Skip to main content

The Binary Floor Control Protocol (BFCP)
draft-ietf-bfcpbis-rfc4582bis-16

Revision differences

Document history

Date Rev. By Action
2021-01-14
16 (System) RFC Editor state changed to AUTH48-DONE from AUTH48
2020-05-04
16 (System) RFC Editor state changed to AUTH48 from RFC-EDITOR
2020-03-16
16 (System) RFC Editor state changed to RFC-EDITOR from REF
2020-01-09
16 (System) RFC Editor state changed to REF from EDIT
2020-01-08
16 (System) RFC Editor state changed to EDIT from AUTH
2020-01-06
16 (System) RFC Editor state changed to AUTH from EDIT
2019-08-16
16 (System) RFC Editor state changed to EDIT from MISSREF
2019-08-15
16 (System) RFC Editor state changed to MISSREF from EDIT
2019-08-15
16 (System) RFC Editor state changed to EDIT from MISSREF
2018-12-28
16 (System) RFC Editor state changed to MISSREF from EDIT
2018-12-21
16 (System) RFC Editor state changed to EDIT from MISSREF
2015-12-07
16 (System) IANA Action state changed to RFC-Ed-Ack from Waiting on RFC Editor
2015-12-07
16 (System) IANA Action state changed to Waiting on RFC Editor from Waiting on Authors
2015-12-04
16 (System) IANA Action state changed to Waiting on Authors from In Progress
2015-11-23
16 (System) RFC Editor state changed to MISSREF
2015-11-23
16 (System) IESG state changed to RFC Ed Queue from Approved-announcement sent
2015-11-23
16 (System) Announcement was received by RFC Editor
2015-11-23
16 (System) IANA Action state changed to In Progress
2015-11-23
16 Cindy Morgan IESG state changed to Approved-announcement sent from IESG Evaluation::AD Followup
2015-11-23
16 Cindy Morgan IESG has approved the document
2015-11-23
16 Cindy Morgan Closed "Approve" ballot
2015-11-23
16 Cindy Morgan Ballot approval text was generated
2015-11-23
16 Cindy Morgan Ballot writeup was changed
2015-11-20
16 Ben Campbell [Ballot Position Update] New position, No Objection, has been recorded for Ben Campbell
2015-11-17
16 Alissa Cooper [Ballot Position Update] New position, Yes, has been recorded for Alissa Cooper
2015-11-13
16 Charles Eckel New version available: draft-ietf-bfcpbis-rfc4582bis-16.txt
2015-11-13
15 Spencer Dawkins [Ballot comment]
Thanks for working through my Discuss.
2015-11-13
15 Spencer Dawkins [Ballot Position Update] Position for Spencer Dawkins has been changed to No Objection from Discuss
2015-11-04
15 Spencer Dawkins
[Ballot discuss]
Thanks for working through my Discuss and Comments on -13. I'm mostly good (at the Discuss level), but have one remaining concern, on …
[Ballot discuss]
Thanks for working through my Discuss and Comments on -13. I'm mostly good (at the Discuss level), but have one remaining concern, on section 14.  Security Considerations

  BFCP uses TLS/DTLS to provide mutual authentication between clients
  and servers.  TLS/DTLS also provides replay and integrity protection
  and confidentiality.  It is RECOMMENDED that TLS/DTLS with an
  encryption algorithm according to Section 7 always be used.  In cases
  where signaling/control traffic is properly protected, as described
  in Section 9 it is REQUIRED to use a mandated encryption algorithm.
  BFCP entities MAY use other security mechanisms as long as they
  provide similar security properties.
 
If I'm reading this text correctly (please correct me if I'm misunderstanding), it is still allowed to run BFCP over TCP/UDP without TLS/DTLS.

If you run a protocol over TCP without TLS, you're still vulnerable to on-path attackers, but off-path attackers have to insert attack packets with sequence numbers that are within the current window. That's not impossible, but it's not easy. So, I'm not happy that TLS isn't required when you run BFCP over TCP, but OK, fine.

If you run a protocol over UDP without DTLS, off-path attackers don't have this constraint, so inserting attack packets off-path is much easier. That makes BFCP much more vulnerable to attack over UDP than it was over TCP.

Is that really OK? That seems quite odd to me, when said without a clear warning that if you do not use DTLS (or equivalent) security mechanisms the protocol is vulnerable to various attacks.

I’d have preferred section 7 to have said “SHOULD use TLS or DTLS” and then have gone on to explain - “reasons for not using DTLS include ... but when TLS or DTLS is not used the protocol becomes vulnerable to security attacks (e.g. ...).”
2015-11-04
15 Spencer Dawkins Ballot discuss text updated for Spencer Dawkins
2015-11-04
15 Spencer Dawkins
[Ballot discuss]
Thanks for working through my Discuss and Comments on -13. I'm mostly good (at the Discuss level), but have one remaining concern, on …
[Ballot discuss]
Thanks for working through my Discuss and Comments on -13. I'm mostly good (at the Discuss level), but have one remaining concern, on section 14.  Security Considerations

  BFCP uses TLS/DTLS to provide mutual authentication between clients
  and servers.  TLS/DTLS also provides replay and integrity protection
  and confidentiality.  It is RECOMMENDED that TLS/DTLS with an
  encryption algorithm according to Section 7 always be used.  In cases
  where signaling/control traffic is properly protected, as described
  in Section 9 it is REQUIRED to use a mandated encryption algorithm.
  BFCP entities MAY use other security mechanisms as long as they
  provide similar security properties.
 
If I'm reading this text correctly (please correct me if I'm misunderstanding), it is still allowed to run BFCP over TCP/UDP without TLS/DTLS.

If you run a protocol over TCP without TLS, you're still vulnerable to on-path attackers, but off-path attackers have to insert attack packets with sequence numbers that are within the current window. That's not impossible, but it's not easy. So, I'm not happy that TLS isn't required when you run BFCP over TCP, but OK, fine.

If you run a protocol over UDP without DTLS, off-path attackers don't have this constraint, so inserting attack packets off-path is much easier. That makes BFCP much more vulnerable to attack over UDP than it was over TCP.

Is that really OK? That seems quite odd to me, when said without a clear warning that if you do
not use DTLS (or equivalent) security mechanisms the protocol is vulnerable to various attacks.

I’d have preferred section 7 to have said “SHOULD use TLS or DTLS” and then have gone on to explain - “reasons for not using DLTS include ... but when TLS or DTLS is not used the protocol becomes vulnerable to security attacks (e.g. ...).”
2015-11-04
15 Spencer Dawkins
[Ballot comment]

I have a couple of Comments on new text:

6.2.2.  ICMP Error Handling

  ICMP is not used with unreliable transports due to …
[Ballot comment]

I have a couple of Comments on new text:

6.2.2.  ICMP Error Handling

  ICMP is not used with unreliable transports due to risks asociated
  with off-path attacks.  Any ICMP messages received over an unreliable
  transport MUST be ignored.
 
ICMP is inherently unreliable - and is itself a control transport, rather than sent over another transport. I think I know what you mean, but it's not what the text says. Perhaps you mean

  ICMP is not usable when BFCP is running over an unreliable transport due
  to risks associated with off-path attacks.  Any ICMP messages associated
  with BFCP running over an unreliable transport MUST be ignored.
 
The new text says:

“predictable conference identifiers in conjunction with a non-secure
transport protocol makes BFCP more susceptible to forged request and
response messages.  See the Security Considerations section regarding
the recommendation to use a secure transport.)”

- This text  could be improved a little by changing this to:

“ predictable conference identifiers in conjunction with a non-secure
transport protocol makes BFCP susceptible to off path data injection
attacks, where an attacker can forge a request or response message.”

However, this falls short of saying you should randomize the conference ID.

The current text could be OK if it is hard or impossible to randomize for some reason, but I’d have thought if it was possible this should be RECOMMENDED either as the default method, or at least as a more secure alternative for an unreliable transport.
 
Cleaning up the last few Comments on -13:

I'm still working through the conflation of transports and version numbers. It's getting better, but the current text says:

  “If a floor control server receives a
  message with an unsupported version field value, the server MUST
  indicate it does not support the protocol version by sending an Error
  message with parameter value 12 (Unsupported Version).“

I’d have expected this error message to also have been returned if the transport did not match.

Would it be correct if the text said:

  “If a floor control server receives a
  message with an unsupported version field value
  or a message with a version number that is not permitted
  with the transport over which it was received,  the server MUST
  indicate it does not support the protocol version by sending an Error
  message with parameter value 12 (Unsupported Version).“
2015-11-04
15 Spencer Dawkins Ballot comment and discuss text updated for Spencer Dawkins
2015-10-15
15 Kathleen Moriarty [Ballot comment]
Thanks very much for addressing my discuss and comment, the revisions look great!
2015-10-15
15 Kathleen Moriarty [Ballot Position Update] Position for Kathleen Moriarty has been changed to No Objection from Discuss
2015-10-14
15 Barry Leiba [Ballot comment]
Version -15 addresses my DISCUSS point about the IANA considerations, as well as my other comments.  Thanks for all that.
2015-10-14
15 Barry Leiba [Ballot Position Update] Position for Barry Leiba has been changed to No Objection from Discuss
2015-10-14
15 Charles Eckel New version available: draft-ietf-bfcpbis-rfc4582bis-15.txt
2015-10-14
14 (System) Notify list changed from bfcpbis-chairs@ietf.org, mary.ietf.barnes@gmail.com to (None)
2015-09-23
13 Jari Arkko
[Ballot comment]
Thanks for the hard work on this protocol. I have some comments, based on a review by Suresh Krishnan, that I think should …
[Ballot comment]
Thanks for the hard work on this protocol. I have some comments, based on a review by Suresh Krishnan, that I think should be addressed before final approval of the document.

First, Section 5.1 should be clear that when used over a reliable transport, not only should the F flag be ignore but that the fragment fields (last four bytes) are not in the packet.

Second, Section 6.2.3 should be clear that the header accompanies all fragments. As a result, the current formula for calculating the number of fragments is probably wrong. This too should be updated.
2015-09-23
13 Jari Arkko [Ballot Position Update] Position for Jari Arkko has been changed to No Objection from Discuss
2015-09-21
13 Tom Kristensen IANA Review state changed to Version Changed - Review Needed from IANA - Not OK
2015-09-21
14 Tom Kristensen New version available: draft-ietf-bfcpbis-rfc4582bis-14.txt
2015-03-21
13 Gunter Van de Velde Closed request for Last Call review by OPSDIR with state 'No Response'
2015-03-12
13 Tero Kivinen Request for Last Call review by SECDIR Completed: Has Nits. Reviewer: Ólafur Guðmundsson.
2015-03-05
13 Cindy Morgan IESG state changed to IESG Evaluation::AD Followup from Waiting for AD Go-Ahead
2015-03-05
13 Cindy Morgan Changed consensus to Yes from Unknown
2015-03-05
13 Stephen Farrell
[Ballot comment]

- section 7: As in other cases, this might be better to refer
to the generic UTA work rather than have it's own …
[Ballot comment]

- section 7: As in other cases, this might be better to refer
to the generic UTA work rather than have it's own list of
preferred ciphersuites.

- I wondered why you'd not just moved all the way to make TLS
mutual-auth mandatory to use for this.
2015-03-05
13 Stephen Farrell [Ballot Position Update] New position, No Objection, has been recorded for Stephen Farrell
2015-03-05
13 Kathleen Moriarty
[Ballot discuss]
Thanks for your work on this draft, it was very well written which is much appreciated.

I just have one item I'd like …
[Ballot discuss]
Thanks for your work on this draft, it was very well written which is much appreciated.

I just have one item I'd like to discuss that should be very easy to resolve. 
This should be considered with Spencer's question on what happens when the fragments are larger or smaller than the path MTU.  It's important to state this to prevent fragmentation overlap attacks (unless you can explain why we don't need to worry about that).

In the second sentence on page 42, adding the ending clause may be helpful:
  The size of each of these N messages MUST be
  smaller than the path MTU to help prevent fragmentation overlap attacks.
2015-03-05
13 Kathleen Moriarty
[Ballot comment]

Spencer asked what happens when TLS/DTLS is not used, so perhaps rewording of the intro to the security considerations section would help to …
[Ballot comment]

Spencer asked what happens when TLS/DTLS is not used, so perhaps rewording of the intro to the security considerations section would help to clear up his point.  TLS/DTLS is the MTI with flexibility left in to support some other undefined mechanism to secure the channel.  Since no MTU is set, but recommended, the first few sentences are a bit confusing.  The rest of the paragraph is clear in terms of MTI and recommendations when TLD/DTLS is used as well as alternates options supporting the listed desired security properties.

Security Considerations

  BFCP uses TLS/DTLS to provide mutual authentication between clients
  and servers.  TLS/DTLS also provides replay and integrity protection
  and confidentiality.
2015-03-05
13 Kathleen Moriarty [Ballot Position Update] New position, Discuss, has been recorded for Kathleen Moriarty
2015-03-05
13 Ted Lemon [Ballot Position Update] New position, No Objection, has been recorded for Ted Lemon
2015-03-05
13 Barry Leiba
[Ballot discuss]
The IANA Considerations are a bit confusing, as they appear to ask IANA to do things that were already done long ago.  I …
[Ballot discuss]
The IANA Considerations are a bit confusing, as they appear to ask IANA to do things that were already done long ago.  I understand that you want to leave the main text of the IANA Considerations intact, for posterity, and you've put in some "Editorial note" things.  Maybe the best way to do this is to (1) change "Editorial note" to "IANA note" or "Note to IANA" throughout, (2) change the first IANA note (in the base Section 15) to clearly state that all *changes* that IANA is being asked to make are spelled out in "IANA note" items in the appropriate places, and (3) make sure that item 2 is true.  And you do need to respond to Pearl Liang's IANA review from 2 March, and answer her questions.
2015-03-05
13 Barry Leiba
[Ballot comment]
Thanks VERY much for leaving it so that a diff with 4582 was still useful for review.  That helped a great deal.

It's …
[Ballot comment]
Thanks VERY much for leaving it so that a diff with 4582 was still useful for review.  That helped a great deal.

It's a little nothing, so ignore this if you like, but you consistently use "MUST" throughout the document, except for one "SHALL" in Section 8.3.3.  If it were me, I'd be consistent and use "MUST" there as well, to avoid any question of why that one is different.

Thanks for making the editorial changes to the ABNF; I do prefer "*(X)" to "*[X]".  On the other hand, I actually prefer "*X" to both of those: there's no need to use parentheses around a single production name.  So, for example, this:

  BENEFICIARY-INFORMATION =  (BENEFICIARY-INFORMATION-HEADER)
                              [USER-DISPLAY-NAME]
                              [USER-URI]
                              *(EXTENSION-ATTRIBUTE)

Is the same as this:

  BENEFICIARY-INFORMATION =  BENEFICIARY-INFORMATION-HEADER
                              [USER-DISPLAY-NAME]
                              [USER-URI]
                              *EXTENSION-ATTRIBUTE

No harm either way, so leave it as is if you really like it, but... why the parentheses, especially as long as you're changing them anyway?
2015-03-05
13 Barry Leiba [Ballot Position Update] New position, Discuss, has been recorded for Barry Leiba
2015-03-05
13 Jari Arkko
[Ballot discuss]
Thanks for the hard work on this protocol. I have some comments, based on a review by Suresh Krishnan, that I think should …
[Ballot discuss]
Thanks for the hard work on this protocol. I have some comments, based on a review by Suresh Krishnan, that I think should be addressed before final approval of the document.

First, Section 5.1 should be clear that when used over a reliable transport, not only should the F flag be ignore but that the fragment fields (last four bytes) are not in the packet.

Second, Section 6.2.3 should be clear that the header accompanies all fragments. As a result, the current formula for calculating the number of fragments is probably wrong. This too should be updated.
2015-03-05
13 Jari Arkko [Ballot Position Update] New position, Discuss, has been recorded for Jari Arkko
2015-03-05
13 (System) IESG state changed to Waiting for AD Go-Ahead from In Last Call
2015-03-04
13 Spencer Dawkins
[Ballot discuss]
For the moment, I'm balloting a process Discuss, because I'm not seeing a response to Gorry Fairhurst's TSV-DIR review sent on March 2, …
[Ballot discuss]
For the moment, I'm balloting a process Discuss, because I'm not seeing a response to Gorry Fairhurst's TSV-DIR review sent on March 2, at https://www.ietf.org/mail-archive/web/ietf/current/msg92156.html. Did I miss it?

During my review, I did not see a definition of "transaction failure window". I can guess what that means, but would love to know for sure.

I'm understanding that in RFC 4582, the version number (1) was a version number, but in this draft, version 1 means "reliable transport" and version 2 means "unreliable transport". Is that right? If so, how does an RFC 4582 TCP-only floor control server receive a message with a version field set to 2, which would have been sent over UDP?

I'm also wondering whether overloading the version number field as a transport reliability indicator would cause a problem in the future. If you end up with a mandatory extension that applies to both reliable and unreliable transport, does that mean you'd use two version numbers (possibly 2 for reliable and 3 for unreliable)?

Within Gorry's review, these are the points I thought were Discuss-worthy. It's probably best for you to reply to these in his e-mail, rather than try to juggle two sets of overlapping comments. I'm just pointing out what I think matters most. On the others, please do the right thing.

-

Gorry asked in Section 5:

What is the security model when TLS/DTLS is not used? - has the protocol
protection from off-path attacks, and how is this provided?

I'm especially interested in this question when unreliable transport is used without DTLS. This is probably related to the question about randomizing Conference ID later in Gorry's review.

-

Payload Length:
- What happens when using a datagram format if the datagram length (e.g.
UDP-Length) is less or more than the value specified within the BFCP?

-

Fragment Length:
- What happens if the datagram length (e.g. UDP-Length) is less or more
than the value specified within the BFCP?
2015-03-04
13 Spencer Dawkins [Ballot Position Update] New position, Discuss, has been recorded for Spencer Dawkins
2015-03-04
13 Pete Resnick [Ballot Position Update] New position, No Objection, has been recorded for Pete Resnick
2015-03-04
13 Alia Atlas [Ballot Position Update] New position, No Objection, has been recorded for Alia Atlas
2015-03-04
13 Brian Haberman [Ballot Position Update] New position, No Objection, has been recorded for Brian Haberman
2015-03-03
13 Martin Stiemerling [Ballot comment]
thank you especially for Section 6.2 . Unreliable Transport :)
2015-03-03
13 Martin Stiemerling [Ballot Position Update] New position, No Objection, has been recorded for Martin Stiemerling
2015-03-03
13 Adrian Farrel [Ballot Position Update] New position, No Objection, has been recorded for Adrian Farrel
2015-03-02
13 Suresh Krishnan Request for Last Call review by GENART Completed: Not Ready. Reviewer: Suresh Krishnan.
2015-03-02
13 Richard Barnes Ballot has been issued
2015-03-02
13 Richard Barnes [Ballot Position Update] New position, Yes, has been recorded for Richard Barnes
2015-03-02
13 Richard Barnes Created "Approve" ballot
2015-03-02
13 Richard Barnes Ballot writeup was changed
2015-03-02
13 Tero Kivinen Request for Last Call review by SECDIR is assigned to Ólafur Guðmundsson
2015-03-02
13 Tero Kivinen Request for Last Call review by SECDIR is assigned to Ólafur Guðmundsson
2015-03-02
13 (System) IANA Review state changed to IANA - Not OK from IANA - Review Needed
2015-03-02
13 Pearl Liang
IESG/Authors/WG Chairs:

IANA has reviewed draft-ietf-bfcpbis-rfc4582bis-13.  Authors should review the comments and/or questions below.  Please report any inaccuracies and respond to any questions as soon …
IESG/Authors/WG Chairs:

IANA has reviewed draft-ietf-bfcpbis-rfc4582bis-13.  Authors should review the comments and/or questions below.  Please report any inaccuracies and respond to any questions as soon as possible.

IANA has some questions about the IANA actions requested in this draft.

We received the following comments/questions from the IANA's reviewer:

IANA understands that, upon approval of this document there are four actions which IANA must complete.

First, the document directs IANA to establish a Attribute subregistry of the The Binary Floor Control Protocol (BFCP) Parameters registry located at:

http://www.iana.org/assignments/bfcp-parameters/

IANA observes that the initial values provided in the document being considered are already in the existing Attribute subregistry.  Thus:

- IANA will simply change the reference for the subregistry and its registrations from RFC 4582 to [ RFC-to-be ].
- This draft revises the registration procedure from "Standards-Track RFC" to "Specification
Required" as defined in RFC5226.  Please note that Specification Required, when
used, also implies use of a Designated Expert.

Questions: Is value 0 the first value of BFCP attributes?  And if so, should value 0
be marked as Reserved in the registry?  Is there a maximum value of this registry? 
32-bit?  Or is this an unlimited resource registry?

Second, the document directs IANA to establish a Primitive subregistry of the The Binary Floor Control Protocol (BFCP) Parameters registry located at:

http://www.iana.org/assignments/bfcp-parameters/

IANA observes that the initial values provided in the document being considered, with four exceptions, are already in the existing Primitive subregistry.  Thus:

- IANA will simply change the reference for the subregistry and its registrations from RFC 4582 to [ RFC-to-be ].
- This draft revises the registration procedure from "Standards-Track RFC" to "Specification
Required" as defined in RFC5226.  Please note that Specification Required, when
used, also implies use of a Designated Expert.
- In addition, IANA will add four new values to the registry as follows:

Value: 14
Primitive: FloorRequestStatusAck
Reference: [ RFC-to-be ]

Value: 15
Primitive: FloorStatusAck
Reference: [ RFC-to-be ]

Value: 16
Primitive: Goodbye
Reference: [ RFC-to-be ]

Value: 17
Primitive: GoodbyeAck
Reference: [ RFC-to-be ]

Questions: Is value 0 the first value of BFCP primitives?  And if so, should value 0
be marked as Reserved in the registry?  Is there a maximum value for this registry?
Or is this an unlimited resource registry?


Third, the document directs IANA to establish a Request Status subregistry of the The Binary Floor Control Protocol (BFCP) Parameters registry located at:

http://www.iana.org/assignments/bfcp-parameters/

IANA observes that the initial values provided in the document being considered, are already in the existing Request Status subregistry. Thus:

- IANA will simply change the reference for the subregistry and its registrations from RFC 4582 to [ RFC-to-be ].
- This draft revises the registration procedure from "Standards-Track RFC" to "Specification
Required" as defined in RFC5226.  Please note that Specification Required, when
used, also implies use of a Designated Expert.

Questions: Is value 0 the first value of BFCP request status values?  And if so, should
value 0 be marked as Reserved in the registry?  Is there a maximum value for this
registry? 8-bit?  Or is this an unlimited resource registry?


Fourth, the document directs IANA to establish a Error Code subregistry of the The Binary Floor Control Protocol (BFCP) Parameters registry located at:

http://www.iana.org/assignments/bfcp-parameters/

IANA observes that the initial values provided in the document being considered, with five exceptions, are already in the existing Error Code subregistry.  Thus:

- IANA will simply change the reference for the subregistry and its registrations from RFC 4582 to [ RFC-to-be ].
- This draft revises the registration procedure from "Standards-Track RFC" to "Specification
Required" as defined in RFC5226.  Please note that Specification Required, when
used, also implies use of a Designated Expert.
- In addition, IANA will add five new values to the registry as follows:

Value: 10
Meaning: Unable to parse message
Reference: [ RFC-to-be ]

Value: 11
Meaning: Use DTLS
Reference: [ RFC-to-be ]

Value: 12
Meaning: Unsupported Version
Reference: [ RFC-to-be ]

Value: 13
Meaning: Incorrect Message Length
Reference: [ RFC-to-be ]

Value: 14
Meaning: Generic Error
Reference: [ RFC-to-be ]

Questions: Is value 0 the first value of BFCP request status values?  And if so, should
value 0 be marked as Reserved in the registry?  Is there a maximum value for this
registry?  32-bit?  Or is this an unlimited resource registry?

IANA understands that these four actions are the only ones required to be completed upon approval of this document.

Note:  The actions requested in this document will not be completed until the document has been approved for publication as an RFC. This message is only to confirm what actions will be performed.
2015-03-01
13 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Juergen Quittek
2015-03-01
13 Gunter Van de Velde Request for Last Call review by OPSDIR is assigned to Juergen Quittek
2015-02-25
13 Jean Mahoney Request for Last Call review by GENART is assigned to Suresh Krishnan
2015-02-25
13 Jean Mahoney Request for Last Call review by GENART is assigned to Suresh Krishnan
2015-02-19
13 Cindy Morgan IANA Review state changed to IANA - Review Needed
2015-02-19
13 Cindy Morgan
The following Last Call announcement was sent out:

From: The IESG
To: IETF-Announce
CC:
Reply-To: ietf@ietf.org
Sender:
Subject: Last Call:  (The Binary Floor Control Protocol …
The following Last Call announcement was sent out:

From: The IESG
To: IETF-Announce
CC:
Reply-To: ietf@ietf.org
Sender:
Subject: Last Call:  (The Binary Floor Control Protocol (BFCP)) to Proposed Standard


The IESG has received a request from the Binary Floor Control Protocol
Bis  WG (bfcpbis) to consider the following document:
- 'The Binary Floor Control Protocol (BFCP)'
  as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits
final comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2015-03-05. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the
beginning of the Subject line to allow automated sorting.

Abstract


  Floor control is a means to manage joint or exclusive access to
  shared resources in a (multiparty) conferencing environment.
  Thereby, floor control complements other functions -- such as
  conference and media session setup, conference policy manipulation,
  and media control -- that are realized by other protocols.

  This document specifies the Binary Floor Control Protocol (BFCP).
  BFCP is used between floor participants and floor control servers,
  and between floor chairs (i.e., moderators) and floor control
  servers.

  This document obsoletes RFC 4582.  Changes from RFC 4582 are
  summarized in Section 16.




The file can be obtained via
http://datatracker.ietf.org/doc/draft-ietf-bfcpbis-rfc4582bis/

IESG discussion can be tracked via
http://datatracker.ietf.org/doc/draft-ietf-bfcpbis-rfc4582bis/ballot/


No IPR declarations have been submitted directly on this I-D.


2015-02-19
13 Cindy Morgan IESG state changed to In Last Call from Last Call Requested
2015-02-19
13 Alissa Cooper Placed on agenda for telechat - 2015-03-05
2015-02-19
13 Alissa Cooper Last call was requested
2015-02-19
13 Alissa Cooper Ballot approval text was generated
2015-02-19
13 Alissa Cooper Ballot writeup was generated
2015-02-19
13 Alissa Cooper IESG state changed to Last Call Requested from AD Evaluation
2015-02-19
13 Alissa Cooper Last call announcement was generated
2015-02-19
13 Alissa Cooper Intended Status changed to Proposed Standard from None
2015-02-19
13 Alissa Cooper Last call announcement was changed
2015-02-19
13 Alissa Cooper Last call announcement was generated
2015-02-19
13 Tom Kristensen New version available: draft-ietf-bfcpbis-rfc4582bis-13.txt
2015-01-28
12 Alissa Cooper IESG state changed to AD Evaluation from Publication Requested
2015-01-19
12 Charles Eckel
PROTO questionnaire for: draft-ietf-bfcpbis-rfc4582bis-12

To be Published as: Standards Track

Prepared by: Mary Barnes (mary.ietf.barnes@gmail.com) on 16 December 2014


  (1) What type …
PROTO questionnaire for: draft-ietf-bfcpbis-rfc4582bis-12

To be Published as: Standards Track

Prepared by: Mary Barnes (mary.ietf.barnes@gmail.com) on 16 December 2014


  (1) What type of RFC is being requested (BCP, Proposed Standard,
      Internet Standard, Informational, Experimental, or Historic)? 
      Why is this the proper type of RFC?  Is this type of RFC indicated 
      in the title page header?

This document is a revision to (obsoletes) an existing standard, thus Proposed
Standard is the proper type of RFC and it is indicated as such in the title page header.

    (2) The IESG approval announcement includes a Document Announcement
        Write-Up. Please provide such a Document Announcement Write-Up.
        Recent examples can be found in the "Action" announcements for
        approved documents. The approval announcement contains the
        following sections:

        Technical Summary: 

This document specifies the Binary Floor Control Protocol (BFCP).
BFCP is used between floor participants and floor control servers,
and between floor chairs (i.e., moderators) and floor control
servers.  Floor control is a means to manage joint or exclusive access to
shared resources in a (multiparty) conferencing environment.
Thereby, floor control complements other functions -- such as
conference and media session setup, conference policy manipulation,
and media control -- that are realized by other protocols.
This document obsoletes RFC 4582

        Working Group Summary:

This document was thoroughly reviewed by members of the BFCPBIS WG.
       
        Document Quality
        Are there existing implementations of the protocol? Have a
        significant number of vendors indicated their plan to
        implement the specification? Are there any reviewers that
        merit special mention as having done a thorough review,
        e.g., one that resulted in important changes or a
        conclusion that the document had no substantive issues? If
        there was a MIB Doctor, Media Type or other expert review,
        what was its course (briefly)? In the case of a Media Type
        review, on what date was the request posted?

There are existing implementations of RFC 4582 and this document has
been implemented by at least one vendor.  The formation of the BFCPBIS WG
was triggered by the IMTC, who defined the use of BFCP in their SIP Best
Current Practices for Video profile.  The vendors that had implemented BFCP
found the need to also use UDP in certain situations, thus the interested
parties brought the proposal, along with an initial version of this draft
to the IETF (DISPATCH WG). 

        Personnel
        Who is the Document Shepherd? Who is the Responsible Area
        Director?

Mary Barnes is the Document Shepherd.  Alissa Cooper is the Responsible AD.

    (3) Briefly describe the review of this document that was
        performed by the Document Shepherd.  If this version of
        the document is not ready for publication, please explain
        why the document is being forwarded to the IESG.

The Document Shepherd has thoroughly reviewed the -10 version of this document
and had verified that her comments and those of other reviewers have been
addressed in this version of the document. 
     
    (4) Does the document Shepherd have any concerns about the depth
        or breadth of the reviews that have been performed?

There are no concerns about the depth or breadth of the reviews.

    (5) Do portions of the document need review from a particular
        or from broader perspective, e.g., security, operational
        complexity, AAA, DNS, DHCP, XML, or internationalization?
        If so, describe the review that took place.
No.

    (6) Describe any specific concerns or issues that the Document
        Shepherd has with this document that the Responsible Area Director
        and/or the IESG should be aware of? For example, perhaps he or
        she is uncomfortable with certain parts of the document,
        or has concerns whether there really is a need for it. In any
        event, if the interested community has discussed those issues
        and has indicated that it still wishes to advance the document,
        detail those concerns here.

The only concern I have is that one of the authors (who also happens to be
one of the WG chairs) has not been at all engaged in email discussions of
this document over the past 2 years. My only concern might be whether he
will be responsive during AUTH48 and potentially raise non-trivial issues.

    (7) Has each author confirmed that any and all appropriate IPR
        disclosures required for full conformance with the provisions
        of BCP 78 and BCP 79 have already been filed. If not, explain why.

No. There has been no response from Keith Drage after repeated emails. All the
other authors have confirmed that there are no IPR disclosures that ought to have
been filed. 

 
    (8) Has an IPR disclosure been filed that references this document?
        If so, summarize any discussion and conclusion regarding the IPR
        disclosures.

No.

    (9) How solid is the consensus of the interested community behind this
        document? Does it represent the strong concurrence of a few
        individuals, with others being silent, or does the interested
        community as a whole understand and agree with it?

There is WG consensus that this document is ready to progress. All WGLC comments
and subsequent comments have been addressed. No one has expressed concerns about its progression. 

    (10) Has anyone threatened an appeal or otherwise indicated extreme
        discontent? If so, please summarise the areas of conflict in
        separate email messages to the Responsible Area Director. (It 
        should be in a separate email because this questionnaire is
        publicly available.)

No.

    (11) Identify any ID nits the Document Shepherd has found in this
        document. (See http://www.ietf.org/tools/idnits/ and the
        Internet-Drafts Checklist). Boilerplate checks are not enough;
        this check needs to be thorough.

The document was checked using idnits 2.13.01.  There is a warning with regards to unused references, which can be appropriately addressed by the RFC editor or in any revisions made prior to publication.  In addition, there is a warning about the IP address format, however, the IP addresses in the examples in this document are within
the documentation range.  There are a few FQDN that haven't been properly changed to documentation values, but those changes can be made along with any other LC comments. 

    (12) Describe how the document meets any required formal review
        criteria, such as the MIB Doctor, media type, and URI type
        reviews.

This document does not require any formal review. 

    (13) Have all references within this document been identified as
        either normative or informative?

Yes.

    (14) Are there normative references to documents that are not ready
        for advancement or are otherwise in an unclear state?
        If such normative references exist, what is the plan for their
        completion?

No.

    (15) Are there downward normative references references (see RFC 3967)?
        If so, list these downward references to support the Area Director
        in the Last Call procedure.

No.

    (16) Will publication of this document change the status of any
        existing RFCs? Are those RFCs listed on the title page header,
        listed in the abstract, and discussed in the introduction?
        If the RFCs are not listed in the Abstract and Introduction,
        explain why, and point to the part of the document where the
        relationship of this document to the other RFCs is discussed.
        If this information is not in the document, explain why the
        interested community considers it unnecessary.

This document obsoletes RFC 4582.  The differences and additions between
this document and are described in section section 16.

    (17) Describe the Document Shepherd's review of the IANA considerations
        section, especially with regard to its consistency with the body
        of the document. Confirm that all protocol extensions that the
        document makes are associated with the appropriate reservations
        in IANA registries. Confirm that any referenced IANA registries
        have been clearly identified. Confirm that newly created IANA
        registries include a detailed specification of the initial
        contents for the registry, that allocations procedures for future
        registrations are defined, and a reasonable name for the new
        registry has been suggested (see RFC 5226).

This document clearly identifies the IANA considerations. This document
identifies the two existing registries (defined in RFC 4582) to which new
entries are being added.  The document also indicates that the references
in the existing registries need to be changed to the RFC # assigned when this
document is published. 

    (18) List any new IANA registries that require Expert Review for
        future allocations. Provide any public guidance that the IESG
        would find useful in selecting the IANA Experts for these new
        registries.

This document defines no new IANA registries, thus no expert review is required.

    (19) Describe reviews and automated checks performed by to validate 
        sections of the document written in a formal language, such as
        XML code, BNF rules, MIB definitions, etc.

The ABNF for this document was validated using Bill Fenner's ABNF web parsing tool.


2015-01-19
12 Charles Eckel State Change Notice email list changed to draft-ietf-bfcpbis-rfc4582bis.all@tools.ietf.org, bfcpbis@ietf.org, bfcpbis-chairs@tools.ietf.org, mary.ietf.barnes@gmail.com
2015-01-19
12 Charles Eckel Responsible AD changed to Alissa Cooper
2015-01-19
12 Charles Eckel IETF WG state changed to Submitted to IESG for Publication from WG Document
2015-01-19
12 Charles Eckel IESG state changed to Publication Requested
2015-01-19
12 Charles Eckel IESG process started in state Publication Requested
2014-12-23
12 Mary Barnes Changed document writeup
2014-10-27
12 Tom Kristensen New version available: draft-ietf-bfcpbis-rfc4582bis-12.txt
2014-02-14
11 Tom Kristensen New version available: draft-ietf-bfcpbis-rfc4582bis-11.txt
2013-11-04
10 Tom Kristensen New version available: draft-ietf-bfcpbis-rfc4582bis-10.txt
2013-10-17
09 Charles Eckel Document shepherd changed to Mary Barnes
2013-04-26
09 Tom Kristensen New version available: draft-ietf-bfcpbis-rfc4582bis-09.txt
2013-01-09
08 Tom Kristensen New version available: draft-ietf-bfcpbis-rfc4582bis-08.txt
2012-12-19
07 Tom Kristensen New version available: draft-ietf-bfcpbis-rfc4582bis-07.txt
2012-10-12
06 Tom Kristensen New version available: draft-ietf-bfcpbis-rfc4582bis-06.txt
2012-08-29
05 Tom Kristensen New version available: draft-ietf-bfcpbis-rfc4582bis-05.txt
2012-07-14
04 Tom Kristensen New version available: draft-ietf-bfcpbis-rfc4582bis-04.txt
2012-06-04
03 Tom Kristensen New version available: draft-ietf-bfcpbis-rfc4582bis-03.txt
2012-03-12
02 Tom Kristensen New version available: draft-ietf-bfcpbis-rfc4582bis-02.txt
2012-02-17
01 (System) New version available: draft-ietf-bfcpbis-rfc4582bis-01.txt
2012-01-24
00 (System) New version available: draft-ietf-bfcpbis-rfc4582bis-00.txt