idnits 2.17.1 draft-ietf-dhc-dhcpv6-opt-nisconfig-05.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 5 longer pages, the longest (page 6) being 61 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There is 1 instance of too long lines in the document, the longest one being 1 character in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (Dec 2003) is 7409 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 3315 (ref. '1') (Obsoleted by RFC 8415) Summary: 3 errors (**), 0 flaws (~~), 4 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group Vijayabhaskar A Kalusivalingam 2 Internet-Draft Hewlett-Packard 3 Expires: Jun 2004 Dec 2003 5 NIS Configuration Options for DHCPv6 6 draft-ietf-dhc-dhcpv6-opt-nisconfig-05 8 Status of this Memo 10 This document is an Internet-Draft and is in full conformance with 11 all provisions of Section 10 of RFC2026. 13 Internet-Drafts are working documents of the Internet Engineering 14 Task Force (IETF), its areas, and its working groups. Note that 15 other groups may also distribute working documents as Internet- 16 Drafts. 18 Internet-Drafts are draft documents valid for a maximum of six months 19 and may be updated, replaced, or obsoleted by other documents at any 20 time. It is inappropriate to use Internet-Drafts as reference 21 material or to cite them other than as "work in progress." 23 The list of current Internet-Drafts can be accessed at 24 http://www.ietf.org/ietf/1id-abstracts.txt. 26 The list of Internet-Draft Shadow Directories can be accessed at 27 http://www.ietf.org/shadow.html. 29 This Internet-Draft will expire on Jun 2004. 31 Copyright Notice 33 Copyright (C) The Internet Society (2003). All Rights Reserved. 35 Abstract 37 This document describes four options for Network Information Service 38 (NIS) related configuration information in DHCPv6: NIS Servers, NIS+ 39 Servers, NIS Client Domain Name, NIS+ Client Domain name. 41 1. Introduction 43 This document describes four options for passing configuration 44 information related to Network Information Service (NIS) [3] in 45 DHCPv6 (RFC 3315 [1]). 47 2. Terminology 49 The key words MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, 50 SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL in this document are to be 51 interpreted as described in RFC2119 [2]. 53 Throughout this document, unless otherwise specified, the acronym 54 DHCP refers to DHCP as specified in RFC 3315. 56 This document uses terminology specific to IPv6 and DHCP as defined 57 in section "Terminology" of RFC 3315. 59 3. Network Information Service (NIS) Servers Option 61 The Network Information Service (NIS) Servers option provides a 62 list of one or more IPv6 addresses of NIS servers available to the 63 client. Clients MUST treat the list of NIS servers as an ordered 64 list. The server MAY list the NIS servers in the order of 65 preference. 67 The format of the Network Information Service Servers option is as 68 shown below: 70 0 1 2 3 71 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 72 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 73 | OPTION_NIS_SERVERS | option-len | 74 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 75 | | 76 | NIS server (IPv6 address) | 77 | | 78 | | 79 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 80 | | 81 | NIS server (IPv6 address) | 82 | | 83 | | 84 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 85 | ... | 86 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 88 option-code: OPTION_NIS_SERVERS (tbd) 90 option-len: Length of the 'NIS server' fields in octets; It must be 91 a multiple of 16 93 NIS server: IPv6 address of NIS server 95 4. Network Information Service V2 (NIS+) Servers Option 97 The Network Information Service V2 (NIS+) Servers option provides 98 a list of one or more IPv6 addresses of NIS+ servers available to 99 the client. Clients MUST treat the list of NIS+ servers as an 100 ordered list. The server MAY list the NIS+ servers in the order of 101 preference. 103 The format of the Network Information Service V2 (NIS+) Servers 104 option is as shown below: 106 0 1 2 3 107 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 108 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 109 | OPTION_NISP_SERVERS | option-len | 110 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 111 | | 112 | NIS+ server (IPv6 address) | 113 | | 114 | | 115 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 116 | | 117 | NIS+ server (IPv6 address) | 118 | | 119 | | 120 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 121 | ... | 122 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 124 option-code: OPTION_NISP_SERVERS (tbd) 126 option-len: Length of the 'NIS+ server' fields in octets; It must be 127 a multiple of 16 129 NIS+ server: IPv6 address of NIS+ server 131 5. Network Information Service (NIS) Domain Name Option 133 The Network Information Service (NIS) Domain Name option is used 134 by the server to convey client's NIS Domain Name info to the 135 client. 137 The format of the NIS Domain Name option is as shown below: 139 0 1 2 3 140 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 141 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 142 | OPTION_NIS_DOMAIN_NAME | option-len | 143 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 144 | nis-domain-name | 145 | ... | 146 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 148 option-code: OPTION_NIS_DOMAIN_NAME (tbd) 150 option-len: Length of the 'nis-domain-name' field in octets 152 nis-domain-name: NIS Domain name for client 154 The 'nis-domain-name' MUST be encoded as specified in section 155 "Representation and Use of domain names" of the DHCPv6 156 specification [1]. 158 6. Network Information Service V2 (NIS+) Domain Name Option 160 The Network Information Service V2 (NIS+) Domain Name option is 161 used by the server to convey client's NIS+ Domain Name info to the 162 client. 164 The format of the NIS+ Domain Name option is as shown below: 166 0 1 2 3 167 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 168 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 169 | OPTION_NISP_DOMAIN_NAME | option-len | 170 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 171 | nisp-domain-name | 172 | ... | 173 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 175 option-code: OPTION_NISP_DOMAIN_NAME (tbd) 177 option-len: Length of the 'nisp-domain-name' field in octets 179 nisp-domain-name: NIS+ Domain name for client 181 The 'nisp-domain-name' MUST be encoded as specified in section 182 "Representation and Use of domain names" of the DHCPv6 183 specification [1]. 185 7. Appearance of these Options 187 The NIS servers, NIS+ servers, NIS domain name and NIS+ domain name 188 options MUST NOT appear in other than the following messages: Solicit, 189 Advertise, Request, Renew, Rebind, Information-Request and Reply. 191 The option number for these options MAY appear in the Option Request 192 Option [1] in the following messages: Solicit, Request, Renew, 193 Rebind, Information-Request and Reconfigure. 195 8. Security Considerations 197 The NIS servers, NIS+ servers, NIS domain name and NIS+ domain name 198 options may be used by an intruder DHCPv6 server to assign invalid 199 NIS parameters, resulting in clients unable to use NIS service. 201 The NIS servers and NIS+ servers options may be used by an intruder 202 DHCPv6 server to cause the DHCPv6 clients to send their queries to an 203 intruder NIS/NIS+ server. This misdirected searches may be used to 204 spoof NIS/NIS+ names. 206 The NIS domain name and NIS+ domain name options may be used by an 207 intruder DHCPv6 server to cause the DHCPv6 clients to search through 208 invalid domains for incompletely specified domain names. The results 209 of these misdirected searches may be used to spoof NIS/NIS+ names. 211 To avoid attacks through these options, the DHCPv6 client SHOULD use 212 authenticated DHCP (see section "Authentication of DHCP messages" in 213 the DHCPv6 specification [1]). 215 9. IANA Considerations 217 IANA is requested to assign an option code to the following options 218 from the option-code space defined in "DHCPv6 Options" section of the 219 DHCPv6 specification [1]. 221 Option Name Value Described in 222 OPTION_NIS_SERVERS tbd Section 3 223 OPTION_NISP_SERVERS tbd Section 4 224 OPTION_NIS_DOMAIN_NAME tbd Section 5 225 OPTION_NISP_DOMAIN_NAME tbd Section 6 227 10. Normative References 229 [1] Bound, J., Carney, M., Perkins, C., Lemon, T., Volz, B. and R. 230 Droms (ed.), "Dynamic Host Configuration Protocol for IPv6 231 (DHCPv6)", RFC 3315, July 2003. 233 [2] Bradner, S., "Key words for use in RFCs to Indicate Requirement 234 Levels", BCP 14, RFC 2119, March 1997. 236 11. Informative References 238 [3] Sun Microsystems, "System and Network Administration", 239 March 1990. 241 Author's Address 243 Vijayabhaskar A Kalusivalingam 244 Hewlett-Packard STSD-I 245 29, Cunningham Road 246 Bangalore - 560052 247 India 249 Phone: +91-80-2053085 250 E-Mail: vijayak@india.hp.com 252 Full Copyright Statement 254 Copyright (C) The Internet Society (2003). All Rights Reserved. 256 This document and translations of it may be copied and furnished to 257 others, and derivative works that comment on or otherwise explain it 258 or assist in its implementation may be prepared, copied, published 259 and distributed, in whole or in part, without restriction of any 260 kind, provided that the above copyright notice and this paragraph are 261 included on all such copies and derivative works. However, this 262 document itself may not be modified in any way, such as by removing 263 the copyright notice or references to the Internet Society or other 264 Internet organizations, except as needed for the purpose of 265 developing Internet standards in which case the procedures for 266 copyrights defined in the Internet Standards process must be 267 followed, or as required to translate it into languages other than 268 English. 270 The limited permissions granted above are perpetual and will not be 271 revoked by the Internet Society or its successors or assigns. 273 This document and the information contained herein is provided on an 274 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 275 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 276 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 277 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 278 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 280 Acknowledgement 282 Funding for the RFC Editor function is currently provided by the 283 Internet Society. Thanks to the DHC Working Group for their time and 284 input into the specification. In particular, thanks to (in 285 alphabetical order) Bernie Volz, Jim Bound, Margaret Wasserman, Pekka 286 Savola, Ralph Droms and Thomas Narten for their thorough review.