IGP extension for PCEP security capability support in the PCE discovery

Document Type Expired Internet-Draft (lsr WG)
Last updated 2020-05-03 (latest revision 2019-10-31)
Replaces draft-wu-lsr-pce-discovery-security-support
Stream IETF
Intended RFC status (None)
Expired & archived
pdf htmlized (tools) htmlized bibtex
Stream WG state WG Document
Document shepherd Acee Lindem
IESG IESG state Expired
Consensus Boilerplate Unknown
Telechat date
Responsible AD (None)
Send notices to Acee Lindem <acee@cisco.com>, pce@ietf.org

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at


When a Path Computation Element (PCE) is a Label Switching Router (LSR) participating in the Interior Gateway Protocol (IGP), or even a server participating in IGP, its presence and path computation capabilities can be advertised using IGP flooding. The IGP extensions for PCE discovery (RFC 5088 and RFC 5089) define a method to advertise path computation capabilities using IGP flooding for OSPF and IS-IS respectively. However these specifications lack a method to advertise PCEP security (e.g., Transport Layer Security(TLS), TCP Authentication Option (TCP-AO)) support capability. This document proposes new capability flag bits for PCE-CAP-FLAGS sub-TLV that can be announced as attribute in the IGP advertisement to distribute PCEP security support information. In addition, this document updates RFC 5088 and RFC 5089 to allow advertisement of Key ID or Key Chain Name Sub-TLV to support TCP AO security capability.


Diego Lopez (diego.r.lopez@telefonica.com)
Qin Wu (bill.wu@huawei.com)
Dhruv Dhody (dhruv.ietf@gmail.com)
Zitao Wang (wangzitao@huawei.com)
Daniel King (daniel@olddog.co.uk)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)