RFC 9021 on Use of the Walnut Digital Signature Algorithm with CBOR Object Signing and Encryption (COSE)

[rfc-editor]

A new Request for Comments is now available in online RFC libraries.


RFC 9021

Title:  Use of the Walnut Digital 
Signature Algorithm with CBOR Object Signing 
and Encryption (COSE) 
Author: D. Atkins
Status: Informational
Stream: Independent
Date:   May 2021
Mailbox:datk...@veridify.com
Pages:  11
Updates/Obsoletes/SeeAlso:   None

I-D Tag:draft-atkins-suit-cose-walnutdsa-07.txt

URL:https://www.rfc-editor.org/info/rfc9021

DOI:10.17487/RFC9021

This document specifies the conventions for using the Walnut Digital
Signature Algorithm (WalnutDSA) for digital signatures with the CBOR
Object Signing and Encryption (COSE) syntax.  WalnutDSA is a
lightweight, quantum-resistant signature scheme based on Group
Theoretic Cryptography with implementation and computational
efficiency of signature verification in constrained environments,
even on 8- and 16-bit platforms.

The goal of this publication is to document a way to use the
lightweight, quantum-resistant WalnutDSA signature algorithm in COSE
in a way that would allow multiple developers to build compatible
implementations.  As of this publication, the security properties of
WalnutDSA have not been evaluated by the IETF and its use has not
been endorsed by the IETF. 

WalnutDSA and the Walnut Digital Signature Algorithm are trademarks
of Veridify Security Inc.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-edi...@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC


___
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce

RFC 9002 on QUIC Loss Detection and Congestion Control

[rfc-editor]

A new Request for Comments is now available in online RFC libraries.


RFC 9002

Title:  QUIC Loss Detection and Congestion Control 
Author: J. Iyengar, Ed.,
I. Swett, Ed.
Status: Standards Track
Stream: IETF
Date:   May 2021
Mailbox:jri.i...@gmail.com,
iansw...@google.com
Pages:  42
Updates/Obsoletes/SeeAlso:   None

I-D Tag:draft-ietf-quic-recovery-34.txt

URL:https://www.rfc-editor.org/info/rfc9002

DOI:10.17487/RFC9002

This document describes loss detection and congestion control
mechanisms for QUIC.

This document is a product of the QUIC Working Group of the IETF.

This is now a Proposed Standard.

STANDARDS TRACK: This document specifies an Internet Standards Track
protocol for the Internet community, and requests discussion and suggestions
for improvements.  Please refer to the current edition of the Official
Internet Protocol Standards (https://www.rfc-editor.org/standards) for the 
standardization state and status of this protocol.  Distribution of this 
memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-edi...@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC

___
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce

RFC 9001 on Using TLS to Secure QUIC

[rfc-editor]

A new Request for Comments is now available in online RFC libraries.


RFC 9001

Title:  Using TLS to Secure QUIC 
Author: M. Thomson, Ed.,
S. Turner, Ed.
Status: Standards Track
Stream: IETF
Date:   May 2021
Mailbox:m...@lowentropy.net,
s...@sn3rd.com
Pages:  52
Updates/Obsoletes/SeeAlso:   None

I-D Tag:draft-ietf-quic-tls-34.txt

URL:https://www.rfc-editor.org/info/rfc9001

DOI:10.17487/RFC9001

This document describes how Transport Layer Security (TLS) is used to
secure QUIC.

This document is a product of the QUIC Working Group of the IETF.

This is now a Proposed Standard.

STANDARDS TRACK: This document specifies an Internet Standards Track
protocol for the Internet community, and requests discussion and suggestions
for improvements.  Please refer to the current edition of the Official
Internet Protocol Standards (https://www.rfc-editor.org/standards) for the 
standardization state and status of this protocol.  Distribution of this 
memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-edi...@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC

___
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce

RFC 9000 on QUIC: A UDP-Based Multiplexed and Secure Transport

[rfc-editor]

A new Request for Comments is now available in online RFC libraries.


RFC 9000

Title:  QUIC: A UDP-Based Multiplexed and
Secure Transport 
Author: J. Iyengar, Ed.,
M. Thomson, Ed.
Status: Standards Track
Stream: IETF
Date:   May 2021
Mailbox:jri.i...@gmail.com,
m...@lowentropy.net
Pages:  151
Updates/Obsoletes/SeeAlso:   None

I-D Tag:draft-ietf-quic-transport-34.txt

URL:https://www.rfc-editor.org/info/rfc9000

DOI:10.17487/RFC9000

This document defines the core of the QUIC transport protocol.  QUIC
provides applications with flow-controlled streams for structured
communication, low-latency connection establishment, and network path
migration. QUIC includes security measures that ensure
confidentiality, integrity, and availability in a range of deployment
circumstances.  Accompanying documents describe the integration of
TLS for key negotiation, loss detection, and an exemplary congestion
control algorithm.

This document is a product of the QUIC Working Group of the IETF.

This is now a Proposed Standard.

STANDARDS TRACK: This document specifies an Internet Standards Track
protocol for the Internet community, and requests discussion and suggestions
for improvements.  Please refer to the current edition of the Official
Internet Protocol Standards (https://www.rfc-editor.org/standards) for the 
standardization state and status of this protocol.  Distribution of this 
memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-edi...@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC

___
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce

RFC 8999 on Version-Independent Properties of QUIC

[rfc-editor]

A new Request for Comments is now available in online RFC libraries.


RFC 8999

Title:  Version-Independent Properties of QUIC 
Author: M. Thomson
Status: Standards Track
Stream: IETF
Date:   May 2021
Mailbox:m...@lowentropy.net
Pages:  9
Updates/Obsoletes/SeeAlso:   None

I-D Tag:draft-ietf-quic-invariants-13.txt

URL:https://www.rfc-editor.org/info/rfc8999

DOI:10.17487/RFC8999

This document defines the properties of the QUIC transport protocol
that are common to all versions of the protocol.

This document is a product of the QUIC Working Group of the IETF.

This is now a Proposed Standard.

STANDARDS TRACK: This document specifies an Internet Standards Track
protocol for the Internet community, and requests discussion and suggestions
for improvements.  Please refer to the current edition of the Official
Internet Protocol Standards (https://www.rfc-editor.org/standards) for the 
standardization state and status of this protocol.  Distribution of this 
memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-edi...@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC

___
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce

RFC 8903 on Use Cases for DDoS Open Threat Signaling

[rfc-editor]

A new Request for Comments is now available in online RFC libraries.


RFC 8903

Title:  Use Cases for DDoS Open 
Threat Signaling 
Author: R. Dobbins,
D. Migault,
R. Moskowitz,
N. Teague,
L. Xia,
K. Nishizuka
Status: Informational
Stream: IETF
Date:   May 2021
Mailbox:roland.dobb...@netscout.com,
daniel.miga...@ericsson.com,
r...@labs.htt-consult.com,
ntea...@ironmountain.co.uk,
frank.xiali...@huawei.com,
kan...@nttv6.jp
Pages:  13
Updates/Obsoletes/SeeAlso:   None

I-D Tag:draft-ietf-dots-use-cases-25.txt

URL:https://www.rfc-editor.org/info/rfc8903

DOI:10.17487/RFC8903

The DDoS Open Threat Signaling (DOTS) effort is intended to provide
protocols to facilitate interoperability across disparate DDoS
Mitigation solutions. This document presents sample use cases that
describe the interactions expected between the DOTS components as
well as DOTS messaging exchanges. These use cases are meant to
identify the interacting DOTS components, how they collaborate, and
what the typical information to be exchanged is.

This document is a product of the DDoS Open Threat Signaling Working Group of 
the IETF.


INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
  https://www.ietf.org/mailman/listinfo/ietf-announce
  https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist

For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-edi...@rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.


The RFC Editor Team
Association Management Solutions, LLC


___
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce

Last Call: (Enhanced JWT Claim Constraints for STIR Certificates) to Proposed Standard

[The IESG]

The IESG has received a request from the Secure Telephone Identity Revisited
WG (stir) to consider the following document: - 'Enhanced JWT Claim
Constraints for STIR Certificates'
   as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-c...@ietf.org mailing lists by 2021-06-10. Exceptionally, comments may
be sent to i...@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


   RFC 8226 provides a certificate extension to constrain the JWT claims
   that can be included in the PASSporT as defined in RFC 8225.  If the
   signer includes a JWT claim outside the constraint boundaries, then
   the recipient will reject the entire PASSporT.  This document defines
   an additional way that the JWT claims can be constrained.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-stir-enhance-rfc8226/



No IPR declarations have been submitted directly on this I-D.





___
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce

Formal IESG Teleconference WebEx and Dial-in Information: 3 June 2021

[IESG Secretary]

All members of the community are welcome to attend formal IESG telechats as 
observers. Observers are not invited to participate in the discussion.

The next formal IESG telechat will be held on Thursday, June 3,
2021 at 07:00 US/Canada Pacific (14:00 UTC). Webex and Dial-in
information is at the bottom of this message.

The agenda for the upcoming telechat can be found at


A calendar of upcoming public telechats can be downloaded or subscribed
to at:
https://calendar.google.com/calendar/ical/ietf.org_egdabaf39ch5v8a13dt39mvee4%40group.calendar.google.com/public/basic.ics


Topic: IESG Formal Telechat
Date: June 3, 2021
Time: 07:00 US/Canada Pacific
  09:00 US/Canada Central
  10:00 US/Canada Eastern
  14:00 UTC
  15:00 United Kingdom
  16:00 Germany, France, Belgium
  17:00 Finland
  
---
JOIN WEBEX MEETING
https://ietf.webex.com/ietf/j.php?MTID=m38beb3706c7e5a24dd749a50d7e87dfd
Meeting number: 642 944 708
Meeting password: 1234


JOIN BY PHONE
1-650-479-3208 Call-in toll number (US/Canada)
Access code: 642 944 708
---
To join the audio conference using Skype
---
1.  Bring up your Skype application.
2.  Bring up your browser, and go to the Webex URL.
3.  Enter your name and email address.
4.  Close the Webex window prompting for a phone number.
5.  Select the "info" tab at the top of the Webex browser page.
6.  Go to Skype, and dial the U.S. Toll-Free number from the meeting
announcement.
7.  Click on the DialPad tab on the Skype window.
8.  Use the virtual keypad to enter the meeting number followed by #.
9.  Use the virtual keypad to enter your attendee ID followed by #.

The playback of UCF (Universal Communications Format) rich media files
requires appropriate players. To view this type of rich media files in
the meeting, please check whether you have the players installed on your
computer by going to https://workgreen.webex.com/workgreen/
systemdiagnosis.php.

Sign up for a free trial of Webex
http://www.webex.com/go/mcemfreetrial

http://www.webex.com

CCP:+14087926300x960506070#

IMPORTANT NOTICE: This Webex service includes a feature that allows
audio and any documents and other materials exchanged or viewed during
the session to be recorded. By joining this session, you automatically
consent to such recordings. If you do not consent to the recording,
discuss your concerns with the meeting host prior to the start of the
recording or do not join the session. Please note that any such
recordings may be subject to discovery in the event of litigation.

___
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce

Protocol Action: 'Constrained Application Protocol (CoAP) Block-Wise Transfer Options Supporting Robust Transmission' to Proposed Standard (draft-ietf-core-new-block-14.txt)

[The IESG]

The IESG has approved the following document:
- 'Constrained Application Protocol (CoAP) Block-Wise Transfer Options
   Supporting Robust Transmission'
  (draft-ietf-core-new-block-14.txt) as Proposed Standard

This document is the product of the Constrained RESTful Environments Working
Group.

The IESG contact persons are Murray Kucherawy and Francesca Palombini.

A URL of this Internet Draft is:
https://datatracker.ietf.org/doc/draft-ietf-core-new-block/





Technical Summary

The document defines two new options for the Constrained Application Protocol 
(CoAP), namely Q-Block1 and Q-Block2. The two options enable effective 
block-wise transfers of large data payload, also under network conditions where 
asymmetrical transient packet loss may be experienced.

The main use case addressed by this document is a network under Distributed 
Denial of Service (DDoS) attack, where DDoS mitigation agents are still 
required to exchange large amount of data using CoAP. This use case is 
especially targeted in the DOTS Working Group, where the use of the two new 
options is suggested in its DOTS Telemetry, see 
https://datatracker.ietf.org/doc/draft-ietf-dots-telemetry/

Compared to the similar options Block1 and Block2 defined in RFC 7959 --- which 
are based on synchronous, lock-step exchanges of blocks, and thus can be 
ineffective or even prohibitive to use under a DDoS situation --- the new 
options enable faster transmission rates with less packet interchanges, as well 
as faster recovery of lost blocks.

The document also defines congestion control procedures to be used when the 
Q-Block1 and Q-Block2 Options are used over an unreliable transport.

Working Group Summary

The document has been discussed on multiple IETF meetings and CoRE interim 
meetings, and has gone through multiple expert reviews.

During and after Working Group Last Call, effort was also put in better 
reflecting how design choices align with the intended scope of the document, 
i.e. to serve especially use cases with asymmetrical transient packet loss and 
particularly the DOTS Telemetry, see 
https://datatracker.ietf.org/doc/html/rfc8782  and  
https://datatracker.ietf.org/doc/draft-ietf-dots-telemetry/

Consensus has been reached on the scope, content and level of detail of the 
document.

Document Quality

A Pull-Request of an author's implementation to "libcoap" is available at 
https://github.com/obgm/libcoap/pull/611

Feedback from the implementation activity has contributed to the design and 
refinement of specific aspects, notably:

- Limiting new mechanics for congestion control only to CoAP Non-Confirmable 
messages.
- Not mixing CoAP Confirmable and Non-Confirmable messages for a same 
request/response body.
- The 'Continue' indication of successfully received blocks.
- The discovery of server support for the Q-Block1 and Q-Block2 Options.
- Further lessons learned highlighted as "Implementation note" in the document.

Personnel

Document Shepherd: Marco Tiloca 
Area Director: Francesca Palombini 

___
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce

Last Call: (HTTP Semantics) to Proposed Standard

[The IESG]

The IESG has received a request from the HTTP WG (httpbis) to consider the
following document: - 'HTTP Semantics'
   as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-c...@ietf.org mailing lists by 2021-06-10. Exceptionally, comments may
be sent to i...@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


   The Hypertext Transfer Protocol (HTTP) is a stateless application-
   level protocol for distributed, collaborative, hypertext information
   systems.  This document describes the overall architecture of HTTP,
   establishes common terminology, and defines aspects of the protocol
   that are shared by all versions.  In this definition are core
   protocol elements, extensibility mechanisms, and the "http" and
   "https" Uniform Resource Identifier (URI) schemes.

   This document updates RFC 3864 and obsoletes RFC 2818, RFC 7231, RFC
   7232, RFC 7233, RFC 7235, RFC 7538, RFC 7615, RFC 7694, and portions
   of RFC 7230.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-httpbis-semantics/



No IPR declarations have been submitted directly on this I-D.





___
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce

Last Call: (HTTP/1.1) to Proposed Standard

[The IESG]

The IESG has received a request from the HTTP WG (httpbis) to consider the
following document: - 'HTTP/1.1'
   as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-c...@ietf.org mailing lists by 2021-06-10. Exceptionally, comments may
be sent to i...@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


   The Hypertext Transfer Protocol (HTTP) is a stateless application-
   level protocol for distributed, collaborative, hypertext information
   systems.  This document specifies the HTTP/1.1 message syntax,
   message parsing, connection management, and related security
   concerns.

   This document obsoletes portions of RFC 7230.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-httpbis-messaging/



No IPR declarations have been submitted directly on this I-D.





___
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce

Last Call: (HTTP Caching) to Proposed Standard

[The IESG]

The IESG has received a request from the HTTP WG (httpbis) to consider the
following document: - 'HTTP Caching'
   as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
last-c...@ietf.org mailing lists by 2021-06-10. Exceptionally, comments may
be sent to i...@ietf.org instead. In either case, please retain the beginning
of the Subject line to allow automated sorting.

Abstract


   The Hypertext Transfer Protocol (HTTP) is a stateless application-
   level protocol for distributed, collaborative, hypertext information
   systems.  This document defines HTTP caches and the associated header
   fields that control cache behavior or indicate cacheable response
   messages.

   This document obsoletes RFC 7234.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-httpbis-cache/



No IPR declarations have been submitted directly on this I-D.





___
IETF-Announce mailing list
IETF-Announce@ietf.org
https://www.ietf.org/mailman/listinfo/ietf-announce