
+ are susceptible to downgrade attacks as described in [RFC7457]. An
+ attacker could attempt to remove the use of StartTLS messages that
+ request the use of TLS as it pass on the wire in clear and could also
+ attempt to inject a PCErr message that suggests attempting PCEP
+ connection without TLS.
+
+ The guidance given in [RFC7525] SHOULD be followed to avoid attacks
+ on TLS.
+
+8. Manageability Considerations
+
+ All manageability requirements and considerations listed in [RFC5440]
+ apply to PCEP protocol extensions defined in this document. In
+ addition, requirements and considerations listed in this section
+ apply.
+
+8.1. Control of Function and Policy
+
+ A PCE or PCC implementation SHOULD allow configuring the PCEP
+ security via TLS capabilities as described in this document.
+
+ A PCE or PCC implementation supporting PCEP security via TLS MUST
+ support general TLS configuration as per [RFC5246]. At least the
+ configuration of one of the trust models and its corresponding
+ parameters, as described in Sections 3.4 and 3.5, MUST be supported
+ by the implementation.
+
+
+
+Lopez, et al. Standards Track [Page 20]
+
+RFC 8253 PCEPS October 2017
+
+
+ A PCEPS implementation SHOULD allow configuring the StartTLSWait
+ timer value.
+
+ PCEPS implementations MAY provide an option to allow the operator to
+ manually override strict TLS configuration and allow unsecure
+ connections. Execution of this override SHOULD trigger a warning
+ about the security implications of permitting unsecure connections.
+
+ Further, the operator needs to develop suitable security policies
+ around PCEP within his network. The PCEP peers SHOULD provide ways
+ for the operator to complete the following tasks in regards to a PCEP
+ session:
+
+ o Determine if a session is protected via PCEPS.
+
+ o Determine the version of TLS, the mechanism used for
+ authentication, and the ciphersuite in use.
+
+ o Determine if the certificate could not be verified and the reason
+ for this circumstance.
+
+ o Inspect the certificate offered by the PCEP peer.
+
+ o Be warned if the StartTLS procedure fails for the PCEP peers that
+ are known to support PCEPS via configurations or capability
+ advertisements.
+
+8.2. Information and Data Models
+
+ The PCEP MIB module is defined in [RFC7420]. The MIB module could be
+ extended to include the ability to view the PCEPS capability,
+ TLS-related information, and the TLS status for each PCEP peer.
+
+ Further, to allow the operator to configure the PCEPS capability and
+ various TLS-related parameters as well as to view the current TLS
+ status for a PCEP session, the PCEP YANG module [PCEP-YANG] is
+ extended to include TLS-related information.
+
+8.3. Liveness Detection and Monitoring
+
+ Mechanisms defined in this document do not imply any new liveness
+ detection and monitoring requirements in addition to those already
+ listed in [RFC5440] and [RFC5246].
+
+8.4. Verifying Correct Operations
+
+ A PCEPS implementation SHOULD log error events and provide PCEPS
+ failure statistics with reasons.
+
+
+
+Lopez, et al. Standards Track [Page 21]
+
+RFC 8253 PCEPS October 2017
+
+
+8.5. Requirements on Other Protocols
+
+ Mechanisms defined in this document do not imply any new requirements
+ on other protocols. Note that Section 4 lists possible discovery
+ mechanisms for support of PCEPS.
+
+8.6. Impact on Network Operation
+
+ Mechanisms defined in this document do not have any significant
+ impact on network operations in addition to those already listed in
+ [RFC5440] and on the policy and management implications discussed
+ above.
+
+9. References
+
+9.1. Normative References
+
+ [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
+ Requirement Levels", BCP 14, RFC 2119,
+ DOI 10.17487/RFC2119, March 1997,
+ <https://www.rfc-editor.org/info/rfc2119>.
+
+ [RFC5246] Dierks, T. and E. Rescorla, "The Transport Layer Security
+ (TLS) Protocol Version 1.2", RFC 5246,
+ DOI 10.17487/RFC5246, August 2008,
+ <https://www.rfc-editor.org/info/rfc5246>.
+
+ [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
+ Housley, R., and W. Polk, "Internet X.509 Public Key
+ Infrastructure Certificate and Certificate Revocation List
+ (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
+ <https://www.rfc-editor.org/info/rfc5280>.
+
+ [RFC5440] Vasseur, JP., Ed. and JL. Le Roux, Ed., "Path Computation
+ Element (PCE) Communication Protocol (PCEP)", RFC 5440,
+ DOI 10.17487/RFC5440, March 2009,
+ <https://www.rfc-editor.org/info/rfc5440>.
+
+ [RFC6066] Eastlake 3rd, D., "Transport Layer Security (TLS)
+ Extensions: Extension Definitions", RFC 6066,
+ DOI 10.17487/RFC6066, January 2011,
+ <https://www.rfc-editor.org/info/rfc6066>.
+
+
+
+
+
+
+
+
+
+Lopez, et al. Standards Track [Page 22]
+
+RFC 8253 PCEPS October 2017
+
+
+ [RFC6125] Saint-Andre, P. and J. Hodges, "Representation and
+ Verification of Domain-Based Application Service Identity
+ within Internet Public Key Infrastructure Using X.509
+ (PKIX) Certificates in the Context of Transport Layer
+ Security (TLS)", RFC 6125, DOI 10.17487/RFC6125, March
+ 2011, <https://www.rfc-editor.org/info/rfc6125>.
+
+ [RFC6698] Hoffman, P. and J. Schlyter, "The DNS-Based Authentication
+ of Named Entities (DANE) Transport Layer Security (TLS)
+ Protocol: TLSA", RFC 6698, DOI 10.17487/RFC6698, August
+ 2012, <https://www.rfc-editor.org/info/rfc6698>.
+
+ [RFC7525] Sheffer, Y., Holz, R., and P. Saint-Andre,
+ "Recommendations for Secure Use of Transport Layer
+ Security (TLS) and Datagram Transport Layer Security
+ (DTLS)", BCP 195, RFC 7525, DOI 10.17487/RFC7525, May
+ 2015, <https://www.rfc-editor.org/info/rfc7525>.
+
+ [RFC7671] Dukhovni, V. and W. Hardaker, "The DNS-Based
+ Authentication of Named Entities (DANE) Protocol: Updates
+ and Operational Guidance", RFC 7671, DOI 10.17487/RFC7671,
+ October 2015, <https://www.rfc-editor.org/info/rfc7671>.
+
+ [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
+ 2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
+ May 2017, <https://www.rfc-editor.org/info/rfc8174>.
+
+ [SHS] National Institute of Standards and Technology, "Secure
+ Hash Standard (SHS)", FIPS PUB 180-4,
+ DOI 10.6028/NIST.FIPS.180-4, August 2015,
+ <http://nvlpubs.nist.gov/nistpubs/FIPS/
+ NIST.FIPS.180-4.pdf>.
+
+9.2. Informative References
+
+ [PCE-DISCOVERY-DNS]
+ Wu, Q., Dhody, D., King, D., Lopez, D., and J. Tantsura,
+ "Path Computation Element (PCE) Discovery using Domain
+ Name System(DNS)", Work in Progress, draft-wu-pce-dns-pce-
+ discovery-10, March 2017.
+
+ [PCE-DISCOVERY-PCEPS-SUPPORT]
+ Lopez, D., Wu, Q., Dhody, D., Wang, Z., and D. King, "IGP
+ extension for PCEP security capability support in the PCE
+ discovery", Work in Progress, draft-wu-pce-discovery-
+ pceps-support-07, March 2017.
+
+
+
+
+
+Lopez, et al. Standards Track [Page 23]
+
+RFC 8253 PCEPS October 2017
+
+
+ [PCEP-YANG]
+ Dhody, D., Hardwick, J., Beeram, V., and J. Tantsura, "A
+ YANG Data Model for Path Computation Element
+ Communications Protocol (PCEP)", Work in Progress,
+ draft-ietf-pce-pcep-yang-05, July 2017.
+
+ [RFC4492] Blake-Wilson, S., Bolyard, N., Gupta, V., Hawk, C., and B.
+ Moeller, "Elliptic Curve Cryptography (ECC) Cipher Suites
+ for Transport Layer Security (TLS)", RFC 4492,
+ DOI 10.17487/RFC4492, May 2006,
+ <https://www.rfc-editor.org/info/rfc4492>.
+
+ [RFC4513] Harrison, R., Ed., "Lightweight Directory Access Protocol
+ (LDAP): Authentication Methods and Security Mechanisms",
+ RFC 4513, DOI 10.17487/RFC4513, June 2006,
+ <https://www.rfc-editor.org/info/rfc4513>.
+
+ [RFC5088] Le Roux, JL., Ed., Vasseur, JP., Ed., Ikejiri, Y., and R.
+ Zhang, "OSPF Protocol Extensions for Path Computation
+ Element (PCE) Discovery", RFC 5088, DOI 10.17487/RFC5088,
+ January 2008, <https://www.rfc-editor.org/info/rfc5088>.
+
+ [RFC5089] Le Roux, JL., Ed., Vasseur, JP., Ed., Ikejiri, Y., and R.
+ Zhang, "IS-IS Protocol Extensions for Path Computation
+ Element (PCE) Discovery", RFC 5089, DOI 10.17487/RFC5089,
+ January 2008, <https://www.rfc-editor.org/info/rfc5089>.
+
+ [RFC5925] Touch, J., Mankin, A., and R. Bonica, "The TCP
+ Authentication Option", RFC 5925, DOI 10.17487/RFC5925,
+ June 2010, <https://www.rfc-editor.org/info/rfc5925>.
+
+ [RFC6460] Salter, M. and R. Housley, "Suite B Profile for Transport
+ Layer Security (TLS)", RFC 6460, DOI 10.17487/RFC6460,
+ January 2012, <https://www.rfc-editor.org/info/rfc6460>.
+
+ [RFC6614] Winter, S., McCauley, M., Venaas, S., and K. Wierenga,
+ "Transport Layer Security (TLS) Encryption for RADIUS",
+ RFC 6614, DOI 10.17487/RFC6614, May 2012,
+ <https://www.rfc-editor.org/info/rfc6614>.
+
+ [RFC6952] Jethanandani, M., Patel, K., and L. Zheng, "Analysis of
+ BGP, LDP, PCEP, and MSDP Issues According to the Keying
+ and Authentication for Routing Protocols (KARP) Design
+ Guide", RFC 6952, DOI 10.17487/RFC6952, May 2013,
+ <https://www.rfc-editor.org/info/rfc6952>.
+
+
+
+
+
+
+Lopez, et al. Standards Track [Page 24]
+
+RFC 8253 PCEPS October 2017
+
+
+ [RFC7420] Koushik, A., Stephan, E., Zhao, Q., King, D., and J.
+ Hardwick, "Path Computation Element Communication Protocol
+ (PCEP) Management Information Base (MIB) Module",
+ RFC 7420, DOI 10.17487/RFC7420, December 2014,
+ <https://www.rfc-editor.org/info/rfc7420>.
+
+ [RFC7457] Sheffer, Y., Holz, R., and P. Saint-Andre, "Summarizing
+ Known Attacks on Transport Layer Security (TLS) and
+ Datagram TLS (DTLS)", RFC 7457, DOI 10.17487/RFC7457,
+ February 2015, <https://www.rfc-editor.org/info/rfc7457>.
+
+ [RFC8232] Crabbe, E., Minei, I., Medved, J., Varga, R., Zhang, X.,
+ and D. Dhody, "Optimizations of Label Switched Path State
+ Synchronization Procedures for a Stateful PCE", RFC 8232,
+ DOI 10.17487/RFC8232, September 2017,
+ <https://www.rfc-editor.org/info/rfc8232>.
+
+Acknowledgements
+
+ This specification relies on the analysis and profiling of TLS
+ included in [RFC6614] and the procedures described for the StartTLS
+ command in [RFC4513].
+
+ We would like to thank Joe Touch for his suggestions and support
+ regarding the StartTLS mechanisms.
+
+ Thanks to Daniel King for reminding the authors about manageability
+ considerations.
+
+ Thanks to Cyril Margaria for shepherding this document.
+
+ Thanks to David Mandelberg for early SECDIR review comments as well
+ as further review during IETF last call.
+
+ Thanks to Dan Frost for the RTGDIR review and comments.
+
+ Thanks to Dale Worley for the Gen-ART review and comments.
+
+ Thanks to Tianran Zhou for the OPSDIR review.
+
+ Thanks to Deborah Brungard for being the responsible AD and guiding
+ the authors as needed.
+
+ Also, thanks to Mirja Kuhlewind, Eric Rescorla, Warren Kumari,
+ Kathleen Moriarty, Suresh Krishnan, Ben Campbell, and Alexey Melnikov
+ for the IESG review and comments.
+
+
+
+
+
+Lopez, et al. Standards Track [Page 25]
+
+RFC 8253 PCEPS October 2017
+
+
+Authors' Addresses
+
+ Diego R. Lopez
+ Telefonica I+D
+ Don Ramon de la Cruz, 82
+ Madrid 28006
+ Spain
+
+ Phone: +34 913 129 041
+ Email: diego.r.lopez@telefonica.com
+
+
+ Oscar Gonzalez de Dios
+ Telefonica I+D
+ Don Ramon de la Cruz, 82
+ Madrid 28006
+ Spain
+
+ Phone: +34 913 129 041
+ Email: oscar.gonzalezdedios@telefonica.com
+
+
+ Qin Wu
+ Huawei
+ 101 Software Avenue, Yuhua District
+ Nanjing, Jiangsu 210012
+ China
+
+ Email: sunseawq@huawei.com
+
+
+ Dhruv Dhody
+ Huawei
+ Divyashree Techno Park, Whitefield
+ Bangalore, KA 560066
+ India
+
+ Email: dhruv.ietf@gmail.com
+
+
+
+
+
+
+
+
+
+
+
+
+
+Lopez, et al. Standards Track [Page 26]
+