From 4bfd864f10b68b71482b35c818559068ef8d5797 Mon Sep 17 00:00:00 2001
From: Thomas Voss <mail@thomasvoss.com>
Date: Wed, 27 Nov 2024 20:54:24 +0100
Subject: doc: Add RFC documents

---
 doc/rfc/rfc7944.txt | 1011 +++++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 1011 insertions(+)
 create mode 100644 doc/rfc/rfc7944.txt

(limited to 'doc/rfc/rfc7944.txt')

diff --git a/doc/rfc/rfc7944.txt b/doc/rfc/rfc7944.txt
new file mode 100644
index 0000000..63e0f12
--- /dev/null
+++ b/doc/rfc/rfc7944.txt
@@ -0,0 +1,1011 @@
+
+
+
+
+
+
+Internet Engineering Task Force (IETF)                        S. Donovan
+Request for Comments: 7944                                        Oracle
+Category: Standards Track                                    August 2016
+ISSN: 2070-1721
+
+
+                   Diameter Routing Message Priority
+
+Abstract
+
+   When making routing and resource allocation decisions, Diameter nodes
+   currently have no generic mechanism to determine the relative
+   priority of Diameter messages.  This document addresses this by
+   defining a mechanism to allow Diameter endpoints to indicate the
+   relative priority of Diameter transactions.  With this information,
+   Diameter nodes can factor that priority into routing, resource
+   allocation, and overload abatement decisions.
+
+Status of This Memo
+
+   This is an Internet Standards Track document.
+
+   This document is a product of the Internet Engineering Task Force
+   (IETF).  It represents the consensus of the IETF community.  It has
+   received public review and has been approved for publication by the
+   Internet Engineering Steering Group (IESG).  Further information on
+   Internet Standards is available in Section 2 of RFC 7841.
+
+   Information about the current status of this document, any errata,
+   and how to provide feedback on it may be obtained at
+   http://www.rfc-editor.org/info/rfc7944.
+
+Copyright Notice
+
+   Copyright (c) 2016 IETF Trust and the persons identified as the
+   document authors.  All rights reserved.
+
+   This document is subject to BCP 78 and the IETF Trust's Legal
+   Provisions Relating to IETF Documents
+   (http://trustee.ietf.org/license-info) in effect on the date of
+   publication of this document.  Please review these documents
+   carefully, as they describe your rights and restrictions with respect
+   to this document.  Code Components extracted from this document must
+   include Simplified BSD License text as described in Section 4.e of
+   the Trust Legal Provisions and are provided without warranty as
+   described in the Simplified BSD License.
+
+
+
+
+
+Donovan                      Standards Track                    [Page 1]
+
+RFC 7944                          DOIC                       August 2016
+
+
+Table of Contents
+
+   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
+     1.1.  Applicability . . . . . . . . . . . . . . . . . . . . . .   3
+   2.  Terminology and Abbreviations . . . . . . . . . . . . . . . .   4
+   3.  Conventions Used in This Document . . . . . . . . . . . . . .   4
+   4.  Problem Statement . . . . . . . . . . . . . . . . . . . . . .   5
+   5.  Use Cases . . . . . . . . . . . . . . . . . . . . . . . . . .   6
+     5.1.  First-Responder-Related Signaling . . . . . . . . . . . .   6
+     5.2.  Emergency-Call-Related Signaling  . . . . . . . . . . . .   6
+     5.3.  Differentiated Services . . . . . . . . . . . . . . . . .   7
+     5.4.  Application-Specific Priorities . . . . . . . . . . . . .   7
+   6.  Theory of Operation . . . . . . . . . . . . . . . . . . . . .   8
+   7.  Extensibility . . . . . . . . . . . . . . . . . . . . . . . .  10
+   8.  Normative Behavior  . . . . . . . . . . . . . . . . . . . . .  10
+   9.  Attribute Value Pairs . . . . . . . . . . . . . . . . . . . .  12
+     9.1.  DRMP AVP  . . . . . . . . . . . . . . . . . . . . . . . .  12
+     9.2.  Attribute Value Pair Flag Rules . . . . . . . . . . . . .  13
+   10. Considerations When Defining Application Priorities . . . . .  14
+   11. IANA Considerations . . . . . . . . . . . . . . . . . . . . .  15
+     11.1.  AVP Codes  . . . . . . . . . . . . . . . . . . . . . . .  15
+   12. Security Considerations . . . . . . . . . . . . . . . . . . .  15
+     12.1.  Potential Threat Modes . . . . . . . . . . . . . . . . .  15
+     12.2.  Denial-of-Service Attacks  . . . . . . . . . . . . . . .  16
+     12.3.  End-to-End Security Issues . . . . . . . . . . . . . . .  16
+   13. References  . . . . . . . . . . . . . . . . . . . . . . . . .  17
+     13.1.  Normative References . . . . . . . . . . . . . . . . . .  17
+     13.2.  Informative References . . . . . . . . . . . . . . . . .  17
+   Contributors  . . . . . . . . . . . . . . . . . . . . . . . . . .  18
+   Author's Address  . . . . . . . . . . . . . . . . . . . . . . . .  18
+
+1.  Introduction
+
+   The Diameter Overload Indication Conveyance (DOIC) solution [RFC7683]
+   for Diameter overload control introduces scenarios where Diameter
+   routing decisions made by Diameter nodes can be influenced by the
+   overload state of other Diameter nodes.  This includes the scenarios
+   where Diameter endpoints and Diameter Agents can throttle requests as
+   a result of the target for the request being overloaded.
+
+   With currently available mechanisms, these Diameter nodes do not have
+   a mechanism to differentiate request message priorities when making
+   these throttling decisions.  As such, all requests are treated the
+   same, meaning that all requests have the same probability of being
+   throttled.
+
+
+
+
+
+
+Donovan                      Standards Track                    [Page 2]
+
+RFC 7944                          DOIC                       August 2016
+
+
+   There are scenarios where treating all requests the same can cause
+   issues.  For instance, it might be considered important to reduce the
+   probability of transactions involving first responders being
+   throttled during overload scenarios caused, for example, by a period
+   of heavy signaling resulting from a natural disaster.
+
+   This document defines a mechanism that allows Diameter nodes to
+   indicate the relative priority of Diameter transactions.  With this
+   information, other Diameter nodes can factor the relative priority of
+   requests into routing and throttling decisions.
+
+1.1.  Applicability
+
+   There are two primary considerations that must be addressed for the
+   mechanism described in this document to work effectively.  The first
+   takes into consideration the fact that the Diameter base protocol
+   defined in [RFC6733]  is designed to transport multiple Diameter
+   applications and that Diameter nodes can be implemented that support
+   multiple applications.  In order for the Diameter Routing Message
+   Priority (DRMP) mechanism to work, the priorities defined for all
+   messages across all applications used in a Diameter administrative
+   domain must be defined in a consistent and coordinated fashion,
+   taking the default priority into account.  See Section 10 for a
+   discussion of some of the considerations that need to be factored
+   into the setting of DRMPs used by Diameter applications.
+
+      Note that this consideration does not apply to Diameter networks
+      where all Diameter nodes only support a single application.
+
+   Without this cross application priority design taken into
+   consideration, it is possible for messages for one application to
+   gain unwarranted preferential treatment over messages for other
+   applications.
+
+   This mechanism also depends on all of the messages that carry the
+   DRMP Attribute Value Pair (AVP) that are inserted into Diameter
+   messages by trusted nodes within the Diameter administrative domain.
+   As discussed in Section 12, misbehaving nodes have the ability to use
+   the DRMP mechanism to gain unwarranted preferential treatment.
+
+   When messages cross Diameter administrative boundaries, care should
+   be taken to either strip or modify the DRMP values in these messages.
+   If the priority definitions vary between the two Diameter
+   administrative domains, then it is possible for messages from a
+   foreign domain to gain unwarranted preferential treatment.
+
+
+
+
+
+
+Donovan                      Standards Track                    [Page 3]
+
+RFC 7944                          DOIC                       August 2016
+
+
+2.  Terminology and Abbreviations
+
+   Diversion
+
+      As defined in [RFC7683].  An overload abatement treatment where
+      the reacting node selects alternate destinations or paths for
+      requests.
+
+   DOIC
+
+      Diameter Overload Indication Conveyance.
+
+   DRMP
+
+      Diameter Routing Message Priority.
+
+   Overload Abatement
+
+      As defined in [RFC7683].  Reaction to receipt of an overload
+      report resulting in a reduction in traffic sent to the reporting
+      node.  Abatement actions include diversion and throttling.
+
+   Priority
+
+      The relative importance of a Diameter message.  A lower-priority
+      value implies a higher relative importance of the message.
+
+   Throttling
+
+      As defined in [RFC7683].  An abatement treatment that limits the
+      number of requests sent by the DOIC reacting node.  Throttling can
+      include a Diameter Client choosing to not send requests or a
+      Diameter Agent or Server rejecting requests with appropriate error
+      responses.  In both cases, the result of the throttling is a
+      permanent rejection of the transaction.
+
+3.  Conventions Used in This Document
+
+   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
+   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
+   document are to be interpreted as described in [RFC2119].
+
+   The interpretation from RFC 2119 does not apply for the above listed
+   words when they are not used in all caps.
+
+
+
+
+
+
+
+Donovan                      Standards Track                    [Page 4]
+
+RFC 7944                          DOIC                       August 2016
+
+
+4.  Problem Statement
+
+   With the introduction of overload control mechanisms, Diameter nodes
+   will be required to make decisions regarding which Diameter request
+   messages should be throttled as a result of overloaded Diameter
+   nodes.
+
+   There is currently no generic mechanism to indicate which request
+   messages should be given preferential treatment when these throttling
+   decisions are made.
+
+   As a result, all messages are treated equally and, as such, have an
+   equal probability of being throttled.
+
+   There are a number of scenarios where it is appropriate for an
+   application to mark a request as being of a higher priority than
+   other application requests.  These are discussed in the next section.
+
+   This document defines a mechanism for applications to indicate
+   priority for individual transactions, reducing the probability of
+   those transactions being throttled if there are other lower-priority
+   transactions that are eligible for throttling treatment.
+
+   While the primary usage of DRMP-defined priorities is for input to
+   throttling decisions related to Diameter overload control, it is also
+   expected that the priority information could also be used for other
+   routing-related functionality.  This might include giving higher-
+   priority transactions preferential treatment when selecting routes.
+
+   It is also envisioned that DRMP information could be used by Diameter
+   endpoints to make resource allocation decisions.  For instance, a
+   Diameter Server might choose to use the priority information to treat
+   higher-priority requests ahead of lower-priority requests.  It might
+   also use the priority information as a reason to fail a request as a
+   result of insufficient resources.
+
+      Note: There are a number of application-specific definitions
+      indicating various views of application-level priority for
+      different requests.  Using these application-specific priority
+      AVPs as input to throttling and other Diameter routing decisions
+      would require Diameter Agents to understand all applications and
+      do application-specific parsing of all messages in order to
+      determine the priority of individual messages.  This is considered
+      an unacceptable level of complexity to put on elements whose
+      primary responsibility is to route Diameter messages.
+
+
+
+
+
+
+Donovan                      Standards Track                    [Page 5]
+
+RFC 7944                          DOIC                       August 2016
+
+
+5.  Use Cases
+
+   This section discusses various scenarios where Diameter transactions
+   can benefit from the use of priority information.
+
+   It is important to note that for priority information to be reliably
+   usable, the Diameter nodes sending and consuming DRMP AVPs must have
+   pre-established trust relationships of the sort described in
+   Section 12.
+
+5.1.  First-Responder-Related Signaling
+
+   Natural disasters can result in a considerable increase in usage of
+   network resources.  This can be made worse if the disaster results in
+   a loss of network capacity.
+
+   The combination of added load and reduced capacity can lead to
+   Diameter nodes becoming overloaded and, as a result, the use of DOIC
+   mechanisms to request a reduction in traffic.  In turn, this results
+   in requests being throttled in an attempt to control the overload
+   scenario and prevent the overloaded node from failing.
+
+   There is the need for first responders and other individuals
+   responsible for handling the after effects of the disaster to be
+   assured that they can gain access to the network resources in order
+   to communicate both between themselves and with other network
+   resources.
+
+   Signaling associated with first responders needs to be given a higher
+   priority to help ensure they can most effectively do their jobs.
+
+   The United States Wireless Priority Services (WPS) and Government
+   Emergency Telecommunications Service (GETS) are examples of systems
+   designed to address the command and control aspects of these first
+   responder needs.
+
+5.2.  Emergency-Call-Related Signaling
+
+   Similar to the first responder scenario, there is also signaling
+   associated with emergency calls.  Given the critical nature of these
+   emergency calls, this signaling should also be given preferential
+   treatment when possible.
+
+
+
+
+
+
+
+
+
+Donovan                      Standards Track                    [Page 6]
+
+RFC 7944                          DOIC                       August 2016
+
+
+5.3.  Differentiated Services
+
+   Operators may desire to differentiate network-based services by
+   providing a service level agreement (SLA) that includes preferential
+   Diameter routing behavior.  This might, for example, be modeled as
+   Platinum, Gold, and Silver levels of service.
+
+   In this scenario, an operator might offer a Platinum SLA that
+   includes ensuring that all signaling for a customer who purchases the
+   Platinum service is being marked as having a higher priority than
+   signaling associated with Gold and Silver customers.
+
+5.4.  Application-Specific Priorities
+
+   There are scenarios within Diameter applications where it might be
+   appropriate to give a subset of the transactions for the application
+   a higher priority than other transactions for that application.
+
+   For instance, when there is a series of transactions required for a
+   user to gain access to network services, it might be appropriate to
+   mark transactions that occur later in the series at a higher priority
+   than those that occur early in the series.  This would recognize that
+   there was potentially significant work done by the network already
+   that would be lost if those later transactions were throttled.
+
+   There are also scenarios where an agent cannot easily differentiate a
+   request that starts a session from requests that update or end
+   sessions.  In these scenarios, it might be appropriate to mark the
+   requests that establish new sessions with a lower priority than
+   updates and session ending requests.  This also recognizes that more
+   work has already taken place for established sessions, and as a
+   result, it might be more harmful from a signaling point of view if
+   the session update and session ending requests were to be throttled.
+
+   There are also scenarios where the priority of requests for
+   individual command codes within an application depends on the context
+   that exists when the request is sent.  There isn't always information
+   in the message from which this context can be determined by Diameter
+   nodes other than the node that originates the request.
+
+   This is similar to the scenario where a series of requests are needed
+   to access a network service.  It is different in that the series of
+   requests involves different application command codes.  In this
+   scenario, requests with the same command code have different implied
+   priorities.
+
+
+
+
+
+
+Donovan                      Standards Track                    [Page 7]
+
+RFC 7944                          DOIC                       August 2016
+
+
+      One example of this is in the 3GPP application [S6a] where an
+      Update Location Request (ULR) resulting from a Mobility Management
+      Entity (MME) restoration procedure might be given a higher
+      priority than a ULR resulting from an initial attach.
+
+6.  Theory of Operation
+
+   This section outlines the envisioned usage of DRMP.
+
+   The expected behavior depends on the role (request sender, agent, or
+   request handler) of the Diameter node handling the request.
+
+   The following behavior is expected during the flow of a Diameter
+   transaction.
+
+   1.  Request sender -- The sender of a request, be it a Diameter
+       Client or a Diameter Server, determines the relative priority of
+       the request and includes that priority information in the
+       request.  The method for determining the relative priority is
+       application specific and is outside the scope of this
+       specification.  The request sender also saves the priority
+       information with the transaction state.  This will be used when
+       handling the answer messages.
+
+   2.  Agents handling the request -- Agents use the priority
+       information when making routing decisions.  This can include
+       determining which requests to route first, which requests to
+       throttle, and where the request is routed.  For instance,
+       requests with higher priority might have a lower probability of
+       being throttled.  The mechanism for how the agent determines
+       which requests are candidates to be throttled is implementation
+       dependent and is outside the scope of this document.  Before
+       forwarding request messages, agents generally do not modify the
+       priority information present in the received request message nor
+       include the priority information when absent in the received
+       request message.  However, in some scenarios, agents can modify
+       the priority information, for example, edge agents modifying the
+       priority values set by an adjacent operator.  There might be
+       other scenarios where a Diameter endpoint does not support the
+       DRMP mechanism, and agents insert the priority information in the
+       request messages for that non-supporting endpoint.  When
+       forwarding the request messages, the agent also saves the
+       transaction priority in the transaction state either as locally
+       managed state or using the Proxy-Info mechanism defined in
+       [RFC6733].  This will be used when handling the associated answer
+       message for the transaction.
+
+
+
+
+
+Donovan                      Standards Track                    [Page 8]
+
+RFC 7944                          DOIC                       August 2016
+
+
+   3.  Request handler -- The handler of the request, be it a Diameter
+       Server or a Diameter Client, can use the priority information to
+       determine how to handle the request.  This could include
+       determining the order in which requests are handled and resources
+       that are applied to the handling of the request.
+
+   4.  Answer sender -- The handler of the request is also the sender of
+       the answer.  The answer sender uses the priority information
+       received in the request message when sending the answer.  This
+       implies that answers for higher-priority transactions are given
+       preferential treatment over lower-priority transactions.  The
+       answer sender also has the option of including priority
+       information in the answer message.  This is done when the answer
+       message needs to have a different priority than the priority
+       carried in the request message.  The priority included by the
+       answer sender is application specific.
+
+   5.  Agent handling the answer -- By default, agents handling answer
+       messages use the priority information stored with the transaction
+       state to determine the priority of relaying the answer message.
+       However, priority information included in the answer message,
+       when present, is used in place of the stored priority
+       information.  The use of priority information implies that
+       answers for higher-priority transactions are given preferential
+       treatment over lower-priority transactions.  When forwarding the
+       answer messages, agents generally do not modify the priority
+       information present in the received answer messages nor include
+       the priority information when absent in the received answer
+       messages.  However, in some scenarios, agents can modify the
+       priority information, for example, edge agents modifying the
+       priority values set by an adjacent operator.  There might be
+       other scenarios where a Diameter endpoint does not support the
+       DRMP mechanism, and agents insert the priority information for
+       that non-supporting endpoint.
+
+   6.  Answer handler -- The answer handler uses the same method as the
+       agent to determine the priority of the answer message.  By
+       default, the handler of the answer message uses the priority
+       saved in the transaction's state.  Priority information in the
+       answer message is used when present.  The priority is used when
+       allocating resources for processing that occurs after the receipt
+       of the answer message.
+
+
+
+
+
+
+
+
+
+Donovan                      Standards Track                    [Page 9]
+
+RFC 7944                          DOIC                       August 2016
+
+
+7.  Extensibility
+
+   This document does not define extensibility mechanisms that are
+   specific to the DRMP mechanism.  As a result, any extension that
+   requires new AVPs will be required to use existing Diameter
+   extensibility mechanisms defined in [RFC6733].
+
+8.  Normative Behavior
+
+   This section contains the normative behavior associated with DRMP.
+
+   When routing priority information is available, Diameter nodes SHOULD
+   include Diameter routing message priority in the DRMP AVP in all
+   Diameter request messages.
+
+      Note: The method of determining the priority value included in the
+      request is application specific and is not in the scope of this
+      specification.
+
+   The priority marking scheme does not require the Diameter Agents to
+   understand application-specific AVPs.
+
+   When available, Diameter nodes SHOULD use routing priority
+   information included in the DRMP AVP when making Diameter overload
+   throttling decisions.
+
+   Diameter Agents MAY use routing priority information included in the
+   DRMP AVP when relaying request and answer messages.  This includes
+   the selection of routes and the ordering of messages relayed.
+
+      Note: The priority information included in the DRMP AVP in request
+      messages applies to both the request message and, by default, the
+      answer message associated with the transaction.
+
+   While done only in exceptional circumstances, Diameter Agents MAY
+   modify priority information when relaying request and answer
+   messages.
+
+      Note: There might be scenarios where a Diameter Agent does modify
+      priority information.  For instance, an edge agent might need to
+      modify the priority values set by an adjacent operator.
+
+   While done only in exceptional circumstances, Diameter Agents MAY add
+   priority information when relaying request and answer messages.
+
+      Note: There might be scenarios where a Diameter endpoint does not
+      support the DRMP mechanism, and agents insert priority information
+      for that non-supporting endpoint.
+
+
+
+Donovan                      Standards Track                   [Page 10]
+
+RFC 7944                          DOIC                       August 2016
+
+
+   Diameter endpoints MAY use routing priority information included in
+   the DRMP AVP when making resource allocation decisions for the
+   transaction associated with the request message that contains the
+   DRMP information.
+
+   Diameter endpoints MAY use routing priority information included in
+   the DRMP AVP when making resource allocation decisions for the
+   transaction associated with the answer messages using the DRMP
+   information associated with the transaction.
+
+   Diameter endpoints MAY include the DRMP AVP in answer messages.  This
+   is done when the priority for the answer message needs to have a
+   different priority than the priority carried in the request message.
+
+   When determining the priority to apply to answer messages, Diameter
+   nodes SHOULD use the priority indicated in the DRMP AVP carried in
+   the answer message, if it exists.  If there is not DRMP AVP in the
+   answer message, then the Diameter node SHOULD use the priority
+   indicated in the DRMP AVP of the associated request message.
+
+      Note: One method to determine what priority to apply to an answer
+      when there is no DRMP AVP in the answer message is to save the
+      priority included in the request message in the state associated
+      with the Diameter transaction.  Another is to use the Proxy-Info
+      mechanism defined in [RFC6733].
+
+   Diameter nodes MUST have a default priority to apply to transactions
+   that do not have an explicit priority set in the DRMP AVP.
+
+   In order to guarantee consistent handling of messages from non-
+   upgraded Diameter Clients, Diameter nodes SHOULD use the PRIORITY_10
+   priority as this default priority value.
+
+      PRIORITY_10 is a midrange priority that corresponds to "normal"
+      traffic and thus would be a suitable default for most deployments,
+      while still allowing different Diameter applications to designate
+      other priorities for lower- and higher-priority traffic.
+
+      Note: This does not imply that a DRMP AVP is added to the message.
+      Rather, the message is treated the same as a message that has a
+      DRMP AVP with a priority value of PRIORITY_10.
+
+   Diameter nodes MUST support the ability for the default priority to
+   be modified through local configuration interfaces.
+
+      Note: There are scenarios where operators might want to specify a
+      different default value for transactions that do not have an
+      explicit priority.  In this case, the operator-defined local
+
+
+
+Donovan                      Standards Track                   [Page 11]
+
+RFC 7944                          DOIC                       August 2016
+
+
+      policy would override the use of PRIORITY_10 as the default
+      priority.
+
+   When using DRMP information, Diameter nodes MUST use the default
+   priority for transactions that do not have priority specified in a
+   DRMP AVP.
+
+      Note: This guidance on the handling of messages without a priority
+      does not result in a Diameter Agent inserting a DRMP AVP into the
+      message.  Rather, it gives guidance on how that specific
+      transaction should be treated when its priority is compared with
+      other requests.  When a Diameter Agent relays the request, it will
+      not insert a DRMP AVP with a priority value of 10.
+
+   When setting and using priorities, for all integers x,y in [0,15],
+   treat PRIORITY_<x> as lower priority than PRIORITY_<y> when y<x.
+
+      Note: As a result, PRIORITY_0 is the highest priority.
+
+9.  Attribute Value Pairs
+
+   This section describes the encoding and semantics of the Diameter
+   Routing Message Priority AVP defined in this document.
+
+9.1.  DRMP AVP
+
+   The DRMP (AVP code 301) is of type Enumerated.  The value of the AVP
+   indicates the routing message priority for the transaction.  The
+   following values are defined:
+
+   PRIORITY_15 15  PRIORITY_15 is the lowest priority.
+
+   PRIORITY_14 14  PRIORITY_14 is a higher priority than PRIORITY_15 and
+      a lower priority than PRIORITY_13.
+
+   PRIORITY_13 13  PRIORITY_13 is a higher priority than PRIORITY_14 and
+      a lower priority than PRIORITY_12.
+
+   PRIORITY_12 12  PRIORITY_12 is a higher priority than PRIORITY_13 and
+      a lower priority than PRIORITY_11.
+
+   PRIORITY_11 11  PRIORITY_11 is a higher priority than PRIORITY_12 and
+      a lower priority than PRIORITY_10.
+
+   PRIORITY_10 10  PRIORITY_10 is a higher priority than PRIORITY_11 and
+      a lower priority than PRIORITY_9.
+
+
+
+
+
+Donovan                      Standards Track                   [Page 12]
+
+RFC 7944                          DOIC                       August 2016
+
+
+   PRIORITY_9 9  PRIORITY_9 is a higher priority than PRIORITY_10 and a
+      lower priority than PRIORITY_8.
+
+   PRIORITY_8 8  PRIORITY_8 is a higher priority than PRIORITY_9 and a
+      lower priority than PRIORITY_7.
+
+   PRIORITY_7 7  PRIORITY_7 is a higher priority than PRIORITY_8 and a
+      lower priority than PRIORITY_6.
+
+   PRIORITY_6 6  PRIORITY_6 is a higher priority than PRIORITY_7 and a
+      lower priority than PRIORITY_5.
+
+   PRIORITY_5 5  PRIORITY_5 is a higher priority than PRIORITY_6 and a
+      lower priority than PRIORITY_4.
+
+   PRIORITY_4 4  PRIORITY_4 is a higher priority than PRIORITY_5 and a
+      lower priority than PRIORITY_3.
+
+   PRIORITY_3 3  PRIORITY_3 is a higher priority than PRIORITY_4 and a
+      lower priority than PRIORITY_2.
+
+   PRIORITY_2 2  PRIORITY_2 is a higher priority than PRIORITY_3 and a
+      lower priority than PRIORITY_1.
+
+   PRIORITY_1 1  PRIORITY_1 is a higher priority than PRIORITY_2 and a
+      lower priority than PRIORITY_0.
+
+   PRIORITY_0 0  Priority 0 is the highest priority.
+
+9.2.  Attribute Value Pair Flag Rules
+
+                                                         +---------+
+                                                         |AVP Flag |
+                                                         |Rules    |
+                                                         +----+----+
+                              AVP   Section              |    |MUST|
+       Attribute Name         Code  Defined  Value Type  |MUST| NOT|
+      +--------------------------------------------------+----+----+
+      |DRMP                    301  9.1      Enumerated  |    | V  |
+      +--------------------------------------------------+----+----+
+
+
+
+
+
+
+
+
+
+
+
+Donovan                      Standards Track                   [Page 13]
+
+RFC 7944                          DOIC                       August 2016
+
+
+10.  Considerations When Defining Application Priorities
+
+   As discussed in Section 1.1, it is important that the definition of
+   priority values used by all applications within a single Diameter
+   administrative domain be done in a consistent and coordinated manner.
+
+   The following are some things to be considered when defining the
+   DRMPs to be used in Diameter networks that support Diameter nodes
+   handling multiple applications.
+
+   1.  As with any prioritization scheme, it is possible for higher-
+       priority messages to block lower-priority messages from ever
+       being handled.  In a Diameter network, this will often result in
+       those Diameter transactions being retried.  This can result in
+       more traffic than the network would have handled without use of
+       the DRMP mechanism.
+
+       One potential guideline to prevent unwanted starving of lower-
+       priority messages is to have higher-priority messages represent a
+       relatively small portion of messages handled by the Diameter
+       network under normal scenarios.
+
+          Note that there are scenarios, such as first responder
+          messages, where the blocking of lower-priority messages is a
+          requirement.
+
+   2.  When setting priorities for any of the use cases outlined in
+       Section 5, it is important to use the same priority values across
+       applications.  For instance, when defining priority for the first
+       responder use case discussed in Section 5.1 and the emergency
+       call use case discussed in Section 5.2, one high-priority value
+       might be used for all first responder messages, say PRIORITY_2,
+       and a slightly lower-priority value, say PRIORITY_3, might be
+       used for emergency-call-related messages.  These values should be
+       specified for these use cases across all applications used within
+       the Diameter administrative domain.
+
+          Note that the values mentioned here are strictly for
+          illustrative purposes.  The actual values used for these use
+          cases are likely to be different.
+
+   3.  Messages without the DRMP AVP will be given default priority
+       value treatment.  This will include messages from Diameter
+       Clients that have not been updated to support the DRMP mechanism.
+       It might also include messages from foreign administrative
+       domains if the DRMP AVPs are stripped from messages crossing the
+       Diameter administrative domains.
+
+
+
+
+Donovan                      Standards Track                   [Page 14]
+
+RFC 7944                          DOIC                       August 2016
+
+
+   4.  The process used to introduce the DRMP mechanism into a Diameter
+       network should also be taken into consideration.  Messages of the
+       same type within the same application might get different
+       treatment depending on whether those messages are sent from nodes
+       that are upgraded to support the DRMP mechanism versus nodes that
+       have not yet been upgraded to support the DRMP mechanism.
+
+11.  IANA Considerations
+
+11.1.  AVP Codes
+
+   The new AVP defined by this specification is listed in Section 9.
+   All AVP codes are allocated from the "AVP Codes" subregistry of the
+   "Authentication, Authorization, and Accounting (AAA) Parameters"
+   registry.
+
+12.  Security Considerations
+
+   DRMP gives Diameter nodes the ability to influence which requests are
+   throttled during overload scenarios.  In addition, DRMP can be used
+   in determining the routing decisions for request messages.  Improper
+   use of the DRMP mechanism could result in the malicious Diameter node
+   gaining preferential treatment, by reducing the probability of its
+   requests being throttled, over other Diameter nodes.  This would be
+   achieved by the malicious node inserting priority values that are
+   artificially high.
+
+   Diameter does not include features to provide end-to-end
+   authentication, integrity protection, or confidentiality.  This opens
+   the possibility that malicious or compromised agents in the path of a
+   request could modify the DRMP AVP to reflect a priority different
+   than that asserted by the sender of the request.
+
+12.1.  Potential Threat Modes
+
+   The Diameter protocol involves transactions in the form of requests
+   and answers exchanged between clients and servers.  These clients and
+   servers may be peers; that is, they may share a direct transport
+   (e.g., the Transmission Control Protocol (TCP) or Stream Control
+   Transmission Protocol (SCTP)) connection, or the messages may
+   traverse one or more intermediaries, known as Diameter Agents.
+   Diameter nodes use Transport Layer Security (TLS), Datagram Transport
+   Layer Security (DTLS), or IPsec to authenticate peers and to provide
+   confidentiality and integrity protection of traffic between peers.
+   Nodes can make authorization decisions based on the peer identities
+   authenticated at the transport layer.
+
+
+
+
+
+Donovan                      Standards Track                   [Page 15]
+
+RFC 7944                          DOIC                       August 2016
+
+
+   When agents are involved, this presents an effectively transitive
+   trust model.  That is, a Diameter Client or Server can authorize an
+   agent for certain actions, but it must trust that agent to make
+   appropriate authorization decisions about its peers, and so on.
+   Since confidentiality and integrity protection occurs at the
+   transport layer, agents can read, and perhaps modify, any part of a
+   Diameter message, including the DRMP AVP.
+
+   There are several ways an attacker might attempt to exploit the DRMP
+   mechanism.  A malicious or compromised Diameter node might insert
+   invalid priority values resulting in either preferential treatment,
+   resulting from higher values, or degraded treatment resulting from
+   lower values, for that node.
+
+   A similar attack involves a malicious or compromised Diameter Agent
+   changing the priority value resulting in the sending Diameter node
+   getting either preferential or degraded service.
+
+   The DRMP mechanism can be used to aid in overload throttling
+   decisions.  When this is the case, then the above attacks are limited
+   in scope to when one or more Diameter nodes are in an overloaded
+   state.
+
+   The DRMP mechanism can also be used to influence the order in which
+   Diameter messages are handled by Diameter nodes.  The above attacks
+   have a potentially greater impact in this scenario as the priority
+   indication impacts the handling of all requests at all times,
+   independent of the overload status of Diameter nodes in the Diameter
+   network.
+
+12.2.  Denial-of-Service Attacks
+
+   The DRMP mechanism does not open direct denial-of-service attack
+   vectors.  Rather, it introduces a mechanism where a node can gain
+   unwarranted preferential treatment.  It also introduces a mechanism
+   where a node can get degraded service in the scenario where a rogue
+   agent changes the priority value included in messages.
+
+12.3.  End-to-End Security Issues
+
+   The lack of end-to-end integrity features in Diameter [RFC6733] makes
+   it difficult to establish trust in DRMP AVPs received from non-
+   adjacent nodes.  Any agents in the message path may insert or modify
+   DRMP AVPs.  Nodes must trust that their adjacent peers perform proper
+   checks on overload reports from their peers, and so on, creating a
+   transitive-trust requirement extending for potentially long chains of
+   nodes.  Network operators must determine if this transitive trust
+   requirement is acceptable for their deployments.  Nodes supporting
+
+
+
+Donovan                      Standards Track                   [Page 16]
+
+RFC 7944                          DOIC                       August 2016
+
+
+   DRMP MUST give operators the ability to select which peers are
+   trusted to deliver DRMP AVPs, and whether they are trusted to forward
+   the DRMP AVPs from non-adjacent nodes.  Diameter nodes MUST strip
+   DRMP AVPs from messages received from peers that are not trusted for
+   DRMP purposes.
+
+   It is expected that work on end-to-end Diameter security might make
+   it easier to establish trust in non-adjacent nodes for DRMP purposes.
+   Readers should be reminded, however, that the DRMP mechanism allows
+   Diameter Agents to modify AVPs in existing messages that are
+   originated by other nodes.  If end-to-end security is enabled, there
+   is a risk that such modification could violate integrity protection.
+   The details of using any future Diameter end-to-end security
+   mechanism with DRMP will require careful consideration and are beyond
+   the scope of this document.
+
+13.  References
+
+13.1.  Normative References
+
+   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
+              Requirement Levels", BCP 14, RFC 2119,
+              DOI 10.17487/RFC2119, March 1997,
+              <http://www.rfc-editor.org/info/rfc2119>.
+
+   [RFC6733]  Fajardo, V., Ed., Arkko, J., Loughney, J., and G. Zorn,
+              Ed., "Diameter Base Protocol", RFC 6733,
+              DOI 10.17487/RFC6733, October 2012,
+              <http://www.rfc-editor.org/info/rfc6733>.
+
+13.2.  Informative References
+
+   [RFC7683]  Korhonen, J., Ed., Donovan, S., Ed., Campbell, B., and L.
+              Morand, "Diameter Overload Indication Conveyance",
+              RFC 7683, DOI 10.17487/RFC7683, October 2015,
+              <http://www.rfc-editor.org/info/rfc7683>.
+
+   [S6a]      3GPP, "Evolved Packet System (EPS); Mobility Management
+              Entity (MME) and Serving GPRS Support Node (SGSN) related
+              interfaces based on Diameter protocol", 3GPP TS
+              29.272, 14.0.0, June 2016,
+              <http://www.3gpp.org/ftp/Specs/html-info/29272.htm>.
+
+
+
+
+
+
+
+
+
+Donovan                      Standards Track                   [Page 17]
+
+RFC 7944                          DOIC                       August 2016
+
+
+Contributors
+
+   The following person contributed substantial ideas, feedback, and
+   discussion to this document:
+
+   o  Janet P. Gunn
+
+Author's Address
+
+   Steve Donovan
+   Oracle
+   7460 Warren Parkway
+   Frisco, Texas  75034
+   United States of America
+
+   Email: srdonovan@usdonovans.com
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+
+Donovan                      Standards Track                   [Page 18]
+
-- 
cgit v1.2.3