| < draft-narten-iana-considerations-rfc2434bis-00.txt | draft-narten-iana-considerations-rfc2434bis-01.txt > | |||
|---|---|---|---|---|
| INTERNET-DRAFT Thomas Narten | INTERNET-DRAFT Thomas Narten | |||
| IBM | IBM | |||
| <draft-narten-iana-considerations-rfc2434bis> Harald Tveit Alvestrand | <draft-narten-iana-considerations-rfc2434bis> Harald Tveit Alvestrand | |||
| Cisco | Cisco | |||
| July 19, 2004 | September 16, 2004 | |||
| Guidelines for Writing an IANA Considerations Section in RFCs | Guidelines for Writing an IANA Considerations Section in RFCs | |||
| <draft-narten-iana-considerations-rfc2434bis-00.txt> | <draft-narten-iana-considerations-rfc2434bis-01.txt> | |||
| Status of this Memo | Status of this Memo | |||
| By submitting this Internet-Draft, I certify that any applicable | By submitting this Internet-Draft, I certify that any applicable | |||
| patent or other IPR claims of which I am aware have been disclosed, | patent or other IPR claims of which I am aware have been disclosed, | |||
| and any of which I become aware will be disclosed, in accordance with | and any of which I become aware will be disclosed, in accordance with | |||
| RFC 3668. | RFC 3668. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| skipping to change at page 1, line 36 ¶ | skipping to change at page 1, line 36 ¶ | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference mate- | time. It is inappropriate to use Internet-Drafts as reference mate- | |||
| rial or to cite them other than as "work in progress." | rial or to cite them other than as "work in progress." | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/ietf/1id-abstracts.txt. | http://www.ietf.org/ietf/1id-abstracts.txt. | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
| This Internet-Draft expires January, 2005. | This Internet-Draft expires March, 2005. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (C) The Internet Society (2004). All Rights Reserved. | Copyright (C) The Internet Society (2004). All Rights Reserved. | |||
| Abstract | Abstract | |||
| Many protocols make use of identifiers consisting of constants and | Many protocols make use of identifiers consisting of constants and | |||
| other well-known values. Even after a protocol has been defined and | other well-known values. Even after a protocol has been defined and | |||
| deployment has begun, new values may need to be assigned (e.g., for a | deployment has begun, new values may need to be assigned (e.g., for a | |||
| new option type in DHCP, or a new encryption or authentication trans- | new option type in DHCP, or a new encryption or authentication | |||
| form for IPsec). To ensure that such quantities have consistent | transform for IPsec). To ensure that such quantities have consistent | |||
| values and interpretations in different implementations, their | values and interpretations in different implementations, their | |||
| assignment must be administered by a central authority. For IETF pro- | assignment must be administered by a central authority. For IETF | |||
| tocols, that role is provided by the Internet Assigned Numbers | protocols, that role is provided by the Internet Assigned Numbers | |||
| Authority (IANA). | Authority (IANA). | |||
| In order for the IANA to manage a given name space prudently, it | In order for the IANA to manage a given name space prudently, it | |||
| needs guidelines describing the conditions under which new values can | needs guidelines describing the conditions under which new values can | |||
| be assigned. If the IANA is expected to play a role in the management | be assigned. If the IANA is expected to play a role in the management | |||
| of a name space, the IANA must be given clear and concise instruc- | of a name space, the IANA must be given clear and concise | |||
| tions describing that role. This document discusses issues that | instructions describing that role. This document discusses issues | |||
| should be considered in formulating a policy for assigning values to | that should be considered in formulating a policy for assigning | |||
| a name space and provides guidelines to document authors on the spe- | values to a name space and provides guidelines to document authors on | |||
| cific text that must be included in documents that place demands on | the specific text that must be included in documents that place | |||
| the IANA. | demands on the IANA. | |||
| Contents | Contents | |||
| Status of this Memo.......................................... 1 | Status of this Memo.......................................... 1 | |||
| 1. Introduction............................................. 3 | 1. Introduction............................................. 3 | |||
| 2. Issues To Consider....................................... 4 | 2. Issues To Consider....................................... 4 | |||
| 3. Well-Known IANA Policy Definitions....................... 6 | 3. Well-Known IANA Policy Definitions....................... 6 | |||
| skipping to change at page 3, line 26 ¶ | skipping to change at page 3, line 26 ¶ | |||
| 5. What To Put In Documents................................. 8 | 5. What To Put In Documents................................. 8 | |||
| 5.1. When There Are No IANA Actions...................... 9 | 5.1. When There Are No IANA Actions...................... 9 | |||
| 5.2. Requesting Assignments From an Existing Name Space.. 9 | 5.2. Requesting Assignments From an Existing Name Space.. 9 | |||
| 5.3. Creation of New Registries.......................... 10 | 5.3. Creation of New Registries.......................... 10 | |||
| 6. Applicability to Past and Future RFCs.................... 11 | 6. Applicability to Past and Future RFCs.................... 11 | |||
| 7. Security Considerations.................................. 12 | 7. Security Considerations.................................. 12 | |||
| 8. Acknowledgments.......................................... 12 | 8. Changes Relative to RFC 2434............................. 13 | |||
| 8.1. Changes Relative to -00............................. 13 | ||||
| 9. References............................................... 13 | 9. Acknowledgments.......................................... 13 | |||
| 10. Authors' Addresses...................................... 14 | 10. References.............................................. 13 | |||
| 11. Authors' Addresses...................................... 14 | ||||
| 1. Introduction | 1. Introduction | |||
| Many protocols make use of fields that contain constants and other | Many protocols make use of fields that contain constants and other | |||
| well-known values (e.g., the Protocol field in the IP header [IP] or | well-known values (e.g., the Protocol field in the IP header [IP] or | |||
| MIME types in mail messages [MIME-REG]). Even after a protocol has | MIME types in mail messages [MIME-REG]). Even after a protocol has | |||
| been defined and deployment has begun, new values may need to be | been defined and deployment has begun, new values may need to be | |||
| assigned (e.g., a new option type in DHCP [DHCP] or a new encryption | assigned (e.g., a new option type in DHCP [DHCP] or a new encryption | |||
| or authentication algorithm for IPsec [IPSEC]). To ensure that such | or authentication algorithm for IPsec [IPSEC]). To ensure that such | |||
| fields have consistent values and interpretations in different imple- | fields have consistent values and interpretations in different | |||
| mentations, their assignment must be administered by a central | implementations, their assignment must be administered by a central | |||
| authority. For IETF protocols, that role is provided by the Internet | authority. For IETF protocols, that role is provided by the Internet | |||
| Assigned Numbers Authority (IANA) [IANA-MOU]. | Assigned Numbers Authority (IANA) [IANA-MOU]. | |||
| In this document, we call the set of possible values for such a field | In this document, we call the set of possible values for such a field | |||
| a "name space"; its actual content may be a name, a number or another | a "name space"; its actual content may be a name, a number or another | |||
| kind of value. The assignment of a specific value to a name space is | kind of value. The assignment of a specific value to a name space is | |||
| called an assigned number (or assigned value). Each assignment of a | called an assigned number (or assigned value). Each assignment of a | |||
| number in a name space is called a registration. | number in a name space is called a registration. | |||
| In order for the IANA to manage a given name space prudently, it | In order for the IANA to manage a given name space prudently, it | |||
| needs guidelines describing the conditions under which new values | needs guidelines describing the conditions under which new values | |||
| should be assigned. This document provides guidelines to authors on | should be assigned. This document provides guidelines to authors on | |||
| what sort of text should be added to their documents, and reviews | what sort of text should be added to their documents, and reviews | |||
| issues that should be considered in formulating an appropriate policy | issues that should be considered in formulating an appropriate policy | |||
| for assigning numbers to name spaces. | for assigning numbers to name spaces. | |||
| Not all name spaces require centralized administration. In some | Not all name spaces require centralized administration. In some | |||
| cases, it is possible to delegate a name space in such a way that | cases, it is possible to delegate a name space in such a way that | |||
| further assignments can be made independently and with no further | further assignments can be made independently and with no further | |||
| (central) coordination. In the Domain Name System, for example, the | (central) coordination. In the Domain Name System, for example, the | |||
| IANA only deals with assignments at the higher-levels, while subdo- | IANA only deals with assignments at the higher-levels, while | |||
| mains are administered by the organization to which the space has | subdomains are administered by the organization to which the space | |||
| been delegated. As another example, Object Identifiers (OIDs) as | has been delegated. As another example, Object Identifiers (OIDs) as | |||
| defined by the ITU are also delegated [ASSIGNED]. When a name space | defined by the ITU are also delegated [ASSIGNED]. When a name space | |||
| can be delegated, the IANA only deals with assignments at the top | can be delegated, the IANA only deals with assignments at the top | |||
| level. | level. | |||
| This document uses the terms 'MUST', 'SHOULD' and 'MAY', and their | This document uses the terms 'MUST', 'SHOULD' and 'MAY', and their | |||
| negatives, in the way described in RFC 2119 [KEYWORDS]. In this case, | negatives, in the way described in RFC 2119 [KEYWORDS]. In this case, | |||
| "the specification" as used by RFC 2119 refers to the processing of | "the specification" as used by RFC 2119 refers to the processing of | |||
| protocols being submitted to the IETF standards process. | protocols being submitted to the IETF standards process. | |||
| 2. Issues To Consider | 2. Issues To Consider | |||
| One issue to consider in managing a name space is its size. If the | One issue to consider in managing a name space is its size. If the | |||
| space is small and limited in size, assignments must be made care- | space is small and limited in size, assignments must be made | |||
| fully to ensure that the space doesn't become exhausted. If the space | carefully to ensure that the space doesn't become exhausted. If the | |||
| is essentially unlimited, on the other hand, it may be perfectly rea- | space is essentially unlimited, on the other hand, it may be | |||
| sonable to hand out new values to anyone that wants one. Even when | perfectly reasonable to hand out new values to anyone that wants one. | |||
| the space is essentially unlimited, however, it is usually desirable | Even when the space is essentially unlimited, however, it is usually | |||
| to have at least minimal review to prevent the hoarding of or unnec- | desirable to have at least minimal review to prevent the hoarding of | |||
| essary wasting of a space. For example, if the space consists of | or unnecessary wasting of a space. For example, if the space | |||
| text strings, it may be desirable to prevent organizations from | consists of text strings, it may be desirable to prevent | |||
| obtaining large sets of strings that correspond to the "best" names | organizations from obtaining large sets of strings that correspond to | |||
| (e.g., existing company names). Experience has also shown that some | the "best" names (e.g., existing company names). Experience has also | |||
| level of minimal review is useful to prevent assignments in cases | shown that some level of minimal review is useful to prevent | |||
| where the request is malformed or not actually needed (this may not | assignments in cases where the request is malformed or not actually | |||
| always be immediately obvious to a non-subject-matter expert). | needed (this may not always be immediately obvious to a non-subject- | |||
| matter expert). | ||||
| A second consideration is whether it makes sense to delegate the name | A second consideration is whether it makes sense to delegate the name | |||
| space in some manner. This route should be pursued when appropriate, | space in some manner. This route should be pursued when appropriate, | |||
| as it lessens the burden on the IANA for dealing with assignments. | as it lessens the burden on the IANA for dealing with assignments. | |||
| A third, and perhaps most important consideration, concerns potential | A third, and perhaps most important consideration, concerns potential | |||
| impact on interoperability of unreviewed extensions. Proposed proto- | impact on interoperability of unreviewed extensions. Proposed | |||
| col extensions generally benefit from community review; indeed, | protocol extensions generally benefit from community review; indeed, | |||
| review is often essential to prevent future interoperability | review is often essential to prevent future interoperability | |||
| problems. [VENDOR-EXT] discusses this topic in considerable detail. | problems. [VENDOR-EXT] discusses this topic in considerable detail. | |||
| In some cases, the name space is essentially unlimited, there are no | In some cases, the name space is essentially unlimited, there are no | |||
| potential interoperability issues, and assigned numbers can safely be | potential interoperability issues, and assigned numbers can safely be | |||
| given out to anyone. When no subjective review is needed, the IANA | given out to anyone. When no subjective review is needed, the IANA | |||
| can make assignments directly, provided that the IANA is given spe- | can make assignments directly, provided that the IANA is given | |||
| cific instructions on what types of requests it should grant, and | specific instructions on what types of requests it should grant, and | |||
| what information must be provided before a request for an assigned | what information must be provided before a request for an assigned | |||
| number will be considered. Note that the IANA will not define an | number will be considered. Note that the IANA will not define an | |||
| assignment policy; it should be given a set of guidelines that allow | assignment policy; it should be given a set of guidelines that allow | |||
| it to make allocation decisions with minimal subjectivity. | it to make allocation decisions with minimal subjectivity. | |||
| In most cases, some review of prospective allocations is appropriate, | In most cases, some review of prospective allocations is appropriate, | |||
| and the question becomes who should perform the review and how rigor- | and the question becomes who should perform the review and how | |||
| ous the review needs to be. In many cases, one might think that an | rigorous the review needs to be. In many cases, one might think that | |||
| IETF Working Group (WG) familiar with the name space at hand should | an IETF Working Group (WG) familiar with the name space at hand | |||
| be consulted. In practice, however, WGs eventually disband, so they | should be consulted. In practice, however, WGs eventually disband, so | |||
| cannot be considered a permanent evaluator. It is also possible for | they cannot be considered a permanent evaluator. It is also possible | |||
| name spaces to be created through individual submission documents, | for name spaces to be created through individual submission | |||
| for which no WG is ever formed. | documents, for which no WG is ever formed. | |||
| One way to ensure community review of prospective assignments is to | One way to ensure community review of prospective assignments is to | |||
| have the requester submit a document for publication as an RFC. Such | have the requester submit a document for publication as an RFC. Such | |||
| an action helps ensure that the IESG and relevant WGs review the | an action helps ensure that the IESG and relevant WGs review the | |||
| assignment. [XXX update wrt draft-iesg-rfced-documents?] This is the | assignment. [XXX update wrt draft-iesg-rfced-documents?] This is the | |||
| preferred way of ensuring review, and is particularly important if | preferred way of ensuring review, and is particularly important if | |||
| any potential interoperability issues can arise. For example, many | any potential interoperability issues can arise. For example, many | |||
| assignments are not just assignments, but also involve an element of | assignments are not just assignments, but also involve an element of | |||
| protocol specification. A new option may define fields that need to | protocol specification. A new option may define fields that need to | |||
| be parsed and acted on, which (if specified poorly) may not fit | be parsed and acted on, which (if specified poorly) may not fit | |||
| cleanly with the architecture of other options or the base protocols | cleanly with the architecture of other options or the base protocols | |||
| on which they are built. | on which they are built. | |||
| In some cases, however, the burden of publishing an RFC in order to | In some cases, however, the burden of publishing an RFC in order to | |||
| get an assignment is excessive. However, it is generally still useful | get an assignment is excessive. However, it is generally still useful | |||
| (and sometimes necessary) to discuss proposed additions on a mailing | (and sometimes necessary) to discuss proposed additions on a mailing | |||
| list dedicated to the purpose (e.g., the ietf-types@iana.org for | list dedicated to the purpose (e.g., the ietf-types@iana.org for | |||
| media types) or on a more general mailing list (e.g., that of a cur- | media types) or on a more general mailing list (e.g., that of a | |||
| rent or former IETF WG). Such a mailing list provides a way for new | current or former IETF WG). Such a mailing list provides a way for | |||
| registrations to be publicly reviewed prior to getting assigned, or | new registrations to be publicly reviewed prior to getting assigned, | |||
| to give advice for persons who want help in understanding what a | or to give advice for persons who want help in understanding what a | |||
| proper registration should contain. | proper registration should contain. | |||
| While discussion on a mailing list can provide valuable technical | While discussion on a mailing list can provide valuable technical | |||
| expertise, opinions may vary and discussions may continue for some | expertise, opinions may vary and discussions may continue for some | |||
| time without clear resolution. In addition, the IANA cannot partici- | time without clear resolution. In addition, the IANA cannot | |||
| pate in all of these mailing lists and cannot determine if or when | participate in all of these mailing lists and cannot determine if or | |||
| such discussions reach consensus. Therefore, the IANA cannot allow | when such discussions reach consensus. Therefore, the IANA cannot | |||
| general mailing lists to fill the role of providing definitive recom- | allow general mailing lists to fill the role of providing definitive | |||
| mendations regarding a registration question. Instead, the IANA will | recommendations regarding a registration question. Instead, the IANA | |||
| rely on a "designated expert" to advise it in assignment matters. | will rely on a "designated expert" to advise it in assignment | |||
| That is, the IANA forwards the requests it receives to a specific | matters. That is, the IANA forwards the requests it receives to a | |||
| point-of-contact (one or a small number of individuals) and acts upon | specific point-of-contact (one or a small number of individuals) and | |||
| the returned recommendation from the designated expert. The desig- | acts upon the returned recommendation from the designated expert. The | |||
| nated expert can initiate and coordinate as wide a review of an | designated expert can initiate and coordinate as wide a review of an | |||
| assignment request as may be necessary to evaluate it properly. | assignment request as may be necessary to evaluate it properly. | |||
| Designated experts are appointed by the relevant Area Director of the | Designated experts are appointed by the relevant Area Director of the | |||
| IESG. They are typically named at the time a document that creates a | IESG. They are typically named at the time a document that creates a | |||
| new numbering space is published as an RFC, but as experts originally | new numbering space is published as an RFC, but as experts originally | |||
| appointed may later become unavailable, the relevant Area Director | appointed may later become unavailable, the relevant Area Director | |||
| will appoint replacements if necessary. | will appoint replacements if necessary. | |||
| Any decisions made by the designated expert can be appealed using the | Any decisions made by the designated expert can be appealed using the | |||
| normal IETF appeals process as outlined in Section 6.5 of [IETF-PRO- | normal IETF appeals process as outlined in Section 6.5 of [IETF- | |||
| CESS]. Since the designated experts are appointed by the IESG, they | PROCESS]. Since the designated experts are appointed by the IESG, | |||
| may be removed by the IESG. | they may be removed by the IESG. | |||
| 3. Well-Known IANA Policy Definitions | 3. Well-Known IANA Policy Definitions | |||
| The following are some defined policies, some of which are in use | The following are some defined policies, some of which are in use | |||
| today. These cover a range of typical policies that have been used to | today. These cover a range of typical policies that have been used to | |||
| date. It is not required that documents use these terms; the actual | date. It is not required that documents use these terms; the actual | |||
| requirement is that the instructions to IANA are clear and unam- | requirement is that the instructions to IANA are clear and | |||
| bigous. However, it is preferable to use these terms where possible, | unambigous. However, it is preferable to use these terms where | |||
| since there meaning is widely understood. | possible, since there meaning is widely understood. | |||
| Private Use - For private or local use only, with the type and | Private Use - For private or local use only, with the type and | |||
| purpose defined by the local site. No attempt is made to | purpose defined by the local site. No attempt is made to | |||
| prevent multiple sites from using the same value in differ- | prevent multiple sites from using the same value in | |||
| ent (and incompatible) ways. There is no need for IANA to | different (and incompatible) ways. There is no need for | |||
| review such assignments and assignments are not generally | IANA to review such assignments and assignments are not | |||
| useful for interoperability. | generally useful for interoperability. | |||
| Examples: Site-specific options in DHCP [DHCP] have signif- | Examples: Site-specific options in DHCP [DHCP] have | |||
| icance only within a single site. "X-foo:" header lines in | significance only within a single site. "X-foo:" header | |||
| email messages. | lines in email messages. | |||
| Experimental Use - Similar to private or local use only, with the | Experimental Use - Similar to private or local use only, with the | |||
| purpose being to facilitate experimentation. See [EXPERI- | purpose being to facilitate experimentation. See | |||
| MENTATION] for details. | [EXPERIMENTATION] for details. | |||
| Hierarchical allocation - Delegated managers can assign values | Hierarchical allocation - Delegated managers can assign values | |||
| provided they have been given control over that part of the | provided they have been given control over that part of the | |||
| name space. IANA controls the higher levels of the | name space. IANA controls the higher levels of the | |||
| namespace according to one of the other policies. | namespace according to one of the other policies. | |||
| Examples: DNS names, Object Identifiers | Examples: DNS names, Object Identifiers | |||
| First Come First Served - Anyone can obtain an assigned number, so | First Come First Served - Anyone can obtain an assigned number, so | |||
| long as they provide a point of contact and a brief | long as they provide a point of contact and a brief | |||
| description of what the value would be used for. For num- | description of what the value would be used for. For | |||
| bers, the exact value is generally assigned by the IANA; | numbers, the exact value is generally assigned by the IANA; | |||
| with names, specific names are usually requested. | with names, specific names are usually requested. | |||
| Examples: vnd. (vendor assigned) MIME types [MIME-REG], TCP | Examples: vnd. (vendor assigned) MIME types [MIME-REG], TCP | |||
| and UDP port numbers. | and UDP port numbers. | |||
| Expert Review (or Designated Expert) - approval by a Designated | Expert Review (or Designated Expert) - approval by a Designated | |||
| Expert is required. | Expert is required. | |||
| Specification Required - Values and their meaning must be docu- | Specification Required - Values and their meaning must be | |||
| mented in an RFC or other permanent and readily available | documented in an RFC or other permanent and readily | |||
| reference, in sufficient detail so that interoperability | available reference, in sufficient detail so that | |||
| between independent implementations is possible. | interoperability between independent implementations is | |||
| possible. | ||||
| Examples: SCSP [SCSP] | Examples: SCSP [SCSP] | |||
| IESG Approval - New assignments must be approved by the IESG. | IESG Approval - New assignments must be approved by the IESG. | |||
| Although there is no requirement that the request be docu- | Although there is no requirement that the request be | |||
| mented in an RFC, the IESG has discretion to request docu- | documented in an RFC, the IESG has discretion to request | |||
| ments or other supporting materials on a case-by-case | documents or other supporting materials on a case-by-case | |||
| basis. | basis. | |||
| IETF Review - (Formerly "IETF Consensus" [IANA-CONSIDERATIONS]) | IETF Review - (Formerly "IETF Consensus" [IANA-CONSIDERATIONS]) | |||
| New values are assigned only through RFC publication of | New values are assigned only through RFC publication of | |||
| documents that have been shepherded through the IESG as AD- | documents that have been shepherded through the IESG as AD- | |||
| Sponsored documents [XXX need ref]. The intention is that | Sponsored documents [XXX need ref]. The intention is that | |||
| the document and proposed assignment will be reviewed by | the document and proposed assignment will be reviewed by | |||
| the IESG and appropriate IETF WGs (or experts, if suitable | the IESG and appropriate IETF WGs (or experts, if suitable | |||
| working groups no longer exist) to ensure that the proposed | working groups no longer exist) to ensure that the proposed | |||
| assignment will not negatively impact interoperability or | assignment will not negatively impact interoperability or | |||
| skipping to change at page 8, line 10 ¶ | skipping to change at page 8, line 13 ¶ | |||
| Address Family Identifiers [BGP4-EXT]. | Address Family Identifiers [BGP4-EXT]. | |||
| Standards Action - Values are assigned only for Standards Track | Standards Action - Values are assigned only for Standards Track | |||
| RFCs approved by the IESG. | RFCs approved by the IESG. | |||
| Examples: MIME top level types [MIME-REG] | Examples: MIME top level types [MIME-REG] | |||
| It should be noted that it often makes sense to partition a name | It should be noted that it often makes sense to partition a name | |||
| space into several categories, with assignments out of each category | space into several categories, with assignments out of each category | |||
| handled differently. For example, the DHCP option space [DHCP] is | handled differently. For example, the DHCP option space [DHCP] is | |||
| split into two parts. Option numbers in the range of 1-127 are glob- | split into two parts. Option numbers in the range of 1-127 are | |||
| ally unique and assigned according to the Specification Required pol- | globally unique and assigned according to the Specification Required | |||
| icy described above, while options number 128-254 are "site spe- | policy described above, while options number 128-254 are "site | |||
| cific", i.e., Private Use. Dividing the name space up makes it possi- | specific", i.e., Private Use. Dividing the name space up makes it | |||
| ble to have different policies in place for different ranges. | possible to have different policies in place for different ranges. | |||
| 4. Registration maintenance | 4. Registration maintenance | |||
| Registrations are a request for an assigned number, including the | Registrations are a request for an assigned number, including the | |||
| related information needed to evaluate and document the request. Even | related information needed to evaluate and document the request. Even | |||
| after a number has been assigned, some types of registrations contain | after a number has been assigned, some types of registrations contain | |||
| additional information that may need to be updated over time. For | additional information that may need to be updated over time. For | |||
| example, mime types, character sets, language tags, etc. typically | example, mime types, character sets, language tags, etc. typically | |||
| include more information than just the registered value itself. Exam- | include more information than just the registered value itself. | |||
| ple information can include point of contact information, security | Example information can include point of contact information, | |||
| issues, pointers to updates, literature references, etc. In such | security issues, pointers to updates, literature references, etc. In | |||
| cases, the document must clearly state who is responsible for main- | such cases, the document must clearly state who is responsible for | |||
| taining and updating a registration. It is appropriate to: | maintaining and updating a registration. It is appropriate to: | |||
| - Let the author update the registration, subject to the same con- | - Let the author update the registration, subject to the same | |||
| straints and review as with new registrations. | constraints and review as with new registrations. | |||
| - Allow some mechanism to attach comments to the registration, for | - Allow some mechanism to attach comments to the registration, for | |||
| cases where others have significant objections to claims in a | cases where others have significant objections to claims in a | |||
| registration, but the author does not agree to change the regis- | registration, but the author does not agree to change the | |||
| tration. | registration. | |||
| - Designate the IESG or another authority as having the right to | - Designate the IESG or another authority as having the right to | |||
| reassign ownership of a registration. This is mainly to get | reassign ownership of a registration. This is mainly to get | |||
| around the problem when some registration owner cannot be | around the problem when some registration owner cannot be | |||
| reached in order to make necessary updates. | reached in order to make necessary updates. | |||
| 5. What To Put In Documents | 5. What To Put In Documents | |||
| The previous sections presented some issues that should be considered | The previous sections presented some issues that should be considered | |||
| in formulating a policy for assigning well-known numbers and other | in formulating a policy for assigning well-known numbers and other | |||
| protocol constants. It is the Working Group and/or document author's | protocol constants. It is the Working Group and/or document author's | |||
| job to formulate an appropriate policy and specify it in the appro- | job to formulate an appropriate policy and specify it in the | |||
| priate document. In almost all cases, having an explicit "IANA Con- | appropriate document. In almost all cases, having an explicit "IANA | |||
| siderations" section is appropriate. The following subsections define | Considerations" section is appropriate. The following subsections | |||
| what is needed for the different types of IANA actions. | define what is needed for the different types of IANA actions. | |||
| 5.1. When There Are No IANA Actions | 5.1. When There Are No IANA Actions | |||
| Before an Internet-Draft can be published as an RFC, IANA needs to | Before an Internet-Draft can be published as an RFC, IANA needs to | |||
| know what actions (if any) it needs to perform. Experience has shown | know what actions (if any) it needs to perform. Experience has shown | |||
| that it is not always immediately obvious whether a document has no | that it is not always immediately obvious whether a document has no | |||
| IANA actions, without reviewing a document in some detail. In order | IANA actions, without reviewing a document in some detail. In order | |||
| to make it clear to IANA that it has no actions to perform (and that | to make it clear to IANA that it has no actions to perform (and that | |||
| the author has consciously made such a determination!), such docu- | the author has consciously made such a determination!), such docu- | |||
| ments should include an IANA Considerations section that states: | ments should include an IANA Considerations section that states: | |||
| skipping to change at page 10, line 19 ¶ | skipping to change at page 10, line 23 ¶ | |||
| IANA has assigned an option code value of TBD1 to the DNS Recur- | IANA has assigned an option code value of TBD1 to the DNS Recur- | |||
| sive Name Server option and an option code value of TBD2 to the | sive Name Server option and an option code value of TBD2 to the | |||
| Domain Search List option from the DHCP option code space defined | Domain Search List option from the DHCP option code space defined | |||
| in section 24.3 of RFC 3315. | in section 24.3 of RFC 3315. | |||
| 5.3. Creation of New Registries | 5.3. Creation of New Registries | |||
| Documents that create a new name space (or modify the definition of | Documents that create a new name space (or modify the definition of | |||
| an existing space) and that expect the IANA to play a role in main- | an existing space) and that expect the IANA to play a role in main- | |||
| taining that space (e.g., serving as a repository for registered val- | taining that space (e.g., serving as a repository for registered val- | |||
| ues) MUST document the process through which future assignments are | ues) MUST provide clear instructions on details of the name space. In | |||
| made. Such a section must state clearly: | particular, instructions MUST include: | |||
| - The name of the new registry to be created. The name will appear | 1) The name of the registry being created and/or maintained. The | |||
| on the IANA web page and will be refered to in future Internet | name will appear on the IANA web page and will be refered to in | |||
| Drafts that need to allocate a value from the new space. | future Internet Drafts that need to allocate a value from the | |||
| new space. | ||||
| - The review steps under which future allocations from the name | 2) What information must be provided in order to assign a new | |||
| space will be made (i.e., see Section 3). Note: When a Desig- | value. | |||
| nated Expert is used, documents MUST NOT name the Designated | ||||
| Expert in the document itself; instead, the name should be | ||||
| relayed to the appropriate IESG Area Director at the time the | ||||
| document is sent to the IESG for approval. | ||||
| - If the request should also be reviewed on a specific public | 3) The process through which future assignments are made (see Sec- | |||
| tion 3). | ||||
| Note: When a Designated Expert is used, documents MUST NOT name | ||||
| the Designated Expert in the document itself; instead, the name | ||||
| should be relayed to the appropriate IESG Area Director at the | ||||
| time the document is sent to the IESG for approval. | ||||
| If the request should also be reviewed on a specific public | ||||
| mailing list (such as the ietf-types@iana.org for media types), | mailing list (such as the ietf-types@iana.org for media types), | |||
| that mailing address should be specified. Note, however, that | that mailing address should be specified. Note, however, that | |||
| use of a Designated Expert MUST also be specified. | use of a Designated Expert MUST also be specified. | |||
| - if the IANA is expected to make assignments without requiring an | If the IANA is expected to make assignments without requiring an | |||
| outside review, sufficient guidance MUST be provided so that the | outside review, sufficient guidance MUST be provided so that the | |||
| requests can be evaluated with minimal subjectivity. | requests can be evaluated with minimal subjectivity. | |||
| Finally, it is quite acceptable to pick one of the example policies | When specifying the process for making future assignments, it is | |||
| cited above and refer to it by name. Indeed, this is the preferred | quite acceptable to pick one of the example policies listed in Sec- | |||
| mechanism in those cases where the sample policies provide the | tion 3 and refer to it by name. Indeed, this is the preferred mecha- | |||
| desired level of review. It is also acceptable to cite one of the | nism in those cases where the sample policies provide the desired | |||
| above policies and include additional guidelines for what kind of | level of review. It is also acceptable to cite one of the above poli- | |||
| considerations should be taken into account by the review process. | cies and include additional guidelines for what kind of considera- | |||
| For example, RADIUS [RFC3575] specifies the use of a Designated | tions should be taken into account by the review process. For exam- | |||
| Expert, but includes additional criteria the Designated Expert should | ple, RADIUS [RFC3575] specifies the use of a Designated Expert, but | |||
| follow. | includes additional criteria the Designated Expert should follow. | |||
| For example, a document could say something like: | For example, a document could say something like: | |||
| This document defines the FooBar DHCP option (see Section y), | This document defines a new DHCP option, entitled "FooBar" (see | |||
| assigned a value of TBD1 from the DCHP Option space [RFCXXX]. | Section y), assigned a value of TBD1 from the DCHP Option space | |||
| The FooBar option also contains an 8-bit FooType field, for | [RFCXXX]. The FooBar option also contains an 8-bit FooType | |||
| which IANA is to create and maintain a registry. Initial values | field, for which IANA is to create and maintain a registry enti- | |||
| for FooType field are given below; future assignments are to be | tled "FooType values". Initial values for FooType field are | |||
| made through Expert Review [IANA-CONSIDERATIONS]. Assignments | given below; future assignments are to be made through Expert | |||
| consist of a name and the value. | Review [IANA-CONSIDERATIONS]. Assignments consist of a name and | |||
| the value. | ||||
| Name Value Definition | Name Value Definition | |||
| ---- ----- ---------- | ---- ----- ---------- | |||
| Frobnitz 1 See Section y.1 | Frobnitz 1 See Section y.1 | |||
| NitzFrob 2 See Section y.2 | NitzFrob 2 See Section y.2 | |||
| For examples of documents that provide good and detailed guidance to | For examples of documents that provide good and detailed guidance to | |||
| the IANA on the issue of assigning numbers, consult [MIME-REG, MIME- | the IANA on the issue of assigning numbers, consult [MIME-REG, MIME- | |||
| LANG, RFC3757, RFC3749, RFC3575]. | LANG, RFC3757, RFC3749, RFC3575]. | |||
| 6. Applicability to Past and Future RFCs | 6. Applicability to Past and Future RFCs | |||
| For all existing RFCs that either explicitly or implicitly rely on | For all existing RFCs that either explicitly or implicitly rely on | |||
| the IANA to evaluate assignments without specifying a precise evalua- | the IANA to evaluate assignments without specifying a precise | |||
| tion policy, the IANA (in consultation with the IESG) will continue | evaluation policy, the IANA (in consultation with the IESG) will | |||
| to decide what policy is appropriate. Changes to existing policies | continue to decide what policy is appropriate. Changes to existing | |||
| can always be initiated through the normal IETF consensus process. | policies can always be initiated through the normal IETF consensus | |||
| process. | ||||
| Any decisions made by the IANA can be appealed using the normal IETF | Any decisions made by the IANA can be appealed using the normal IETF | |||
| appeals process as outlined in Section 6.5 of [IETF-PROCESS]. Specif- | appeals process as outlined in Section 6.5 of [IETF-PROCESS]. | |||
| ically, appeals should be directed to the IESG, followed (if neces- | Specifically, appeals should be directed to the IESG, followed (if | |||
| sary) by an appeal to the IAB. By virtue of the IAB's role as over- | necessary) by an appeal to the IAB. By virtue of the IAB's role as | |||
| seer of IANA administration [RFC 1602], the IAB's decision is final. | overseer of IANA administration [RFC 1602], the IAB's decision is | |||
| final. | ||||
| All future RFCs that either explicitly or implicitly rely on the IANA | All future RFCs that either explicitly or implicitly rely on the IANA | |||
| to register or otherwise manage assignments MUST provide guidelines | to register or otherwise manage assignments MUST provide guidelines | |||
| for managing the name space. | for managing the name space. | |||
| [XXX: following is new text w.r.t. 2434. Is this something that is | [XXX: following is new text w.r.t. 2434. Is this something that is | |||
| appropriate to include??] | appropriate to include??] | |||
| Since RFC 2434 was published, experience has shown that the docu- | Since RFC 2434 was published, experience has shown that the | |||
| mented IANA considerations for individual protocols do not always | documented IANA considerations for individual protocols do not always | |||
| adequately cover the reality on the ground. For example, many older | adequately cover the reality on the ground. For example, many older | |||
| routing protocols do not have documented, detailed IANA considera- | routing protocols do not have documented, detailed IANA | |||
| tions. In addition, documented IANA considerations are sometimes | considerations. In addition, documented IANA considerations are | |||
| found to be too stringent to allow even working group documents (for | sometimes found to be too stringent to allow even working group | |||
| which there is strong consensus) to obtain code points from IANA in | documents (for which there is strong consensus) to obtain code points | |||
| advance of actual RFC publication. In other cases, the documented | from IANA in advance of actual RFC publication. In other cases, the | |||
| procedures are unclear or neglected to cover all the cases. In order | documented procedures are unclear or neglected to cover all the | |||
| to allow assignments in individual cases where there is strong IETF | cases. In order to allow assignments in individual cases where there | |||
| consensus that an allocation should go forward, but the documented | is strong IETF consensus that an allocation should go forward, but | |||
| procedures do not support such an assignment, the IESG is granted | the documented procedures do not support such an assignment, the IESG | |||
| authority to approve assignments in such cases. The intention is not | is granted authority to approve assignments in such cases. The | |||
| to overule documented procedures, or to obviate the need for proto- | intention is not to overule documented procedures, or to obviate the | |||
| cols to properly document their IANA Considerations, but to permit | need for protocols to properly document their IANA Considerations, | |||
| assignments in individual cases where it is obvious that the assign- | but to permit assignments in individual cases where it is obvious | |||
| ment should just be made, but updating the IANA process just to | that the assignment should just be made, but updating the IANA | |||
| assign a particular code point is viewed as too heavy a burden. | process just to assign a particular code point is viewed as too heavy | |||
| a burden. | ||||
| 7. Security Considerations | 7. Security Considerations | |||
| Information that creates or updates a registration needs to be | Information that creates or updates a registration needs to be | |||
| authenticated. | authenticated. | |||
| Information concerning possible security vulnerabilities of a proto- | Information concerning possible security vulnerabilities of a | |||
| col may change over time. Likewise, security vulnerabilities related | protocol may change over time. Likewise, security vulnerabilities | |||
| to how an assigned number is used (e.g., if it identifies a protocol) | related to how an assigned number is used (e.g., if it identifies a | |||
| may change as well. As new vulnerabilities are discovered, informa- | protocol) may change as well. As new vulnerabilities are discovered, | |||
| tion about such vulnerabilities may need to be attached to existing | information about such vulnerabilities may need to be attached to | |||
| registrations, so that users are not mislead as to the true security | existing registrations, so that users are not mislead as to the true | |||
| issues surrounding the use of a registered number. | security issues surrounding the use of a registered number. | |||
| An analysis of security issues is required for all parameters (data | An analysis of security issues is required for all parameters (data | |||
| types, operation codes, keywords, etc.) used in IETF protocols or | types, operation codes, keywords, etc.) used in IETF protocols or | |||
| registered by the IANA. All descriptions of security issues must be | registered by the IANA. All descriptions of security issues must be | |||
| as accurate as possible regardless of level of registration. In par- | as accurate as possible regardless of level of registration. In | |||
| ticular, a statement that there are "no security issues associated | particular, a statement that there are "no security issues associated | |||
| with this type" must not given when it would be more accurate to | with this type" must not given when it would be more accurate to | |||
| state that "the security issues associated with this type have not | state that "the security issues associated with this type have not | |||
| been assessed". | been assessed". | |||
| 8. Acknowledgments | 8. Changes Relative to RFC 2434 | |||
| TBD | ||||
| 8.1. Changes Relative to -00 | ||||
| - Revised Section 5.3 to try and make it even more clear. | ||||
| 9. Acknowledgments | ||||
| From RFC 2434: | From RFC 2434: | |||
| Jon Postel and Joyce Reynolds provided a detailed explanation on what | Jon Postel and Joyce Reynolds provided a detailed explanation on what | |||
| the IANA needs in order to manage assignments efficiently, and | the IANA needs in order to manage assignments efficiently, and | |||
| patiently provided comments on multiple versions of this document. | patiently provided comments on multiple versions of this document. | |||
| Brian Carpenter provided helpful comments on earlier versions of the | Brian Carpenter provided helpful comments on earlier versions of the | |||
| document. One paragraph in the Security Considerations section was | document. One paragraph in the Security Considerations section was | |||
| borrowed from [MIME-REG]. | borrowed from [MIME-REG]. | |||
| 9. References | 10. References | |||
| [ASSIGNED] Reynolds, J., and J. Postel, "Assigned Numbers", STD 2, | [ASSIGNED] Reynolds, J., and J. Postel, "Assigned Numbers", STD 2, | |||
| RFC 1700, October 1994. See also: | RFC 1700, October 1994. See also: | |||
| http://www.iana.org/numbers.html | http://www.iana.org/numbers.html | |||
| [BGP4-EXT] Bates. T., Chandra, R., Katz, D. and Y. Rekhter, "Multi- | [BGP4-EXT] Bates. T., Chandra, R., Katz, D. and Y. Rekhter, | |||
| protocol Extensions for BGP-4", RFC 2283, February | "Multiprotocol Extensions for BGP-4", RFC 2283, | |||
| 1998. | February 1998. | |||
| [DHCP-OPTIONS] Alexander, S. and R. Droms, "DHCP Options and BOOTP | [DHCP-OPTIONS] Alexander, S. and R. Droms, "DHCP Options and BOOTP | |||
| Vendor Extensions", RFC 2132, March 1997. | Vendor Extensions", RFC 2132, March 1997. | |||
| [EXPERIMENTATION] "Assigning Experimental and Testing Numbers Consid- | [EXPERIMENTATION] "Assigning Experimental and Testing Numbers | |||
| ered Useful". T. Narten, RFC 3692, January 2004. | Considered Useful". T. Narten, RFC 3692, January | |||
| 2004. | ||||
| [IANA-CONSIDERATIONS] Alvestrand, H. and T. Narten, "Guidelines for | [IANA-CONSIDERATIONS] Alvestrand, H. and T. Narten, "Guidelines for | |||
| Writing an IANA Considerations Section in RFCs", BCP | Writing an IANA Considerations Section in RFCs", BCP | |||
| 26, RFC 2434, October 1998. | 26, RFC 2434, October 1998. | |||
| [IANA-MOU] Memorandum of Understanding Concerning the Technical Work | [IANA-MOU] Memorandum of Understanding Concerning the Technical Work | |||
| of the Internet Assigned Numbers Authority. B. Car- | of the Internet Assigned Numbers Authority. B. | |||
| penter, F. Baker, M. Roberts, RFC 2860, June 2000. | Carpenter, F. Baker, M. Roberts, RFC 2860, June | |||
| 2000. | ||||
| [IETF-PROCESS] Bradner, S., "The Internet Standards Process -- Revi- | [IETF-PROCESS] Bradner, S., "The Internet Standards Process -- | |||
| sion 3", BCP 9, RFC 2026, October 1996. | Revision 3", BCP 9, RFC 2026, October 1996. | |||
| [IP] Postel, J., "Internet Protocol", STD 5, RFC 791, September 1981. | [IP] Postel, J., "Internet Protocol", STD 5, RFC 791, September 1981. | |||
| [IPSEC] Atkinson, R., "Security Architecture for the Internet Proto- | [IPSEC] Atkinson, R., "Security Architecture for the Internet | |||
| col", RFC 1825, August 1995. | Protocol", RFC 1825, August 1995. | |||
| [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate | [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| [MIME-LANG] Freed, N. and K. Moore, "MIME Parameter Value and Encoded | [MIME-LANG] Freed, N. and K. Moore, "MIME Parameter Value and Encoded | |||
| Word Extensions: Character Sets, Languages, and Con- | Word Extensions: Character Sets, Languages, and | |||
| tinuations", RFC 2184, August 1997. | Continuations", RFC 2184, August 1997. | |||
| [MIME-REG] Freed, N., Klensin, J. and J. Postel, "Multipurpose Inter- | [MIME-REG] Freed, N., Klensin, J. and J. Postel, "Multipurpose | |||
| net Mail Extension (MIME) Part Four: Registration | Internet Mail Extension (MIME) Part Four: | |||
| Procedures", RFC 2048, November 1996. | Registration Procedures", RFC 2048, November 1996. | |||
| [SCSP] Luciani, J., Armitage, G. and J. Halpern, "Server Cache Syn- | [SCSP] Luciani, J., Armitage, G. and J. Halpern, "Server Cache | |||
| chronization Protocol (SCSP)", RFC 2334, April 1998. | Synchronization Protocol (SCSP)", RFC 2334, April | |||
| 1998. | ||||
| [SMTP-EXT] Klensin, J., Freed, N., Rose, M., Stefferud, E. and D. | [SMTP-EXT] Klensin, J., Freed, N., Rose, M., Stefferud, E. and D. | |||
| Crocker, "SMTP Service Extensions", RFC 1869, Novem- | Crocker, "SMTP Service Extensions", RFC 1869, | |||
| ber 1995. | November 1995. | |||
| [VENDOR-EXT] "Considerations on the Extensibility of IETF protocols", | [VENDOR-EXT] "Considerations on the Extensibility of IETF protocols", | |||
| draft-iesg-vendor-extensions-02.txt | draft-iesg-vendor-extensions-02.txt | |||
| [RFC3575] IANA Considerations for RADIUS (Remote Authentication Dial | [RFC3575] IANA Considerations for RADIUS (Remote Authentication Dial | |||
| In User Service). B. Aboba. RFC 3575, July 2003. | In User Service). B. Aboba. RFC 3575, July 2003. | |||
| 10. Authors' Addresses | 11. Authors' Addresses | |||
| Thomas Narten | Thomas Narten | |||
| IBM Corporation | IBM Corporation | |||
| 3039 Cornwallis Ave. | 3039 Cornwallis Ave. | |||
| PO Box 12195 - BRQA/502 | PO Box 12195 - BRQA/502 | |||
| Research Triangle Park, NC 27709-2195 | Research Triangle Park, NC 27709-2195 | |||
| Phone: 919-254-7798 | Phone: 919-254-7798 | |||
| EMail: narten@us.ibm.com | EMail: narten@us.ibm.com | |||
| Harald Tveit Alvestrand | Harald Tveit Alvestrand | |||
| Cisco Systems | Cisco Systems | |||
| 5245 Arboretum Dr | 5245 Arboretum Dr | |||
| Los Altos, CA | Los Altos, CA | |||
| USA | USA | |||
| Email: Harald@Alvestrand.no | Email: Harald@Alvestrand.no | |||
| Intellectual Property Statement | Intellectual Property Statement | |||
| End of changes. 56 change blocks. | ||||
| 188 lines changed or deleted | 212 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||