idnits 2.17.1 draft-ietf-dhc-dhcpv6-opt-nisconfig-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 5 longer pages, the longest (page 6) being 61 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** There is 1 instance of too long lines in the document, the longest one being 1 character in excess of 72. ** The abstract seems to contain references ([3], [1]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (Nov 2003) is 7460 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) ** Obsolete normative reference: RFC 3315 (ref. '1') (Obsoleted by RFC 8415) Summary: 4 errors (**), 0 flaws (~~), 4 warnings (==), 2 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group Vijayabhaskar A Kalusivalingam 2 Internet-Draft Hewlett-Packard 3 Expires: May 2004 Nov 2003 5 NIS Configuration Options for DHCPv6 6 draft-ietf-dhc-dhcpv6-opt-nisconfig-04 8 Status of this Memo 10 This document is an Internet-Draft and is in full conformance with 11 all provisions of Section 10 of RFC2026. 13 Internet-Drafts are working documents of the Internet Engineering 14 Task Force (IETF), its areas, and its working groups. Note that 15 other groups may also distribute working documents as Internet- 16 Drafts. 18 Internet-Drafts are draft documents valid for a maximum of six months 19 and may be updated, replaced, or obsoleted by other documents at any 20 time. It is inappropriate to use Internet-Drafts as reference 21 material or to cite them other than as "work in progress." 23 The list of current Internet-Drafts can be accessed at 24 http://www.ietf.org/ietf/1id-abstracts.txt. 26 The list of Internet-Draft Shadow Directories can be accessed at 27 http://www.ietf.org/shadow.html. 29 This Internet-Draft will expire on May 2004. 31 Copyright Notice 33 Copyright (C) The Internet Society (2003). All Rights Reserved. 35 Abstract 37 This document describes four options for Network Information 38 Service (NIS) [3] related configuration information in 39 DHCPv6 (RFC 3315 [1]): NIS Servers [3], NIS+ Servers [3], NIS Client 40 Domain Name [3], NIS+ Client Domain name [3]. 42 1. Introduction 44 This document describes four options for passing configuration 45 information related to Network Information Service (NIS) [3] in 46 DHCPv6 [1]. 48 2. Terminology 50 The key words MUST, MUST NOT, REQUIRED, SHALL, SHALL NOT, SHOULD, 51 SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL in this document are to be 52 interpreted as described in RFC2119 [2]. 54 Throughout this document, unless otherwise specified, the acronym 55 DHCP refers to DHCP as specified in RFC 3315 [1]. 57 This document uses terminology specific to IPv6 and DHCP as defined 58 in section "Terminology" of RFC 3315 [1]. 60 3. Network Information Service (NIS) Servers Option 62 The Network Information Service (NIS) [3] Servers option provides a 63 list of one or more IPv6 addresses of NIS servers available to the 64 client. Clients MUST treat the list of NIS servers as an ordered 65 list. The server MAY list the NIS servers in the order of 66 preference. 68 The format of the Network Information Service Servers option is as 69 shown below: 71 0 1 2 3 72 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 73 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 74 | OPTION_NIS_SERVERS | option-len | 75 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 76 | | 77 | NIS server (IPv6 address) | 78 | | 79 | | 80 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 81 | | 82 | NIS server (IPv6 address) | 83 | | 84 | | 85 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 86 | ... | 87 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 89 option-code: OPTION_NIS_SERVERS (tbd) 91 option-len: Length of the 'NIS server' fields in octets; It must be 92 a multiple of 16 94 NIS server: IPv6 address of NIS server 96 4. Network Information Service V2 (NIS+) Servers Option 98 The Network Information Service V2 (NIS+) [3] Servers option provides 99 a list of one or more IPv6 addresses of NIS+ servers available to 100 the client. Clients MUST treat the list of NIS+ servers as an 101 ordered list. The server MAY list the NIS+ servers in the order of 102 preference. 104 The format of the Network Information Service V2 (NIS+) Servers 105 option is as shown below: 107 0 1 2 3 108 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 109 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 110 | OPTION_NISP_SERVERS | option-len | 111 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 112 | | 113 | NIS+ server (IPv6 address) | 114 | | 115 | | 116 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 117 | | 118 | NIS+ server (IPv6 address) | 119 | | 120 | | 121 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 122 | ... | 123 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 125 option-code: OPTION_NISP_SERVERS (tbd) 127 option-len: Length of the 'NIS+ server' fields in octets; It must be 128 a multiple of 16 130 NIS+ server: IPv6 address of NIS+ server 132 5. Network Information Service (NIS) Domain Name Option 134 The Network Information Service (NIS) [3] Domain Name option is used 135 by the server to convey client's NIS Domain Name info to the 136 client. 138 The format of the NIS Domain Name option is as shown below: 140 0 1 2 3 141 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 142 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 143 | OPTION_NIS_DOMAIN_NAME | option-len | 144 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 145 | nis-domain-name | 146 | ... | 147 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 149 option-code: OPTION_NIS_DOMAIN_NAME (tbd) 151 option-len: Length of the 'nis-domain-name' field in octets 153 nis-domain-name: NIS Domain name for client 155 The 'nis-domain-name' MUST be encoded as specified in section 156 "Representation and Use of domain names" of the DHCPv6 157 specification [1]. 159 6. Network Information Service V2 (NIS+) Domain Name Option 161 The Network Information Service V2 (NIS+) [3] Domain Name option is 162 used by the server to convey client's NIS+ Domain Name info to the 163 client. 165 The format of the NIS+ Domain Name option is as shown below: 167 0 1 2 3 168 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 169 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 170 | OPTION_NISP_DOMAIN_NAME | option-len | 171 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 172 | nisp-domain-name | 173 | ... | 174 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 176 option-code: OPTION_NISP_DOMAIN_NAME (tbd) 178 option-len: Length of the 'nisp-domain-name' field in octets 180 nisp-domain-name: NIS+ Domain name for client 182 The 'nisp-domain-name' MUST be encoded as specified in section 183 "Representation and Use of domain names" of the DHCPv6 184 specification [1]. 186 7. Appearance of these Options 188 The NIS servers, NIS+ servers, NIS domain name and NIS+ domain name 189 options MUST NOT appear in other than the following messages: Solicit, 190 Advertise, Request, Renew, Rebind, Information-Request and Reply. 192 The option number for these options MAY appear in the Option Request 193 Option [1] in the following messages: Solicit, Request, Renew, 194 Rebind, Information-Request and Reconfigure. 196 8. Security Considerations 198 The NIS servers, NIS+ servers, NIS domain name and NIS+ domain name 199 options may be used by an intruder DHCPv6 server to assign invalid 200 NIS parameters, resulting in clients unable to use NIS service. 202 The NIS servers and NIS+ servers options may be used by an intruder 203 DHCPv6 server to cause the DHCPv6 clients to send their queries to an 204 intruder NIS/NIS+ server. This misdirected searches may be used to 205 spoof NIS/NIS+ names. 207 The NIS domain name and NIS+ domain name options may be used by an 208 intruder DHCPv6 server to cause the DHCPv6 clients to search through 209 invalid domains for incompletely specified domain names. The results 210 of these misdirected searches may be used to spoof NIS/NIS+ names. 212 To avoid attacks through these options, the DHCPv6 client SHOULD use 213 authenticated DHCP (see section "Authentication of DHCP messages" in 214 the DHCPv6 specification [1]). 216 9. IANA Considerations 218 IANA is requested to assign an option code to the following options 219 from the option-code space defined in "DHCPv6 Options" section of the 220 DHCPv6 specification [1]. 222 Option Name Value Described in 223 OPTION_NIS_SERVERS tbd Section 3 224 OPTION_NISP_SERVERS tbd Section 4 225 OPTION_NIS_DOMAIN_NAME tbd Section 5 226 OPTION_NISP_DOMAIN_NAME tbd Section 6 228 10. Normative References 230 [1] Bound, J., Carney, M., Perkins, C., Lemon, T., Volz, B. and R. 231 Droms (ed.), "Dynamic Host Configuration Protocol for IPv6 232 (DHCPv6)", RFC 3315, July 2003. 234 [2] Bradner, S., "Key words for use in RFCs to Indicate Requirement 235 Levels", BCP 14, RFC 2119, March 1997. 237 11. Informative References 239 [3] Sun Microsystems, "System and Network Administration", 240 March 1990. 242 Author's Address 244 Vijayabhaskar A Kalusivalingam 245 Hewlett-Packard STSD-I 246 29, Cunningham Road 247 Bangalore - 560052 248 India 250 Phone: +91-80-2053085 251 E-Mail: vijayak@india.hp.com 253 Full Copyright Statement 255 Copyright (C) The Internet Society (2003). All Rights Reserved. 257 This document and translations of it may be copied and furnished to 258 others, and derivative works that comment on or otherwise explain it 259 or assist in its implementation may be prepared, copied, published 260 and distributed, in whole or in part, without restriction of any 261 kind, provided that the above copyright notice and this paragraph are 262 included on all such copies and derivative works. However, this 263 document itself may not be modified in any way, such as by removing 264 the copyright notice or references to the Internet Society or other 265 Internet organizations, except as needed for the purpose of 266 developing Internet standards in which case the procedures for 267 copyrights defined in the Internet Standards process must be 268 followed, or as required to translate it into languages other than 269 English. 271 The limited permissions granted above are perpetual and will not be 272 revoked by the Internet Society or its successors or assigns. 274 This document and the information contained herein is provided on an 275 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING 276 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING 277 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION 278 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF 279 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 281 Acknowledgement 283 Funding for the RFC Editor function is currently provided by the 284 Internet Society. Thanks to the DHC Working Group for their time and 285 input into the specification. In particular, thanks to (in 286 alphabetical order) Bernie Volz, Jim Bound, Margaret Wasserman, Pekka 287 Savola, Ralph Droms and Thomas Narten for their thorough review.