draft-ietf-dhc-slp-02.txt   draft-ietf-dhc-slp-03.txt 
Internet Engineering Task Force C. Perkins Internet Engineering Task Force C. Perkins
INTERNET DRAFT Sun Microsystems INTERNET DRAFT Sun Microsystems
24 April 1997 13 March 1998
DHCP Options for Service Location Protocol DHCP Options for Service Location Protocol
draft-ietf-dhc-slp-02.txt draft-ietf-dhc-slp-03.txt
Status of This Memo Status of This Memo
This document is a submission to the Dynamic Host Configuration This document is a submission by the Dynamic Host Configuration
Working Group of the Internet Engineering Task Force (IETF). Comments Working Group of the Internet Engineering Task Force (IETF).
should be submitted to the dhcp-v4@bucknell.edu mailing list. Comments should be submitted to the dhcp-v4@bucknell.edu mailing
list.
Distribution of this memo is unlimited. Distribution of this memo is unlimited.
This document is an Internet-Draft. Internet-Drafts are working This document is an Internet-Draft. Internet-Drafts are working
documents of the Internet Engineering Task Force (IETF), its areas, documents of the Internet Engineering Task Force (IETF), its areas,
and its working groups. Note that other groups may also distribute and its working groups. Note that other groups may also distribute
working documents as Internet-Drafts. working documents as Internet-Drafts.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at and may be updated, replaced, or obsoleted by other documents at
any time. It is inappropriate to use Internet-Drafts as reference any time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as ``work in progress.'' material or to cite them other than as ``work in progress.''
To learn the current status of any Internet-Draft, please check To learn the current status of any Internet-Draft, please check
the ``1id-abstracts.txt'' listing contained in the Internet-Drafts the ``1id-abstracts.txt'' listing contained in the Internet-Drafts
Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (North Shadow Directories on ftp.is.co.za (Africa), ftp.nordu.net (North
Europe), ftp.nis.garr.it (South Europe), munnari.oz.au (Pacific Rim), Europe), ftp.nis.garr.it (South Europe), munnari.oz.au (Pacific Rim),
ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast). ds.internic.net (US East Coast), or ftp.isi.edu (US West Coast).
Abstract Abstract
The Dynamic Host Configuration Protocol provides a framework for The Dynamic Host Configuration Protocol provides a framework for
passing configuration information to hosts on a TCP/IP network. passing configuration information to hosts on a TCP/IP network.
Entities using the Service Location Protocol need to find out the Entities using the Service Location Protocol need to find out the
address of Directory Agents in order to transact messages. In address of Directory Agents in order to transact messages. Another
certain other instances they may need to discover the correct scope option provides an assignment of scope for configuration of SLP User
to be used in conjunction with the service attributes which are and Service Agents.
exchanged using the Service Location Protocol.
1. Introduction 1. Introduction
The Dynamic Host Configuration Protocol [2] provides a framework The Dynamic Host Configuration Protocol [4] provides a framework
for passing configuration information to hosts on a TCP/IP network. for passing configuration information to hosts on a TCP/IP network.
Entities using the Service Location Protocol [3] need to find out Entities using the Service Location Protocol [7] need to find out the
the address of Directory Agents in order to transact messages. In address of Directory Agents in order to transact messages and obtain
certain other instances they may need to discover the correct scope the correct scope to be used in messages which are exchanged using
to be used in conjunction with the service attributes which are the Service Location Protocol.
exchanged using the Service Location Protocol.
The scope MAY be denoted in any standardized character set. Values The scope MUST be encoded using the UTF8 character encoding [8]
for character encoding can be found in IANA's database and have the values referred by the MIBEnum value. Note that
http://www.isi.edu/in-notes/iana/assignments/character-sets each character may require two or more octets of data for its
and have the values referred by the MIBEnum value. Note that in some representation.
character sets, each character may require two or more octets of data
for its representation.
Note that each option listed below MAY be included multiple times in Note that each option listed below MAY be included multiple times in
the same DHCPOFFER or DHCPREQUEST. If so, then the options SHOULD be the same DHCPOFFER or DHCPREQUEST. If so, then the options SHOULD be
included in order of decreasing preference. included in order of decreasing preference.
2. Directory Agent Option The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [2].
2. Typed Scope Lists
In Service Location Protocol, multiple service types can be hosted on
the same network node. However, DHCP typically configures computers
based on their IP address. It is possible that different service
types on the same computer would be administered from different
scopes. Thus, options 78 and 79 have additional syntax to allow this
more detailed style of service configuration.
In particular, the list of scopes contained in the options is
syntactically separated into lists pertaining to each service type.
Grammatically, a typed-scope-list in a DHCPOFFER is structured as
follows:
typed-scope-list = one or more maybe-typed-scope-items,
separated by commas
maybe-typed-scope-item = typed-scope-item, or scope-list
typed-scope-item = '(' service-type '=' scope-list ')'
scope-list = one or more scope-items, comma-separated
A typed-scope-list in a DHCPREQUEST is structured as follows:
typed-scope-list = one or more maybe-typed-scope-items,
separated by commas
maybe-typed-scope-item = typed-scope-item, or
maybe-empty-scope-list
typed-scope-item = '(' service-type '=' maybe-empty-scope-list ')'
maybe-empty-scope-list = zero or more scope-items, comma-separated
A service type has the format defined in [5], and a scope-item has
the format defined in [6] for "strval". Basically, a scope-item is
a character string that has alphanumeric characters not including
control characters or `(',`)',`,', \',`!',`<',`=',`>', or `~' Service
schemes are special cases of schemes as defined for general URLs [1].
The typed-scope-list MAY contain both untyped-scope-lists and
typed-scope-lists. Each scope-item in each untyped-scope-list
applies to every service type on the node.
As an example, the scope-list ``A,B,C'' denotes scopes A, B and C
for all service types on the client. In a DHCPREQUEST, this scope
string would indicate that the client wishes a directory agent which
supports ANY of these three scopes. In a DHCPOFFER, the scope
indicates that the directory agent supports ALL of the three scopes.
Suppose instead that service types "netman" and "proxystuff" are
residing on a DHCP client. Then, the typed-scope-list in a DHCPOFFER
could be,
(netman=mgmt),(proxystuff=math-dept,labs)
Assuming the DHCP client with two service types "netman" and
"proxystuff" did not make any scope restriction, a corresponding
typed-scope-list in a DHCPREQUEST could be,
(netman=),(proxystuff=)
asking for scopes for those service types.
3. Directory Agent Option
This option requests or specifies a Directory Agent (DA), along with This option requests or specifies a Directory Agent (DA), along with
zero or more scopes supported by that DA. zero or more scopes supported by that directory agent.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Code | Length |D|F|M|S| rsv | DA Length | | Code | Length |D|F|M|S| reserved |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Directory Agent (variable length) ... | DA Length |DA address (variable length) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Char Encoding | Service Scope (variable length) | Typed Scope List (variable length) ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Code 78 Code 78
Length (variable) The length of the option. Length (variable) The length of the option in bytes.
D If the 'D' bit is set, the Directory Agent field is D If the 'D' bit is set, the Directory Agent field and the
present. DA Length fields are present.
F If the 'F' bit is set, the Directory Agent is indicated F If the 'F' bit is set, the Directory Agent is indicated
by including its variable length host name or Fully by including its variable length host name or Fully
Qualified Domain Name (FQDN) instead of its 4 octet IP Qualified Domain Name (FQDN) instead of its IP address.
address.
M If the 'M' bit is set, the Directory Agent address is M If the 'M' bit is set, the Directory Agent address is
the only one that may be used, and multicast methods for the only one that may be used, and multicast methods for
discovering Directory Agents MUST NOT be used. discovering Directory Agents MUST NOT be used.
S If the 'S' bit is set, the scope is present, encoded in S If the 'S' bit is set, the scope is present.
the indicated character set.
rsv reserved; ignored upon reception; MUST be sent as zero rsv reserved; ignored upon reception; MUST be sent as zero
DA Length The length (in octets) of the Directory Agent field. DA Length The length (in octets) of the Directory Agent field.
Directory Agent Directory Agent
The Fully Qualified Domain Name (FQDN), host name, or IP The Fully Qualified Domain Name (FQDN), host name, or IP
address of the Directory Agent. address of the Directory Agent.
Char Encoding Typed Scope List
The standardized encoding for the characters denoting the The characters denoting the scope (see Section reftsl).
scope.
scope The characters denoting the scope.
In order to simplify administration of the configuration of Directory In order to simplify administration of the configuration of Directory
Agents for Service Location Protocol clients, the Directory Agent Agents for Service Location Protocol clients, the Directory Agent
can be indicated by presenting its FQDN or host name instead of its can be indicated by presenting its FQDN or host name instead of its
IP address. This allows renumbering to proceed more smoothly [1]. IP address. This allows renumbering to proceed more smoothly [3].
When the FQDN or host name is used, the server sets the 'F' bit. The When the FQDN or host name is used, the server sets the 'F' bit. The
host name can be distinguished from the FQDN by the presence of a '.' host name can be distinguished from the FQDN by the presence of a '.'
character. In any case, the DA length field is set to be the length character. In any case, the DA length field is set to be the length
of the Directory Agent field. When the 'F' bit is not set, the DA of the Directory Agent field. When the 'F' bit is not set, the DA
Length MUST be 4. Length MUST be 4.
Note that more than one Directory Agent option may be present in a Note that more than one Directory Agent option may be present in a
DHCP message. Each such option may have the same or different scope. DHCP message. Each such option may have the same or different scope.
The client may request any Directory Agent with a particular scope, The client may request any Directory Agent with a particular scope,
by including the Directory Agent option in a DHCP Request message by including the Directory Agent option in a DHCP Request message
with no Directory Agent address included (the 'D' bit set to zero), with no Directory Agent address included (the 'D' bit set to zero),
and the characters denoting the scope. The length of the scope is and the characters denoting the scope.
only indicated implicitly by the overall length of the option.
3. Service Scope Option The length of the Typed Scope List is only indicated implicitly
by the overall length of the option. This string is NOT null
terminated.
This option indicates a scope that should be used by a Service Agent The format of the Typed Scope List field is described in section 2.
(SA) [3], when responding to Service Request messages as specified by
the Service Location Protocol. Option 78 MUST include one or more scopes if a DA address is
returned. Using option 78, it is not possible for different service
types on the same node to be configured with different directory
agents. In other words, all service types on the same node will be
configured with the same directory agent.
4. Service Scope Option
This option indicates one or more that should be used by a Service
Agent (SA) [7], when responding to Service Request messages as
specified by the Service Location Protocol.
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Code | Length | Char Encoding | | Code | Length | Typed-Scope-List ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Service Scope ...
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Code 79 Code 79
Length (variable) The length of the option. Length (variable) The length of the option in bytes.
Char Encoding
The standardized encoding for the characters denoting the
scope.
scope the characters denoting the scope. scope the characters denoting the scope.
Note that more than one Service Scope option may be present in a DHCP The Typed-Scope-List is described in Section 2. The DHCP client
message. The length of the scope is only indicated implicitly by the (i.e., user agent or service agent) which receives this option will
overall length of the option. use the indicated scope for in all SLP requests and registrations.
The scope string must be UTF8 character encoded. This string is not
null terminated.
4. Security Considerations DHCP clients MAY use Option 79 to request scopes for one or more
particular service types.
5. Security Considerations
If a malicious host is able to insert fraudulent information in If a malicious host is able to insert fraudulent information in
DHCPOFFER packets sent to a prospective client of the Service DHCPOFFER packets sent to a prospective client of the Service
Location Protocol, then the client will be unable to obtain service, Location Protocol, then the client will be unable to obtain service,
and vulnerable to disclosing information to unauthorized service or may unwittingly be directed to use the incorrect services.
agents. Likewise, a service agent would find that it might rely on
fraudulent or otherwise malicious directory agents to advertise its
services. Many opportunities for denial of service exist.
This difficulty is inherited from the much larger and more serious Many opportunities for denial of service exist. A service agent
problem, viz. securing or authenticating any information whatsoever could find that it might rely on fraudulent or otherwise malicious
from a DHCP server (or client!) is not possible in common DHCP directory agents to advertise its services. DHCPOFFERs could prevent
deployments. the regular SLP framework from functioning by directing clients to
not use multicast, to use nonexistent directory agents and so on.
5. Acknowledgements These difficulties are inherited from the much larger and more
serious problem, viz. securing or authenticating any information
whatsoever from a DHCP server (or client!) is not possible in common
DHCP deployments.
Thanks to Erik Guttman for his helpful suggestions in the creation of 6. Acknowledgements
this draft.
Thanks to Erik Guttman for his helpful suggestions in the creation
ane revision of this draft.
References References
[1] B. Carpenter and Y. Rekhter. Renumbering needs work. RFC 1900, [1] T. Berners-Lee, L. Masinter, and M. McCahill. Uniform Resource
Locators (URL). RFC 1738, December 1994.
[2] S. Bradner. Key words for use in RFCs to Indicate Requirement
Levels. RFC 2119, March 1997.
[3] B. Carpenter and Y. Rekhter. Renumbering needs work. RFC 1900,
February 1996. February 1996.
[2] Ralph Droms. Dynamic Host Configuration Protocol. RFC 1541, [4] R. Droms. Dynamic Host Configuration Protocol. RFC 2131, March
October 1993. 1997.
[3] J. Veizades, E. Guttman, C. Perkins, and S. Kaplan. Service [5] E. Guttman, C. Perkins, and J. Kempf. Service Templates and
Location Protocol, April 1997. draft-ietf-svrloc-protocol-17.txt service: Schemes. draft-ietf-svrloc-service-scheme-05.txt,
(work in progress). November 1997. (work in progress).
[6] E. Guttman, C. Perkins, J. Veizades, and M. Day. Service
Location Protocol version 2. March 1998. (work in progress).
draft-ietf-svrloc-protocol-v2-04.txt,
[7] J. Veizades, E. Guttman, C. Perkins, and S. Kaplan. Service
Location Protocol. RFC 2165, July 1997.
[8] F. Yergeau. UTF-8, a transformation format of unicode and ISO
10646. RFC 2279, January 1998.
Author's Address Author's Address
Questions about this memo can be directed to: Questions about this memo can be directed to:
Charles E. Perkins Charles E. Perkins
Sun Microsystems Technology Development Group
2550 Garcia Avenue Mail Stop MPK15-214
Mountain View, CA 94043 Room 2682
Sun Microsystems, Inc.
Phone: +1 415 336 7153 15 Network Circle
Fax: +1 415 336 0670 Menlo Park, CA 94025
ph# 1-650-786-6464
EMail: charliep@acm.org fax# 1-650-786-6445
email: charles.perkins@Sun.COM
charles.perkins@Eng.sun.com
cperkins@Eng.sun.com
Web: http://www.svrloc.org/~charliep
 End of changes. 

This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/