Great thanks for handling this! Jim
On Mon, Apr 4, 2022, 15:17 Roger Price <ro...@rogerprice.org> wrote: > I have begun the process of requesting the transfer of port 401/TCP (ups) > to the > NUT Project with Jim as Assignee. For the project's records I attach a > copy of > the request. > > Since this transfer involves a system port below 1024, which is considered > as > very valuable real estate, Internet Engineering Steering Group (IESG) > approval > will be needed. This can take several weeks. However our IETF document > reviewer is also part of the IESG group of Expert Reviewers and this may > speed > things up. > > Note that IANA forbids transfers, so we must go through a two-step process. > > I will keep you informed of progress. Roger > > ---------- Forwarded message ---------- > Date: Mon, 04 Apr 2022 14:55:15 +0200 > From: i...@rogerprice.org > To: i...@iana.org > Subject: Request for Assignment > > Contact Name: > Roger PRICE > > Contact Email: > i...@rogerprice.org > > Type of Assignment: > A de-assignment of 401/TCP (ups), followed by an assignment of the same > port to a different assignee. > > Registry: > Service Name and Transport Protocol Port Number Registry, RFC6335 > > Description: > Dear IANA, > > On behalf of the Network UPS Tools (NUT) project, I would like to > request de-assignment and re-assignment of port 401/TCP (ups) > following the procedure given by RFC6335 8.3. "Service Name and Port > Number Reuse". > > Background > ---------- > > The Network UPS (Uninterruptible Power Supply) Tools (NUT) project > https://networkupstools.org/ provides software consisting of a server > daemon and a client daemon used to manage UPS devices. The project > has been in operation since 1998 with a major rework in 2003. The > software currently uses port 3493/TCP (nut) for communication between > client and server. The project is developing an I-D which defines the > protocol. See > https://datatracker.ietf.org/doc/draft-rprice-ups-management-protocol/ > (Work in progress). > > The UPS field is very slow moving: once equipment is installed it > stays in place for years with no change. This has led to security > weaknesses with out-of-date security protocols still in use. > > UPS management is not a many-to-many relationship as seen on the World > Wide Web. It is usually few-to-one, and often one-to-one. The server > administrators know exactly who their clients are, and this has led to > a false sense of security. The NUT Project seeks to improve the > security of communication between client and server by using TLS 1.3, > for example by upgrading an installation when possible, or by placing > TLS 1.3 supporting software in front of the client and server. > > In 2008 IANA assigned 401/TCP (ups) "Uninterruptible Power Supply" to > Mr Charles Bennett as both assignee and contact. We have been unable > to find any protocol document or other published activity report for > this port other than the One Windows Trojan. Mr Bennett himself died > in 2015, see obituary > > https://www.legacy.com/obituaries/name/charles-bennett-obituary?pid=174356861 > Since his email address was registered by IANA as benne...@ohio.edu it > is possible that the University of Ohio is a successor in interest. > The I-D editor tried to contact the IT support department of the > university by email and telephone but was rejected. > > The NUT Project would like to use existing port 401/TCP (ups) to carry > TLS 1.3 encrypted traffic between client and server. Port 3493/TCP > (nut) would continue to support legacy traffic. > > > Additional Info: > Request 1: De-assignment of 401/TCP (ups) > ----------------------------------------- > > Following RFC 6335 clause 8.2 Service Name and Port Number De-Assignment, > the NUT Project requests the de-assignment of 401/TCP (ups): > > 1. Service Name: ups > > 2. Transport Protocol: TCP (TCP only) > > 3. Assignee: Assigned in 2008 to Charles Bennett who died in 2015, see > obituary > > https://www.legacy.com/obituaries/name/charles-bennett-obituary?pid=174356861 > > 4. Contact: idem > > 5. Description: There are no published specifications for use of this > port, neither are there any reports of its use. > > 6. Reference: None > > 7. Port Number: 401 > > 8. Service code: (Not applicable to TCP) > > 9. Known Unauthorized Uses: One Windows Trojan > > 10. De-Assignment Notes: This action is part of a de-assignment and > re-assignment of 401/TCP to the NUT project. > > Request 2: Re-assignment of 401/TCP (ups) > ----------------------------------------- > > Following RFC 6335 clause 8.1 Service Name and Port Number Assignment, > the NUT Project requests the assignment of 401/TCP (nut): > > 1. Service Name: ups > > 2. Transport Protocol: TCP (TCP only) > > 3. Assignee: Evgeny Klimov (same as port 3493/TCP) > > 4. Contact: Roger Price i...@rogerprice.org > > 5. Description: The port will carry UPS management traffic as > specified by the Commands and Responses already used by the NUT > project. The protocol is simple: every 5 seconds the client queries > the server to which the UPS is attached, waiting for the UPS to signal > "power failure - running on battery". When this persists, the client > orders the system shutdown. > > The UPS field is very slow moving: once equipment is installed it > stays in place for years with no change. This has led to security > weaknesses with out-of-date security protocols still in use. > > The NUT Project proposes to use existing port 401/TCP (ups) to carry > TLS 1.3 encrypted traffic between client and server. Port 3493/TCP > (nut) would continue to support legacy traffic. > > 6. Reference: > https://datatracker.ietf.org/doc/draft-rprice-ups-management-protocol > (Work in progress) > > 7. Port Number: 401. This port number has already been attached to the > name "ups" since 2008, and was intended for UPS management. > > Declaration required by RFC6335 8.1.2. Variances for Specific Port > Number Ranges: > > The NUT project has developed a freely available software daemon for > UPS management which requires a port which can be advertised > reliably. This means that a Dynamic Port in the range 49152-65535 is > not suitable. The daemon is capable of operating equally well on a > System Port 0-1023, or a User Port 1024-49151. > > Rather than request the assignment of a new port taken from limited > resources, we request re-use of an existing port already assigned to > UPS management. > > 8. Service code: (Not applicable to TCP) > > 9. Known Unauthorized Uses: One Windows Trojan > > 10. Assignment Notes: This assignment is part of a de-assignment and > re-assignment of 401/TCP to the NUT project. > > > > > _______________________________________________ > Nut-upsuser mailing list > Nut-upsuser@alioth-lists.debian.net > https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/nut-upsuser >
_______________________________________________ Nut-upsuser mailing list Nut-upsuser@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/nut-upsuser