IPv6 Working Group S.Varada (Editor) Internet Draft Transwitch Category: Standards track October 2007 Expires: April 2008 Negotiation for IPv6 datagram compression using IPv6 Control Protocol Status of this Memo By submitting this Internet-Draft, each author represents that any applicable patent or other IPR claims of which he or she is aware have been or will be disclosed, and any of which he or she becomes aware will be disclosed, in accordance with Section 6 of BCP 79. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Copyright Notice Copyright (C) The IETF Trust (2007). Abstract The Point-to-Point Protocol (PPP) provides a standard method of encapsulating Network Layer protocol information over point-to-point links. PPP also defines an extensible Link Control Protocol, and proposes a family of Network Control Protocols (NCPs) for establishing and configuring different network-layer protocols. The IPv6 Control Protocol (IPv6CP), which is an NCP for a PPP link, allows for the negotiation of desirable parameters for the IPv6 interface over PPP. Varada [Page 1] draft-ietf-ipv6-compression-nego-v2-00.txt October 2007 This document defines the IPv6 datagram compression option that can be negotiated by a node on the link through the IPv6CP. Table of Contents 1. Introduction...................................................2 1.1 Specification of Requirements..............................3 2. IPV6CP Configuration Options...................................3 2.1 IPv6-Compression-Protocol..................................3 3. Security Considerations........................................4 4. IANA Considerations............................................5 5. Acknowledgments................................................5 6. References.....................................................6 6.1 Normative References.......................................6 6.2 Informative References.....................................6 Editor's Address..................................................6 IPR Notice ......................................................6 Copyright Notice and Disclaimer...................................7 1. Introduction PPP [1] has three main components: 1) A method for encapsulating datagrams over serial links. 2) A Link Control Protocol (LCP) for establishing, configuring, and testing the data-link connection. 3) A family of Network Control Protocols (NCPs) for establishing and configuring different network-layer protocols. In order to establish communications over a point-to-point link, each end of the PPP link must first send LCP packets to configure and test the data link. After the link has been established and optional facilities have been negotiated as needed by the LCP, PPP must send NCP packets to choose and configure one or more network-layer protocols. Once each of the chosen network-layer protocols has been configured, datagrams from each network-layer protocol can be sent over the link. The link will remain configured for communications until explicit LCP or NCP packets close the link down, or until some external event occurs (power failure at the other end, carrier drop, etc.). In the IPv6 over PPP specification [2], the NCP, or IPv6CP, for establishing and configuring the IPv6 over PPP is defined. The Varada April 2008 [Page 2] draft-ietf-ipv6-compression-nego-v2-00.txt October 2007 same specification defines the Interface Identifier parameter, which can be used to generate link-local and global unique IPv6 addresses, for negotiation. In this specification, the compression parameter for use in IPv6 datagram compression is defined. 1.1 Specification of Requirements In this document, several words are used to signify the requirements of the specification. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [3]. 2. IPV6CP Configuration Options IPV6CP Configuration Options allow negotiation of desirable IPv6 parameters. IPV6CP uses the same Configuration Option format defined for LCP [1] but with a separate set of Options. If a Configuration Option is not included in a Configure-Request packet, the default value for that Configuration Option is assumed. The only IPV6CP option defined in this document is the IPv6- Compression-Protocol. The Type field for this IPV6CP Option is as follows: 2 IPv6-Compression-Protocol Note that the up-to-date values of the IPV6CP Option Type field are specified in the on-line database of "Assigned Numbers" maintained at IANA [4]. 2.1 IPv6-Compression-Protocol Description This Configuration Option provides a way to negotiate the use of a specific IPv6 packet compression protocol. The IPv6-Compression-Protocol Configuration Option is used to indicate the ability to receive compressed packets. Each end of the link MUST separately request this option if bi-directional compression is desired. By default, compression is not enabled. IPv6 compression negotiated with this option is specific to IPv6 datagrams and is not to be confused with compression resulting Varada April 2008 [Page 3] draft-ietf-ipv6-compression-nego-v2-00.txt October 2007 from negotiations via Compression Control Protocol (CCP), which potentially affect all datagrams. A summary of the IPv6-Compression-Protocol Configuration Option format is shown below. The fields are transmitted from left to right. 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Type | Length | IPv6-Compression-Protocol | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Data ... +-+-+-+-+ Type 2 Length >= 4 IPv6-Compression-Protocol The IPv6-Compression-Protocol field is two octets and indicates the compression protocol desired. Values for this field are always the same as the PPP Data Link Layer Protocol field values for that same compression protocol. No IPv6-Compression-Protocol field values are currently assigned. Specific assignments will be made in documents that define specific compression algorithms. Data The Data field is zero or more octets and contains additional data as determined by the particular compression protocol. Default No IPv6 compression protocol enabled. 3. Security Considerations Varada April 2008 [Page 4] draft-ietf-ipv6-compression-nego-v2-00.txt October 2007 Lack of proper link security, such as authentication, prior to the data transfer may lead to such attacks as the man-in-the middle resulting in the loss of data integrity and confidentiality. The mechanisms that are appropriate for ensuring PPP link security are addressed below together with the reference to a generic threat model. The mechanisms that are appropriate for ensuring PPP link Security are: 1) Access Control Lists that apply filters on traffic received over the link for enforcing admission policy, 2) an Authentication protocol that facilitates negotiations between peers [5] to select an authentication method (e.g., MD5 [6]) for validation of the peer, and 3) an Encryption protocol that facilitates negotiations between peers to select encryption algorithms (or, crypto-suites) to ensure data confidentiality [7]). There are certain threats associated with peer interactions on a PPP link even with one or more of the above security measures in place. For instance, using MD5 authentication method [6] exposes one to replay attack, where in which, an attacker could intercept and replay a station's identity and password hash to get access to a network. The user of this specification is advised to refer to [5], which presents a generic threat model, for an understanding of the threats posed to the security of a link. The reference [5] also gives framework to specify requirements for the selection of an authentication method for a given application. 4. IANA Considerations The author has no specific recommendations for the IANA on the assignment of a value for the Type field of IPv6 datagram compression option specified in this specification. The current assignment is up-to-date at [4]. However, the IANA should take note that the PPP Data Link Layer number for the IPV6-Compression-Protocol configuration option is same as that of the IPV6CP Configuration options, which is listed in the RFC 3818 [8]. To insure proper review of the same, the Editor Would like to place it under IETF consensus process. 5. Acknowledgments Varada April 2008 [Page 5] draft-ietf-ipv6-compression-nego-v2-00.txt October 2007 The editor is grateful to Jari Arkko for the direction provided on this draft and James Carlson for helpful suggestions. 6. References 6.1 Normative References [1] Simpson, W., "The Point-to-Point Protocol," STD 51, RFC 1661, July 1994. [2] Allen, E., Haskin, D., and, S. Varada, Ed., "IPv6 over PPP," RFC 5072, September 2007. [3] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels," BCP 14, RFC 2119, March 1997. 6.2 Informative References [4] IANA, "Assigned Numbers," http://www.iana.org/numbers.html [5] Aboba, R., Blunk, L., Vollbrecht, J., Carlson, J., and H. Levkowetz,Ed., "Extensible Authentication Protocol," RFC 3748, June 2004. [6] Rivest, R., "The MD5 Message-Digest Algorithm," RFC 1321, April 1992. [7] Meyer, G., "The PPP Encryption Control Protocol (ECP)," RFC 1968, June 1996. [8] Schryver, V., ?IANA Considerations for the Point-to-Point Protocol (PPP),? RFC 3818, June 2004. Editor's Address Srihari Varada TranSwitch Corporation 3 Enterprise Dr. Shelton, CT 06484. US. Phone: +1 203 929 8810 EMail: varada@ieee.org IPR Notice Varada April 2008 [Page 6] draft-ietf-ipv6-compression-nego-v2-00.txt October 2007 The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79. Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org. Copyright Notice and Disclaimer Copyright (C) The IETF Trust (2007). This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights. This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Varada April 2008 [Page 7]