idnits 2.17.1 

draft-kuehlewind-masque-proxy-discovery-00.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

  == There are 1 instance of lines with non-RFC2606-compliant FQDNs in the
     document.

  ** The document seems to lack a both a reference to RFC 2119 and the
     recommended RFC 2119 boilerplate, even if it appears to use RFC 2119
     keywords. 

     RFC 2119 keyword, line 186: '...he proxy addresses SHOULD no longer be...'
     RFC 2119 keyword, line 220: '...he proxy addresses SHOULD no longer be...'
     RFC 2119 keyword, line 260: '... means that the proxy addresses SHOULD...'
     RFC 2119 keyword, line 377: '...erved:  8 bits.  MUST be set to 0 on t...'


  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the IETF Trust and authors Copyright Line does not
     match the current year

  -- The document date (September 11, 2020) is 1322 days in the past.  Is
     this intentional?


  Checking references for intended status: Informational
  ----------------------------------------------------------------------------

  == Outdated reference: A later version (-15) exists of
     draft-ietf-masque-connect-udp-00


     Summary: 1 error (**), 0 flaws (~~), 3 warnings (==), 1 comment (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	Network Working Group                                      M. Kuehlewind
3	Internet-Draft                                                 Z. Sarker
4	Intended status: Informational                             M. Westerlund
5	Expires: March 15, 2021                                         Ericsson
6	                                                      September 11, 2020

8	           Discovery Mechanisms for QUIC-based Proxy Services
9	             draft-kuehlewind-masque-proxy-discovery-00

11	Abstract

13	   Often an intermediate instance (such as a proxy server) is used to
14	   connect to a web server or a communicating peer if a direct end-to-
15	   end IP connectivity is not possible or the proxy can provide a
16	   support service like, e.g., address anonymisation.  To use a non-
17	   transparent proxy a client explicitly connects to it and requests
18	   forwarding to the final target server.  The MASQUE Connect-UDP Proxy
19	   service is an example of such a proxy service.  The client either
20	   knows the proxy address as preconfigured in the application or can
21	   dynamically learn about available proxy services.  This document
22	   describes different discovery mechanisms for non-transparent proxies
23	   that are either located in the local network, e.g. home or enterprise
24	   network, in the access network, or somewhere else on the Internet
25	   usually close to the target server or even in the same network as the
26	   target server.

28	   This document assumes that the non-transparent proxy server is
29	   connected via QUIC and discusses potential discovery mechanisms for
30	   such a QUIC-based, non-transparent proxy.

32	Status of This Memo

34	   This Internet-Draft is submitted in full conformance with the
35	   provisions of BCP 78 and BCP 79.

37	   Internet-Drafts are working documents of the Internet Engineering
38	   Task Force (IETF).  Note that other groups may also distribute
39	   working documents as Internet-Drafts.  The list of current Internet-
40	   Drafts is at https://datatracker.ietf.org/drafts/current/.

42	   Internet-Drafts are draft documents valid for a maximum of six months
43	   and may be updated, replaced, or obsoleted by other documents at any
44	   time.  It is inappropriate to use Internet-Drafts as reference
45	   material or to cite them other than as "work in progress."

47	   This Internet-Draft will expire on March 15, 2021.

49	Copyright Notice

51	   Copyright (c) 2020 IETF Trust and the persons identified as the
52	   document authors.  All rights reserved.

54	   This document is subject to BCP 78 and the IETF Trust's Legal
55	   Provisions Relating to IETF Documents
56	   (https://trustee.ietf.org/license-info) in effect on the date of
57	   publication of this document.  Please review these documents
58	   carefully, as they describe your rights and restrictions with respect
59	   to this document.  Code Components extracted from this document must
60	   include Simplified BSD License text as described in Section 4.e of
61	   the Trust Legal Provisions and are provided without warranty as
62	   described in the Simplified BSD License.

64	Table of Contents

66	   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
67	   2.  Using DHCP for Local Discovery  . . . . . . . . . . . . . . .   4
68	   3.  Using IPv6 Neighbor Discovery for Local Discovery . . . . . .   5
69	     3.1.  Using PVDs  . . . . . . . . . . . . . . . . . . . . . . .   6
70	   4.  DNS Service Discovery (DNS-SD)  . . . . . . . . . . . . . . .   7
71	     4.1.  Local discovery using mDNS  . . . . . . . . . . . . . . .   7
72	     4.2.  Discovery for Remote Domains  . . . . . . . . . . . . . .   8
73	   5.  Using PCP options . . . . . . . . . . . . . . . . . . . . . .   8
74	   6.  Using Anycast address . . . . . . . . . . . . . . . . . . . .   9
75	   7.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   9
76	   8.  Security Consideration  . . . . . . . . . . . . . . . . . . .  10
77	   9.  Contributors  . . . . . . . . . . . . . . . . . . . . . . . .  10
78	   10. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .  10
79	   11. References  . . . . . . . . . . . . . . . . . . . . . . . . .  10
80	     11.1.  Normative References . . . . . . . . . . . . . . . . . .  11
81	     11.2.  Informative References . . . . . . . . . . . . . . . . .  12
82	   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  12

84	1.  Introduction

86	   QUIC is a new transport protocol that was initially developed as a
87	   way to optimize HTTP traffic by supporting multiplexing without head-
88	   of-line-blocking and integrating security directly into the
89	   transport.  This tight integration of security allows the transport
90	   and security handshakes to be combined into a single round-trip
91	   exchange, after which both the transport connection and authenticated
92	   encryption keys are ready.

94	   Often an intermediate instance (such as a proxy server) is used to
95	   connect to a web server or a communicating peer if a direct end-to-
96	   end IP connectivity is not possible or the proxy can provide a
97	   support service like, e.g., address anonymization.  QUIC's ability to
98	   multiplex, encrypt data, and migrate between network paths makes it
99	   ideal for solutions that need to tunnel or proxy traffic.

101	   Existing proxies that are based on TCP and HTTP are often
102	   transparent.  That is, they do not require the cooperation of the
103	   ultimate connection endpoints, and are often not visible to one or
104	   both of the endpoints.  When QUIC provides the basis for a tunneling
105	   and proxying solutions, such as defined in MASQUE WG, this
106	   relationship will change.  At least one of the endpoints will be
107	   aware of the proxy, explicitly connect to it, and coordinate with it.
108	   This makes the proxy and tunneling non-transparent to at least one
109	   party, most often the client.  This allows client hosts to make
110	   explicit decisions about the services they request from proxies (for
111	   example, simple forwarding or more advance performance-optimizing
112	   services), and to do so using a secure communication channel between
113	   itself and the proxy.  [I-D.kuehlewind-masque-quic-substrate]
114	   describes some of the use cases for using QUIC for proxying and
115	   tunneling.

117	   To use a non-transparent proxy service a client explicitly connects
118	   to the proxy and requests forwarding to the final target server.  The
119	   client either knows the proxy address as preconfigured in the
120	   application or can dynamically learn about available proxy servers.
121	   This document describes different discovery mechanisms for proxies
122	   that are either located in the local network, e.g. home or enterprise
123	   network, in the access network, or somewhere else on the Internet
124	   usually close to the target server or even in the same network as the
125	   target server.  For the rest of the document the work "proxy" refers
126	   to a non-transparent proxy.

128	   The discovery mechanisms proposed in this document cover a range of
129	   approaches based on IETF protocols and commonly used mechanisms,
130	   however, other mechanisms in more specialized networks are possible
131	   as well.  For 5G networks, the 3GPP specifies an extended exposure
132	   framework that potentially can also be used for proxy discovery and
133	   routing support.

135	   After discovery a client can connect to the proxy and request a proxy
136	   service, such as the MASQUE Connect-UDP service
137	   [I-D.ietf-masque-connect-udp], to instruct the proxy forward traffic
138	   to a target server as well as negotiate and request proxy
139	   capabilities and parameters.

141	   The specific solutions for discovery of proxy services and their
142	   specification will need to evolve as the nature of the MASQUE proxy
143	   services evolve.  How specifically bound the discovery should be to
144	   MASQUE proxy services also will need further discussion.

146	2.  Using DHCP for Local Discovery

148	   DHCP [RFC2131] can be used to announce the IP address of local proxy
149	   server in IPv4 networks, as well DHCPv6 [RFC8415] in IPv6 networks.
150	   New options for both protocols are specified below and as shown in
151	   Figure 1 and Figure 2.  In both cases the option can contain one or
152	   more IP addresses (but of course IPV4 and IOv6 address respectively)
153	   of QUIC-based proxy servers (indicated by the Q flag).  All of the
154	   addresses in one option share the same Lifetime value.  If it is
155	   desirable to have different Lifetime values, multiple options can be
156	   used.

158	                       0                             1
159	                 0  1  2  3  4  5  6  7  8  9  0  1  2  3  4  5
160	                +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
161	                |          Code         |          Len          |
162	                +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
163	                |                   Reserved                 |Q |
164	                +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
165	                |                    Lifetime                   |
166	                +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+
167	                |                                               |
168	                :  IPv4 Addresses of QUIC-based Proxy Servers   :
169	                |                                               |
170	                +--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+--+

172	             Figure 1: IPv4 Proxy Discovery DHCP option format

174	   Code:  Proxy Discovery option code (TBD) (8 bit)

176	   Len:  length of the option (without the Code and Len fields) in units
177	      of octets.  The minimum value is 8 if one IPv4 address is
178	      contained in the option.  Every additional IPv4 address increases
179	      the length by 4. (8-bit unsigned integer)

181	   Q: is set to one if proxy supports QUIC on port 443 (1 bit)

183	   Lifetime:  maximum time in seconds (relative to the time the packet
184	      is received) over which these IP4 addresses can be used for proxy
185	      discovery.  A value of all one bits (0xffff) represents infinity.
186	      A value of zero means that the proxy addresses SHOULD no longer be
187	      used. (16-bit unsigned integer)

189	   IPv4 Addresses of QUIC-based Proxy Servers:  one or more 64-bit IPv4
190	      addresses of QUIC-based proxy servers.  The number of addresses is
191	      determined by the Length field.  That is, the number of addresses
192	      is equal to (Length - 4) / 4.

194	        0                   1                   2                   3
195	        0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
196	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
197	       |          option-code          |          option-len           |
198	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
199	       |         Reserved            |Q|            Lifetime           |
200	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
201	       |                                                               |
202	       :            IPv6 Addresses of QUIC-based Proxy Servers         :
203	       |                                                               |
204	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

206	             Figure 2: IPv6 Proxy Discovery DHCP option format

208	   option-code:  Proxy Discovery option code (TBD) (16 bit)

210	   option-len:  length of the option (without the Type and Length
211	      fields) in units of octets.  The minimum value is 20 if one IPv6
212	      address is contained in the option.  Every additional IPv6 address
213	      increases the length by 16. (16-bit unsigned integer)

215	   Q: is set to one if proxy supports QUIC on port 443 (1 bit)

217	   Lifetime:  maximum time in seconds (relative to the time the packet
218	      is received) over which these IPv6 addresses can be used for proxy
219	      discovery.  A value of all one bits (0xffff) represents infinity.
220	      A value of zero means that the proxy addresses SHOULD no longer be
221	      used. (16-bit unsigned integer)

223	   IPv6 Addresses of QUIC-based Proxy Servers:  one or more 128-bit IPv6
224	      addresses of QUIC-based proxy servers.  The number of addresses is
225	      determined by the Length field.  That is, the number of addresses
226	      is equal to (Length - 4) / 16.

228	3.  Using IPv6 Neighbor Discovery for Local Discovery

230	   If a proxy is located in the local network, information to discover a
231	   proxy service can be provided in a new Router Advertisement (RA)
232	   Option [RFC4861], the Proxy Discovery option.

234	        0                   1                   2                   3
235	        0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
236	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
237	       |     Type      |     Length    |           Reserved          |Q|
238	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
239	       |                           Lifetime                            |
240	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
241	       |                                                               |
242	       :            IPv6 Addresses of QUIC-based Proxy Servers         :
243	       |                                                               |
244	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

246	                Figure 3: Proxy Discovery RA option format

248	   Type:  Proxy Discovery option type (TBD) (8 bit)

250	   Length:  length of the option (including the Type and Length fields)
251	      in units of 8 octets.  The minimum value is 3 if one IPv6 address
252	      is contained in the option.  Every additional IPv6 address
253	      increases the length by 2. (8-bit unsigned integer)

255	   Q: is set to one if proxy supports QUIC on port 443 (1 bit)

257	   Lifetime:  maximum time in seconds (relative to the time the packet
258	      is received) over which these IPv6 addresses can be used for proxy
259	      discovery.  A value of all one bits (0xffffffff) represents
260	      infinity.  A value of zero means that the proxy addresses SHOULD
261	      no longer be used. (32-bit unsigned integer)

263	   IPv6 Addresses of QUIC-based Proxy Servers:  one or more 128-bit IPv6
264	      addresses of QUIC-based proxy servers.  The number of addresses is
265	      determined by the Length field.  That is, the number of addresses
266	      is equal to (Length - 1) / 2.

268	3.1.  Using PVDs

270	   If the local network provides configuration with an Explicit
271	   Provisioning Domain (PvD) [RFC8801], the RA defined above can be used
272	   with the PvD Option or alternatively proxy information can be
273	   retrieved in the additional information JSON files associated with
274	   the PvD ID.  The endhost resolves the URL provided in the PvD ID into
275	   an IP address using the local DNS server that is associated with the
276	   corresponding PvD (see also section 3.4.4 of [RFC8801]).  If a QUIC-
277	   based proxy services is provided the additional information JSON file
278	   contains the key "QuicProxyIP".  It can then optionally also contain
279	   more information about the specific proxy services offered using the
280	   "ProxyService" key.  Or the client can connect directly to the proxy
281	   over QUIC on port 443 and request information about the proxy service
282	   directly from the proxy server.

284	   For remote network a Web PvD might be available that contains proxy
285	   information.  If provided, the PvD JSON configuration file
286	   retrievable at the URI with the format:

288	    https://<Domain>/.well-known/pvd

290	4.  DNS Service Discovery (DNS-SD)

292	   [RFC6763] describes the use of SRV records to discover the available
293	   instances of a type of service.  To get a list of names of the
294	   available instance for a certain service a client requests records of
295	   type "PTR" (pointer from one name to another) in the DNS namespace
296	   [RFC1035] for a name containing the service and domain.

298	   As specified in [RFC6763] the client can perform a PTR query for a
299	   list of available proxy instance in the following way:

301	   _quicproxy._udp.<domain>

303	   here the <domain> portion is the domain name where the service is
304	   registered.  The domain name can be obtained via DHCP options or
305	   preconfigured.

307	   The result of this PTR lookup is a set of zero or more PTR records
308	   giving Service Instance names.  Then to contact a particular service,
309	   the client can query for the SRV [RFC2782] and TXT records of the
310	   selected service instance name.  The SRV record contains the IP
311	   address of the proxy service instance as well as the port number.
312	   The port number of QUIC-based proxy is usually expected to be 443 but
313	   may differ.  The TXT can contain additional information describing
314	   the kind of proxy services that is offered.

316	4.1.  Local discovery using mDNS

318	   [RFC6762] defines the use of ".local." for performing DNS like
319	   operations on the local link.  Any DNS query for a name ending
320	   "local." will be sent to a predefined IPv4 or IPv6 link local
321	   multicast address.

323	   To discover QUIC-based proxy services locally, the client request the
324	   PTR record for the name:

326	   _quicproxy._udp.local.

328	   The result of this PTR lookup is a set of zero or more PTR records
329	   giving Service Instance Names of the form:

331	   <Instance>._quicproxy._udp.local.

333	      Editors' Note: Or _masque._udp ? Or _proxy._quic._udp or
334	      _quicproxy._http._udp ...?  However in the later case the proxy
335	      should probably also actually offer a webpage...

337	4.2.  Discovery for Remote Domains

339	   If a client wants to discover a QUIC-based proxy server for a remote
340	   domain, this domain has to be known by the client, e.g. being
341	   preconfigured in the application.

343	5.  Using PCP options

345	   Port Control Protocol (PCP), described in [RFC6887], defines
346	   mechanism to do packet forwarding for different types of IPv4/Ipv6
347	   Network Address Translators (NAT) or firewalls.  Usual deployments of
348	   PCP include Carrier-Grade NAT (CGN), Customer-premises Equipment
349	   (CPE), or residential NATs.  When PCP is used to control address
350	   translation and forwarding, the PCP server can also be used to
351	   announce the existence of a QUIC-based proxy to the client.

353	   PCP allows options to be included in the PCP request and response
354	   header.  To announce information from the PCP server to the client,
355	   information about who to find a the QUIC-based proxy can be included
356	   in the response header as an option.  As [RFC6887] describes, the
357	   client will ignore any options that it does not understand.  A new
358	   PCP option carrying QUIC-based proxy information is speficied below.

360	        0                   1                   2                   3
361	        0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
362	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
363	       |  <Option Code>  |  Reserved     |            Length           |
364	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
365	       |                                                               |
366	       :          IP Addresses of QUIC-based Proxy Servers             :
367	       :                      (each 128 bits)                          :
368	       |                                                               |
369	       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

371	                Figure 4: Proxy Discovery PCP option format

373	   The fields are described below -
374	   Option Code:  8 bits.  The most significant bit indicates if this
375	      option is mandatory (0) or optional (1) to process.

377	   Reserved:  8 bits.  MUST be set to 0 on transmission and MUST be
378	      ignored on reception.

380	   Option Length:

382	   :16 bits.  Indicates the length of the enclosed data, in octets.
383	   Options with length of 0 are allowed.  Options that are not a
384	   multiple of 4 octets long are followed by one, two, or three 0 octets
385	   to pad their effective length in the packet to be a multiple of 4
386	   octets.  The Option Length reflects the semantic length of the
387	   option, not including any padding octets.

389	   IP Addresses of QUIC-based Proxy Servers:  one or more IPv6 addresses
390	      and/or IPv4 addresses of QUIC-based proxy servers.  As specified
391	      in section 5 of [RFC6887] all addresses use fixed-size 128-bit
392	      fields.  When the address field holds an IPv4 address, an
393	      IPv4-mapped IPv6 address [RFC4291] is used (::ffff:0:0/96).  The
394	      number of addresses is determined by the Length field.  That is,
395	      the number of addresses is equal to Length/16.

397	6.  Using Anycast address

399	   Well-known IP anycast addresses can be used to start communicating
400	   with QUIC proxy or to discovery any or a list of unicast address of a
401	   QUIC proxy.  When the proxy receives the request for proxy
402	   functionalities, it can either decide to repsond to the client with
403	   the anycast address as source address or it can send back a list of
404	   unicast address with a redirect command.

406	      TODO: complete the description

408	7.  IANA Considerations

410	   IANA is requested to assign two DHCP options, one for IPv4 and one
411	   for IPv6, in the "BOOTP Vendor Extensions and DHCP Options" registry
412	   (http://www.iana.org/assignments/bootp-dhcp-parameters), as specified
413	   in [RFC2939], and the "Option Codes" registry under DHCPv6 parameters
414	   (http://www.iana.org/assignments/dhcpv6-parameters), respectively, as
415	   well a new value for the Proxy Discovery Option in the IPv6 Neighbor
416	   Discovery Option Formats registry.

418	   This document adds a key to the "Additional Information PvD Keys"
419	   registry, defined by [RFC8801].

421	   JSON key      | Description        | Type    | Example
422	   ------------- | -----------------  | ------- | ---
423	   QuicProxyIP   | IP adress for      | Array of| "["2001:db8:::1",
424	                 | QUIC-based proxies | Strings |   "2001:db8:::2"]"
425	   --------------------------------------------------------------------
426	   ProxyService  | IDs identifying    | Array of| "["Forwarding",
427	                 | a specific service | Strings |   "DNSResolution"]"
428	   --------------------------------------------------------------------

430	   Further, IANA is requested to register a new service name "quicproxy"
431	   in the "Service Name and Transport Protocol Port Number Registry"
432	   (https://www.iana.org/assignments/service-names-port-numbers/service-
433	   names-port-numbers.xhtml).

435	8.  Security Consideration

437	   Discovery mechanisms that are not authenticated provide no guarantees
438	   about the proxy configuration information provided.  In some
439	   scenarios a client may decide to use this information anyway, as
440	   either the local environment that the discovery was performed in is
441	   trusted, or the client has meansto authenticate the identify of the
442	   proxy when connecting using QUIC and only uses the discovery to
443	   dynamically detect an IP address.

445	   Further even if the proxy is not trusted, simple forwarding or other
446	   network-based services may be used by the client if the forwarded
447	   traffic itself is end-to-end encrypted.  In this case the trust level
448	   should not be assumed to be higher than in the connectivity case
449	   without proxy usage.  Also note that even when the proxy is assumed
450	   to be untrusted, an attacker could still use the opportunity to
451	   redirect traffic over a specific node in order to more easily observe
452	   the traffic.  However, in this case the client is at least aware of
453	   the use of the proxy and therefore has means to potentially even
454	   identify the proxy provider, e.g. based on the IP or certificate.

456	   For further discussion of the security of each discovery mechanism,
457	   see also the security consideration section of these specifications.

459	9.  Contributors

461	10.  Acknowledgments

463	11.  References
464	11.1.  Normative References

466	   [RFC1035]  Mockapetris, P., "Domain names - implementation and
467	              specification", STD 13, RFC 1035, DOI 10.17487/RFC1035,
468	              November 1987, <https://www.rfc-editor.org/info/rfc1035>.

470	   [RFC2131]  Droms, R., "Dynamic Host Configuration Protocol",
471	              RFC 2131, DOI 10.17487/RFC2131, March 1997,
472	              <https://www.rfc-editor.org/info/rfc2131>.

474	   [RFC2782]  Gulbrandsen, A., Vixie, P., and L. Esibov, "A DNS RR for
475	              specifying the location of services (DNS SRV)", RFC 2782,
476	              DOI 10.17487/RFC2782, February 2000,
477	              <https://www.rfc-editor.org/info/rfc2782>.

479	   [RFC4291]  Hinden, R. and S. Deering, "IP Version 6 Addressing
480	              Architecture", RFC 4291, DOI 10.17487/RFC4291, February
481	              2006, <https://www.rfc-editor.org/info/rfc4291>.

483	   [RFC4861]  Narten, T., Nordmark, E., Simpson, W., and H. Soliman,
484	              "Neighbor Discovery for IP version 6 (IPv6)", RFC 4861,
485	              DOI 10.17487/RFC4861, September 2007,
486	              <https://www.rfc-editor.org/info/rfc4861>.

488	   [RFC6762]  Cheshire, S. and M. Krochmal, "Multicast DNS", RFC 6762,
489	              DOI 10.17487/RFC6762, February 2013,
490	              <https://www.rfc-editor.org/info/rfc6762>.

492	   [RFC6763]  Cheshire, S. and M. Krochmal, "DNS-Based Service
493	              Discovery", RFC 6763, DOI 10.17487/RFC6763, February 2013,
494	              <https://www.rfc-editor.org/info/rfc6763>.

496	   [RFC6887]  Wing, D., Ed., Cheshire, S., Boucadair, M., Penno, R., and
497	              P. Selkirk, "Port Control Protocol (PCP)", RFC 6887,
498	              DOI 10.17487/RFC6887, April 2013,
499	              <https://www.rfc-editor.org/info/rfc6887>.

501	   [RFC8415]  Mrugalski, T., Siodelski, M., Volz, B., Yourtchenko, A.,
502	              Richardson, M., Jiang, S., Lemon, T., and T. Winters,
503	              "Dynamic Host Configuration Protocol for IPv6 (DHCPv6)",
504	              RFC 8415, DOI 10.17487/RFC8415, November 2018,
505	              <https://www.rfc-editor.org/info/rfc8415>.

507	   [RFC8801]  Pfister, P., Vyncke, E., Pauly, T., Schinazi, D., and W.
508	              Shao, "Discovering Provisioning Domain Names and Data",
509	              RFC 8801, DOI 10.17487/RFC8801, July 2020,
510	              <https://www.rfc-editor.org/info/rfc8801>.

512	11.2.  Informative References

514	   [I-D.ietf-masque-connect-udp]
515	              Schinazi, D., "The CONNECT-UDP HTTP Method", draft-ietf-
516	              masque-connect-udp-00 (work in progress), August 2020.

518	   [I-D.kuehlewind-masque-quic-substrate]
519	              Kuehlewind, M., Sarker, Z., Fossati, T., and L. Pardue,
520	              "Use Cases and Requirements for QUIC as a Substrate",
521	              draft-kuehlewind-masque-quic-substrate-00 (work in
522	              progress), March 2020.

524	   [RFC2939]  Droms, R., "Procedures and IANA Guidelines for Definition
525	              of New DHCP Options and Message Types", BCP 43, RFC 2939,
526	              DOI 10.17487/RFC2939, September 2000,
527	              <https://www.rfc-editor.org/info/rfc2939>.

529	Authors' Addresses

531	   Mirja Kuehlewind
532	   Ericsson

534	   Email: mirja.kuehlewind@ericsson.com

536	   Zaheduzzaman Sarker
537	   Ericsson

539	   Email: zaheduzzaman.sarker@ericsson.com

541	   Magnus Westerlund
542	   Ericsson

544	   Email: magnus.westerlund@ericsson.com