idnits 2.17.1 draft-ietf-dhc-options-uap-01.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Cannot find the required boilerplate sections (Copyright, IPR, etc.) in this document. Expected boilerplate is as follows today (2024-04-20) according to https://trustee.ietf.org/license-info : IETF Trust Legal Provisions of 28-dec-2009, Section 6.a: This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 2: Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 3: This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. == No 'Intended status' indicated for this document; assuming Proposed Standard == The page length should not exceed 58 lines per page, but there was 1 longer page, the longest (page 1) being 162 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** The abstract seems to contain references ([2], [3], [4], [5], [6], [1]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. -- The draft header indicates that this document obsoletes draft-ietf-dhc-options-uap-00.txt, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- -- No information found for rfcdraft-ietf-dhc-options-uap-00.txt - is the name correct? -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (March 1999) is 9168 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Missing reference section? '1' on line 29 looks like a reference -- Missing reference section? '2' on line 32 looks like a reference -- Missing reference section? '3' on line 43 looks like a reference -- Missing reference section? '4' on line 44 looks like a reference -- Missing reference section? '5' on line 48 looks like a reference -- Missing reference section? '6' on line 54 looks like a reference Summary: 9 errors (**), 0 flaws (~~), 2 warnings (==), 10 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Network Working Group S. Drach 2 INTERNET-DRAFT Sun Microsystems 3 Obsoletes: draft-ietf-dhc-options-uap-00.txt September 1998 4 Expires March 1999 6 DHCP Option for User Authentication Protocol 7 9 Status of this Memo 11 This document is an Internet-Draft. Internet-Drafts are working 12 documents of the Internet Engineering Task Force (IETF), its areas, 13 and its working groups. Note that other groups may also distribute 14 working documents as Internet-Drafts. 16 Internet-Drafts are draft documents valid for a maximum of six months 17 and may be updated, replaced, or obsoleted by other documents at any 18 time. It is inappropriate to use Internet- Drafts as reference 19 material or to cite them other than as "work in progress." 21 To view the entire list of current Internet-Drafts, please check the 22 "1id-abstracts.txt" listing contained in the Internet-Drafts Shadow 23 Directories on ftp.is.co.za (Africa), ftp.nordu.net (Northern 24 Europe), ftp.nis.garr.it (Southern Europe), munnari.oz.au (Pacific 25 Rim), ftp.ietf.org (US East Coast), or ftp.isi.edu (US West Coast). 27 Abstract 29 This document defines a DHCP [1] option that contains a list of 30 pointers to User Authentication Protocol servers that provide user 31 authentication services for clients that conform to The Open Group 32 Network Computing Client Technical Standard [2]. 34 Introduction 36 The Open Group Network Computing Client Technical Standard, a product 37 of The Open Group's Network Computing Working Group (NCWG), defines a 38 network computing client user authentication facility named the User 39 Authentication Protocol (UAP). 41 UAP provides two levels of authentication, basic and secure. Basic 42 authentication uses the Basic Authentication mechanism defined in the 43 HTTP 1.1 [3] specification. Secure authentication is simply basic 44 authentication encapsulated in an SSLv3 [4] session. 46 In both cases, a UAP client needs to obtain the IP address and port 47 of the UAP service. Additional path information may be required, 48 depending on the implementation of the service. A URL [5] is an 49 excellent mechanism for encapsulation of this information since many 50 UAP servers will be implemented as components within legacy HTTP/SSL 51 servers. 53 Most UAP clients have no local state and are configured when booted 54 through DHCP. No existing DHCP option [6] has a data field that 55 contains a URL. Option 72 contains a list of IP addresses for WWW 56 servers, but it is not adequate since a port and/or path can not be 57 specified. Hence there is a need for an option that contains a list 58 of URLs. 60 User Authentication Protocol Option 62 This option specifies a list of URLs, each pointing to a user 63 authentication service that is capable of processing authentication 64 requests encapsulated in the User Authentication Protocol (UAP). UAP 65 servers can accept either HTTP 1.1 or SSLv3 connections. If the list 66 includes a URL that does not contain a port component, the normal 67 default port is assumed (i.e., port 80 for http and port 443 for 68 https). If the list includes a URL that does not contain a path 69 component, the path /uap is assumed. 71 0 1 2 3 72 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 73 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 74 | Code | Length | URL list 75 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 77 Code TBD 79 Length The length of the data field (i.e., URL list) in 80 bytes. 82 URL list A list of one or more URLs separated by the ASCII 83 space character (0x20). 85 References 87 Droms, R., "Dynamic Host Configuration Protocol", RFC-2131, March 88 1997. 90 Technical Standard: Network Computing Client, The Open Group, 91 Document Number C801, October 1998. 93 Fielding, R., Gettys, J., Mogul, J., Frystyk, H., and T. Berners-Lee, 94 "Hypertext Transfer Protocol -- HTTP/1.1", RFC-2068, January 1997. 96 Freier, A., Karlton, P., and P. Kocher, "The SSL Protocol, Version 97 3.0", Internet Draft, November 1996. 99 Berners-Lee, T., Masinter, L., and M. McCahill, "Uniform Resource 100 Locators (URL)", RFC-1738, December 1994. 102 Alexander, S. and R. Droms, "DHCP Options and BOOTP Vendor 103 Extensions", RFC-2132, March 1997. 105 Security Considerations 107 DHCP currently provides no authentication or security mechanisms. 108 Potential exposures to attack are discussed in section 7 of the DHCP 109 protocol specification. 111 Author's Address 113 Steve Drach 114 Sun Microsystems, Inc. 115 901 San Antonio Road 116 Palo Alto, CA 94303 118 Phone: (650) 960-1300 120 EMail: drach@sun.com