Resource Public Key Infrastructure (RPKI) Trust Anchor Locator
draft-ietf-sidrops-https-tal-08

[Ballot comment]
Thank you for this well written document. I have a few relatively minor comments (and questions) which I think you should address:

1.  Introduction

  This document obsoletes [RFC7730] by adding support for HTTPS URIs in
  a TAL.

If this document obsoletes RFC 7730, then I think you need to have "Changes since RFC 7730" section (Is this a BIS document?). If it only updates it, then the above (and the obsolete header at the top of the draft) is not correct.

2.2.  Trust Anchor Locator File Format

  In this document we define a Trust Anchor URI as a URI that can be
  used to retrieved a current Trust Anchor certificate.  This URI MUST
  be either an rsync URI [RFC5781], or an HTTPS URI [RFC7230].

I think the first mention of URI still needs a reference to RFC 3986.

  The TAL is an ordered sequence of:

  1.  an optional comment section consisting of one or more lines each
      starting with the '#' character, followed by human readable
      informational UTF-8 text, and ending with a line break,

Unless you think you want to use ASCII and Unicode Control characters in this field, I think you should recommend usage of RFC 5198 here.

2.3.  TAL and Trust Anchor Certificate Considerations

  The trust anchor MUST contain a stable key.  This key MUST NOT change

How does "MUST contain a stable key" differ from "key MUST NOT change"?

  when the certificate is reissued due to changes in the INR
  extension(s), when the certificate is renewed prior to expiration, or
  for any reason other than a key change.

This reads funny: “you must not change the key unless you decide to change the key”. Maybe talk about key compromise and key strength no longer being adequate instead?

4.  HTTPS Considerations

  o  This protocol does not require the use of SRV-IDs.

  o  This protocol does not require the use of URI-IDs.

I suspect this was copied from another RFC, but "does not require" is not right here, as it doesn't prevent it as an option. I think you should change "does not require the use" to "does not use"

[Ballot comment]
Thanks to everyone who worked on this document.

---------------------------------------------------------------------------

I find it curious and somewhat problematic that there is not a section,
equivalent to the existing section 4, that deals with RSYNC considerations. In
particular, the attack described in the first paragraph of section 4 appears
to be unavoidable when the TAL contains an RSYNC URI. Minimally, this document
should draw attention to that fact, at least in the Security Considerations
section. Ideally, it would deprecate -- or at least discourage -- the use of
RSYNC URIs for this reason.

[This would be a discuss-level comment if this were a green-field document, but
I don't want to stand in the way of improving an existing mechanism, so I'm only
leaving it as a comment. The authors may choose to move forward without fixing
this issue]

---------------------------------------------------------------------------

§2.2:

>  In this document we define a Trust Anchor URI as a URI that can be
>  used to retrieved a current Trust Anchor certificate

Nit: "...to retrieve..."

[Ballot comment]
Thank you for keeping the diff from RFC 7730 tidy!

Abstract

  their CA certificate.  In particular it allows TAs to change the set
  of Internet Number Resources included in the RFC3779 extension of
  their certificate.

Neither "Internet Number" nor "Number Resources" appears in RFC 3779 that I
can see.  (On a quick skim, I'm still not sure if we mean AS number or IP
address/prefix.)

Section 2.1

  the trust anchor per se.  In the RPKI, certificates contain
  extensions that represent Internet Number Resources (INRs) [RFC3779].

(As above, I don't see INRs mentioned in RFC 3779.)

Since comments are new in this rev of TAL, do we want to caution consumers
that implementations may not necessarily support comments yet?

Section 2.3

  The trust anchor MUST contain a stable key.  This key MUST NOT change
  when the certificate is reissued due to changes in the INR
  extension(s), when the certificate is renewed prior to expiration, or
  for any reason other than a key change.

(This seems a bit tautological...)

  If an entity wishes to withdraw a self-signed CA certificate as a
  putative trust anchor, for any reason, including key rollover, the
  entity MUST remove the object from the location referenced in the
  TAL.

Certain classes of attacker could continue to publish the last-known
certificate as a trust anchor and prevent this withdrawl from taking
effect; we should probably cover that in the security considerations.

Section 2.4

We say that it's RECOMMENDED to have different domains (so as to get
different IP addresses) but this example shows only a single domain.

Section 4

  Note that a Man in the Middle (MITM) cannot produce a CA certificate
  that would be considered valid according to the process described in
  Section 3.  [...]

I think the key part is that the attacker cannot produce a *new* CA
certificate that differs from a legitimate one, but they can MITM the HTTPS
connection and present a legitimate (but potentially stale) CA certificate.

  o  DNS names in Repository Server certificates SHOULD NOT contain the
      wildcard character "*".

Would a Relying Party ever reject the HTTPS connection (and thus, the
delivered TA) if a wildcard certificate is presented for the HTTPS
connection?

Section 5

  This TAL does not directly provide a list of resources covered by the
  referenced self-signed CA certificate.  Instead, the RP is referred
  to the trust anchor itself and the INR extension(s) within this
  certificate.  This provides necessary operational flexibility, but it
  also allows the certificate issuer to claim to be authoritative for
  any resource.  Relying parties should either have great confidence in
  the issuers of such certificates that they are configuring as trust
  anchors, or they should issue their own self-signed certificate as a
  trust anchor and, in doing so, impose constraints on the subordinate
  certificates.

Are there any external databases that a RP could consult to affect the
decision of whether to believe that a TA should actually be claiming the
indicated resource(s)?  (It would be a bit silly, given that this is the
RPKI already, but still...)

[Ballot comment]
I realize that this document inherits the text in Section 3 from RFC 6490, but can you tell me why there are SHOULDs and not MUSTs?  Why would one NOT do it the way Section 3 specifies?

Then I’ll ask the same question for the new https text in Section 4, especially about TLS certificate and host name validation.

[Ballot comment]
Usually we recommend to have a "Changes since RFC7730" section in bis documents... however, maybe the changes are small enough in this doc that that is not needed.

(Via drafts-lastcall@iana.org): IESG/Authors/WG Chairs:

The IANA Functions Operator has reviewed draft-ietf-sidrops-https-tal-07, which is currently in Last Call, and has the following comments:

We understand that this document doesn't require any registry actions.

While it's often helpful for a document's IANA Considerations section to remain in place upon publication even if there are no actions, if the authors strongly prefer to remove it, we do not object.

If this assessment is not accurate, please respond as soon as possible.

Thank you,

Sabrina Tanamal
Senior IANA Services Specialist

The following Last Call announcement was sent out (ends 2019-03-18):

From: The IESG
To: IETF-Announce
CC: morrowc@ops-netman.net, sidrops@ietf.org, sidrops-chairs@ietf.org, Chris Morrow , draft-ietf-sidrops-https-tal@ietf.org, warren@kumari.net
Reply-To: ietf@ietf.org
Sender:
Subject: Last Call:  (Resource Public Key Infrastructure (RPKI) Trust Anchor Locator) to Proposed Standard


The IESG has received a request from the SIDR Operations WG (sidrops) to
consider the following document: - 'Resource Public Key Infrastructure (RPKI)
Trust Anchor Locator'
  as Proposed Standard

The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive comments to the
ietf@ietf.org mailing lists by 2019-03-18. Exceptionally, comments may be
sent to iesg@ietf.org instead. In either case, please retain the beginning of
the Subject line to allow automated sorting.

Abstract


  This document defines a Trust Anchor Locator (TAL) for the Resource
  Public Key Infrastructure (RPKI).  TALs allow Relying Parties in the
  RPKI to download the current Trust Anchor (TA) CA certificate from
  one or more locations, and verify that the key of this self-signed
  certificate matches the key on the TAL.  Thus, Relying Parties can be
  configured with TA keys, but allow these TAs to change the content of
  their CA certificate.  In particular it allows TAs to change the set
  of Internet Number Resources included in the RFC3779 extension of
  their certificate.

  This document obsoletes the previous definition of Trust Anchor
  Locators in RFC 7730 by adding support for HTTPS URIs.




The file can be obtained via
https://datatracker.ietf.org/doc/draft-ietf-sidrops-https-tal/

IESG discussion can be tracked via
https://datatracker.ietf.org/doc/draft-ietf-sidrops-https-tal/ballot/


No IPR declarations have been submitted directly on this I-D.

As required by RFC 4858, this is the current template for the Document
Shepherd Write-Up.

Changes are expected over time. This version is dated 24 February 2012.

(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet Standard, Informational, Experimental, or Historic)?  Why
is this the proper type of RFC?  Is this type of RFC indicated in the
title page header?

PROPOSED Standard

(2) The IESG approval announcement includes a Document Announcement
Write-Up. Please provide such a Document Announcement Write-Up. Recent
examples can be found in the "Action" announcements for approved
documents. The approval announcement contains the following sections:

Technical Summary

  "This document defines a Trust Anchor Locator (TAL) for the Resource
  Public Key Infrastructure (RPKI).  TALs allow Relying Parties in the
  RPKI to download the current Trust Anchor (TA) CA certificate from
  one or more locations, and verify that the key of this self-signed
  certificate matches the key on the TAL.  Thus, Relying Parties can be
  configured with TA keys, but allow these TAs to change the content of
  their CA certificate.  In particular it allows TAs to change the set
  of Internet Number Resources included in the RFC3779 extension of
  their certificate.

  This document obsoletes the previous definition of Trust Anchor
  Locators in RFC 7730 by adding support for HTTPS URIs."

Working Group Summary

  Was there anything in WG process that is worth noting? For
  example, was there controversy about particular points or
  were there decisions where the consensus was particularly
  rough?

Nothing in the WG that was overly noteworthy, good discussion and back/forth on changes.

Document Quality

  Are there existing implementations of the protocol? Have a
  significant number of vendors indicated their plan to
  implement the specification? Are there any reviewers that
  merit special mention as having done a thorough review,
  e.g., one that resulted in important changes or a
  conclusion that the document had no substantive issues? If
  there was a MIB Doctor, Media Type or other expert review,
  what was its course (briefly)? In the case of a Media Type
  review, on what date was the request posted?

This document obsoletes an existing implementation replacing it with new implementations.

Personnel

  Who is the Document Shepherd? Who is the Responsible Area
  Director?

Shepherd: Chris Morrow - morrowc@ops-netman.net
            AD: Warren Kumari - warren@kumari.net


(3) Briefly describe the review of this document that was performed by
the Document Shepherd.  If this version of the document is not ready
for publication, please explain why the document is being forwarded to
the IESG.

The document was reviewed in it's original form (RFC7730) and in it's new form as seen in this version.

(4) Does the document Shepherd have any concerns about the depth or
breadth of the reviews that have been performed?

no concerns from the shepherd (me).

(5) Do portions of the document need review from a particular or from
broader perspective, e.g., security, operational complexity, AAA, DNS,
DHCP, XML, or internationalization? If so, describe the review that
took place.

I don't believe any special reviews are required.

(6) Describe any specific concerns or issues that the Document Shepherd
has with this document that the Responsible Area Director and/or the
IESG should be aware of? For example, perhaps he or she is uncomfortable
with certain parts of the document, or has concerns whether there really
is a need for it. In any event, if the WG has discussed those issues and
has indicated that it still wishes to advance the document, detail those
concerns here.

no concerns

(7) Has each author confirmed that any and all appropriate IPR
disclosures required for full conformance with the provisions of BCP 78
and BCP 79 have already been filed. If not, explain why.

Each author has noted no IPR claims.

(8) Has an IPR disclosure been filed that references this document?
If so, summarize any WG discussion and conclusion regarding the IPR
disclosures.

N/A

(9) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with others
being silent, or does the WG as a whole understand and agree with it? 

As solid as any SIDR/SIDROPS consensus  has been :)

(10) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in separate
email messages to the Responsible Area Director. (It should be in a
separate email because this questionnaire is publicly available.)

no appeals.

(11) Identify any ID nits the Document Shepherd has found in this
document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts
Checklist). Boilerplate checks are not enough; this check needs to be
thorough.

There is no IANA section, but that is not required for this document. There are 2 downrefs which will be dealt with at auth48 time.

(12) Describe how the document meets any required formal review
criteria, such as the MIB Doctor, media type, and URI type reviews.

no reviews were required.

(13) Have all references within this document been identified as
either normative or informative?

Yes.

(14) Are there normative references to documents that are not ready for
advancement or are otherwise in an unclear state? If such normative
references exist, what is the plan for their completion?

no

(15) Are there downward normative references references (see RFC 3967)?
If so, list these downward references to support the Area Director in
the Last Call procedure.

yes:
Downref: Normative reference to an Informational RFC: RFC 5781
Downref: Normative reference to an Informational RFC: RFC 6480

(16) Will publication of this document change the status of any
existing RFCs? Are those RFCs listed on the title page header, listed
in the abstract, and discussed in the introduction? If the RFCs are not
listed in the Abstract and Introduction, explain why, and point to the
part of the document where the relationship of this document to the
other RFCs is discussed. If this information is not in the document,
explain why the WG considers it unnecessary.

Yes, it should obsolete the URL portions  of RFC 7730

(17) Describe the Document Shepherd's review of the IANA considerations
section, especially with regard to its consistency with the body of the
document. Confirm that all protocol extensions that the document makes
are associated with the appropriate reservations in IANA registries.
Confirm that any referenced IANA registries have been clearly
identified. Confirm that newly created IANA registries include a
detailed specification of the initial contents for the registry, that
allocations procedures for future registrations are defined, and a
reasonable name for the new registry has been suggested (see RFC 5226).

no review required for a section which does not exist.

(18) List any new IANA registries that require Expert Review for future
allocations. Provide any public guidance that the IESG would find
useful in selecting the IANA Experts for these new registries.

none.

(19) Describe reviews and automated checks performed by the Document
Shepherd to validate sections of the document written in a formal
language, such as XML code, BNF rules, MIB definitions, etc.


none required.

Proposed, Internet.. who knows how this works?? :(
I pick 'internet' because it's after 'proposed' which is the top.. which SEEMS to be: "final state is the top state!" :(
of course I always pick this wrong!

As required by RFC 4858, this is the current template for the Document
Shepherd Write-Up.

Changes are expected over time. This version is dated 24 February 2012.

(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet Standard, Informational, Experimental, or Historic)?  Why
is this the proper type of RFC?  Is this type of RFC indicated in the
title page header?

Internet Standard

(2) The IESG approval announcement includes a Document Announcement
Write-Up. Please provide such a Document Announcement Write-Up. Recent
examples can be found in the "Action" announcements for approved
documents. The approval announcement contains the following sections:

Technical Summary

  "This document defines a Trust Anchor Locator (TAL) for the Resource
  Public Key Infrastructure (RPKI).  TALs allow Relying Parties in the
  RPKI to download the current Trust Anchor (TA) CA certificate from
  one or more locations, and verify that the key of this self-signed
  certificate matches the key on the TAL.  Thus, Relying Parties can be
  configured with TA keys, but allow these TAs to change the content of
  their CA certificate.  In particular it allows TAs to change the set
  of Internet Number Resources included in the RFC3779 extension of
  their certificate.

  This document obsoletes the previous definition of Trust Anchor
  Locators in RFC 7730 by adding support for HTTPS URIs."

Working Group Summary

  Was there anything in WG process that is worth noting? For
  example, was there controversy about particular points or
  were there decisions where the consensus was particularly
  rough?

Nothing in the WG that was overly noteworthy, good discussion and back/forth on changes.

Document Quality

  Are there existing implementations of the protocol? Have a
  significant number of vendors indicated their plan to
  implement the specification? Are there any reviewers that
  merit special mention as having done a thorough review,
  e.g., one that resulted in important changes or a
  conclusion that the document had no substantive issues? If
  there was a MIB Doctor, Media Type or other expert review,
  what was its course (briefly)? In the case of a Media Type
  review, on what date was the request posted?

This document obsoletes an existing implementation replacing it with new implementations.

Personnel

  Who is the Document Shepherd? Who is the Responsible Area
  Director?

Shepherd: Chris Morrow - morrowc@ops-netman.net
            AD: Warren Kumari - warren@kumari.net


(3) Briefly describe the review of this document that was performed by
the Document Shepherd.  If this version of the document is not ready
for publication, please explain why the document is being forwarded to
the IESG.

The document was reviewed in it's original form (RFC7730) and in it's new form as seen in this version.

(4) Does the document Shepherd have any concerns about the depth or
breadth of the reviews that have been performed?

no concerns from the shepherd (me).

(5) Do portions of the document need review from a particular or from
broader perspective, e.g., security, operational complexity, AAA, DNS,
DHCP, XML, or internationalization? If so, describe the review that
took place.

I don't believe any special reviews are required.

(6) Describe any specific concerns or issues that the Document Shepherd
has with this document that the Responsible Area Director and/or the
IESG should be aware of? For example, perhaps he or she is uncomfortable
with certain parts of the document, or has concerns whether there really
is a need for it. In any event, if the WG has discussed those issues and
has indicated that it still wishes to advance the document, detail those
concerns here.

no concerns

(7) Has each author confirmed that any and all appropriate IPR
disclosures required for full conformance with the provisions of BCP 78
and BCP 79 have already been filed. If not, explain why.

Each author has noted no IPR claims.

(8) Has an IPR disclosure been filed that references this document?
If so, summarize any WG discussion and conclusion regarding the IPR
disclosures.

N/A

(9) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with others
being silent, or does the WG as a whole understand and agree with it? 

As solid as any SIDR/SIDROPS consensus  has been :)

(10) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in separate
email messages to the Responsible Area Director. (It should be in a
separate email because this questionnaire is publicly available.)

no appeals.

(11) Identify any ID nits the Document Shepherd has found in this
document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts
Checklist). Boilerplate checks are not enough; this check needs to be
thorough.

There is no IANA section, but that is not required for this document. There are 2 downrefs which will be dealt with at auth48 time.

(12) Describe how the document meets any required formal review
criteria, such as the MIB Doctor, media type, and URI type reviews.

no reviews were required.

(13) Have all references within this document been identified as
either normative or informative?

Yes.

(14) Are there normative references to documents that are not ready for
advancement or are otherwise in an unclear state? If such normative
references exist, what is the plan for their completion?

no

(15) Are there downward normative references references (see RFC 3967)?
If so, list these downward references to support the Area Director in
the Last Call procedure.

yes:
Downref: Normative reference to an Informational RFC: RFC 5781
Downref: Normative reference to an Informational RFC: RFC 6480

(16) Will publication of this document change the status of any
existing RFCs? Are those RFCs listed on the title page header, listed
in the abstract, and discussed in the introduction? If the RFCs are not
listed in the Abstract and Introduction, explain why, and point to the
part of the document where the relationship of this document to the
other RFCs is discussed. If this information is not in the document,
explain why the WG considers it unnecessary.

Yes, it should obsolete the URL portions  of RFC 7730

(17) Describe the Document Shepherd's review of the IANA considerations
section, especially with regard to its consistency with the body of the
document. Confirm that all protocol extensions that the document makes
are associated with the appropriate reservations in IANA registries.
Confirm that any referenced IANA registries have been clearly
identified. Confirm that newly created IANA registries include a
detailed specification of the initial contents for the registry, that
allocations procedures for future registrations are defined, and a
reasonable name for the new registry has been suggested (see RFC 5226).

no review required for a section which does not exist.

(18) List any new IANA registries that require Expert Review for future
allocations. Provide any public guidance that the IESG would find
useful in selecting the IANA Experts for these new registries.

none.

(19) Describe reviews and automated checks performed by the Document
Shepherd to validate sections of the document written in a formal
language, such as XML code, BNF rules, MIB definitions, etc.


none required.

As required by RFC 4858, this is the current template for the Document
Shepherd Write-Up.

Changes are expected over time. This version is dated 24 February 2012.

(1) What type of RFC is being requested (BCP, Proposed Standard,
Internet Standard, Informational, Experimental, or Historic)?  Why
is this the proper type of RFC?  Is this type of RFC indicated in the
title page header?

Internet Standard

(2) The IESG approval announcement includes a Document Announcement
Write-Up. Please provide such a Document Announcement Write-Up. Recent
examples can be found in the "Action" announcements for approved
documents. The approval announcement contains the following sections:

Technical Summary

  "This document defines a Trust Anchor Locator (TAL) for the Resource
  Public Key Infrastructure (RPKI).  TALs allow Relying Parties in the
  RPKI to download the current Trust Anchor (TA) CA certificate from
  one or more locations, and verify that the key of this self-signed
  certificate matches the key on the TAL.  Thus, Relying Parties can be
  configured with TA keys, but allow these TAs to change the content of
  their CA certificate.  In particular it allows TAs to change the set
  of Internet Number Resources included in the RFC3779 extension of
  their certificate.

  This document obsoletes the previous definition of Trust Anchor
  Locators in RFC 7730 by adding support for HTTPS URIs."

Working Group Summary

  Was there anything in WG process that is worth noting? For
  example, was there controversy about particular points or
  were there decisions where the consensus was particularly
  rough?

Nothing in the WG that was overly noteworthy, good discussion and back/forth on changes.

Document Quality

  Are there existing implementations of the protocol? Have a
  significant number of vendors indicated their plan to
  implement the specification? Are there any reviewers that
  merit special mention as having done a thorough review,
  e.g., one that resulted in important changes or a
  conclusion that the document had no substantive issues? If
  there was a MIB Doctor, Media Type or other expert review,
  what was its course (briefly)? In the case of a Media Type
  review, on what date was the request posted?

This document obsoletes an existing implementation replacing it with new implementations.

Personnel

  Who is the Document Shepherd? Who is the Responsible Area
  Director?

Shepherd: Chris Morrow - morrowc@ops-netman.net
            AD: Warren Kumari - warren@kumari.net


(3) Briefly describe the review of this document that was performed by
the Document Shepherd.  If this version of the document is not ready
for publication, please explain why the document is being forwarded to
the IESG.

The document was reviewed in it's original form (RFC7730) and in it's new form as seen in this version.

(4) Does the document Shepherd have any concerns about the depth or
breadth of the reviews that have been performed?

no concerns from the shepherd (me).

(5) Do portions of the document need review from a particular or from
broader perspective, e.g., security, operational complexity, AAA, DNS,
DHCP, XML, or internationalization? If so, describe the review that
took place.

I don't believe any special reviews are required.

(6) Describe any specific concerns or issues that the Document Shepherd
has with this document that the Responsible Area Director and/or the
IESG should be aware of? For example, perhaps he or she is uncomfortable
with certain parts of the document, or has concerns whether there really
is a need for it. In any event, if the WG has discussed those issues and
has indicated that it still wishes to advance the document, detail those
concerns here.

no concerns

(7) Has each author confirmed that any and all appropriate IPR
disclosures required for full conformance with the provisions of BCP 78
and BCP 79 have already been filed. If not, explain why.

Each author has noted no IPR claims.

(8) Has an IPR disclosure been filed that references this document?
If so, summarize any WG discussion and conclusion regarding the IPR
disclosures.

N/A

(9) How solid is the WG consensus behind this document? Does it
represent the strong concurrence of a few individuals, with others
being silent, or does the WG as a whole understand and agree with it? 

As solid as any SIDR/SIDROPS consensus  has been :)

(10) Has anyone threatened an appeal or otherwise indicated extreme
discontent? If so, please summarise the areas of conflict in separate
email messages to the Responsible Area Director. (It should be in a
separate email because this questionnaire is publicly available.)

no appeals.

(11) Identify any ID nits the Document Shepherd has found in this
document. (See https://www.ietf.org/tools/idnits/ and the Internet-Drafts
Checklist). Boilerplate checks are not enough; this check needs to be
thorough.

There is no IANA section, but that is not required for this document. There are 2 downrefs which will be dealt with at auth48 time.

(12) Describe how the document meets any required formal review
criteria, such as the MIB Doctor, media type, and URI type reviews.

no reviews were required.

(13) Have all references within this document been identified as
either normative or informative?

Yes.

(14) Are there normative references to documents that are not ready for
advancement or are otherwise in an unclear state? If such normative
references exist, what is the plan for their completion?

no

(15) Are there downward normative references references (see RFC 3967)?
If so, list these downward references to support the Area Director in
the Last Call procedure.

yes:
Downref: Normative reference to an Informational RFC: RFC 5781
Downref: Normative reference to an Informational RFC: RFC 6480

(16) Will publication of this document change the status of any
existing RFCs? Are those RFCs listed on the title page header, listed
in the abstract, and discussed in the introduction? If the RFCs are not
listed in the Abstract and Introduction, explain why, and point to the
part of the document where the relationship of this document to the
other RFCs is discussed. If this information is not in the document,
explain why the WG considers it unnecessary.

Yes, it should obsolete the URL portions  of RFC 7730

(17) Describe the Document Shepherd's review of the IANA considerations
section, especially with regard to its consistency with the body of the
document. Confirm that all protocol extensions that the document makes
are associated with the appropriate reservations in IANA registries.
Confirm that any referenced IANA registries have been clearly
identified. Confirm that newly created IANA registries include a
detailed specification of the initial contents for the registry, that
allocations procedures for future registrations are defined, and a
reasonable name for the new registry has been suggested (see RFC 5226).

no review required for a section which does not exist.

(18) List any new IANA registries that require Expert Review for future
allocations. Provide any public guidance that the IESG would find
useful in selecting the IANA Experts for these new registries.

none.

(19) Describe reviews and automated checks performed by the Document
Shepherd to validate sections of the document written in a formal
language, such as XML code, BNF rules, MIB definitions, etc.


none required.