1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
|
<pre>Network Working Group S. Bradner
Request for Comments: 4775 Harvard
BCP: 125 B. Carpenter, Ed.
Category: Best Current Practice T. Narten
IBM
December 2006
<span class="h1">Procedures for Protocol Extensions and Variations</span>
Status of This Memo
This document specifies an Internet Best Current Practices for the
Internet Community, and requests discussion and suggestions for
improvements. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) The IETF Trust (2006).
Abstract
This document discusses procedural issues related to the
extensibility of IETF protocols, including when it is reasonable to
extend IETF protocols with little or no review, and when extensions
or variations need to be reviewed by the IETF community. Experience
has shown that extension of protocols without early IETF review can
carry risk. The document also recommends that major extensions to or
variations of IETF protocols only take place through normal IETF
processes or in coordination with the IETF.
This document is directed principally at other Standards Development
Organizations (SDOs) and vendors considering requirements for
extensions to IETF protocols. It does not modify formal IETF
processes.
<span class="grey">Bradner, et al. Best Current Practice [Page 1]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-2" ></span>
<span class="grey"><a href="./rfc4775">RFC 4775</a> Procedures for Protocol Extensions December 2006</span>
Table of Contents
<a href="#section-1">1</a>. Introduction ....................................................<a href="#page-2">2</a>
<a href="#section-2">2</a>. Technical Risks in Extensions ...................................<a href="#page-3">3</a>
<a href="#section-3">3</a>. General Considerations ..........................................<a href="#page-4">4</a>
<a href="#section-3.1">3.1</a>. The Importance of Interoperability .........................<a href="#page-4">4</a>
<a href="#section-3.2">3.2</a>. Registered Values and the Importance of IANA Assignments ...<a href="#page-5">5</a>
<a href="#section-3.3">3.3</a>. Significant Extensions Require Technical Review ............<a href="#page-5">5</a>
<a href="#section-3.4">3.4</a>. Quality and Consistency ....................................<a href="#page-6">6</a>
<a href="#section-3.5">3.5</a>. The Role of Formal Liaisons ................................<a href="#page-6">6</a>
<a href="#section-4">4</a>. Procedure for Review of Extensions ..............................<a href="#page-7">7</a>
<a href="#section-5">5</a>. Some Specific Issues ...........................................<a href="#page-10">10</a>
<a href="#section-6">6</a>. Intellectual Property ..........................................<a href="#page-10">10</a>
<a href="#section-7">7</a>. Security Considerations ........................................<a href="#page-10">10</a>
<a href="#section-8">8</a>. IANA Considerations ............................................<a href="#page-11">11</a>
<a href="#section-9">9</a>. Acknowledgements ...............................................<a href="#page-11">11</a>
<a href="#section-10">10</a>. References ....................................................<a href="#page-11">11</a>
<a href="#section-10.1">10.1</a>. Normative References .....................................<a href="#page-11">11</a>
<a href="#section-10.2">10.2</a>. Informative References ...................................<a href="#page-12">12</a>
<span class="h2"><a class="selflink" id="section-1" href="#section-1">1</a>. Introduction</span>
<a href="https://www.rfc-editor.org/bcp/bcp9">BCP 9</a> [<a href="./rfc2026" title=""The Internet Standards Process -- Revision 3"">RFC2026</a>] is the current definition of the IETF standards
track. This process applies not only to the initial definition of a
protocol, but also to any subsequent updates, such that continued
interoperability can be guaranteed. However, it is not always clear
whether extensions to a protocol should be made within the IETF
process, especially when they originate outside the IETF community.
This document lays down guidelines and procedures for such
extensions.
When developing protocols, IETF Working Groups (WGs) typically
include mechanisms whereby these protocols can be extended in the
future. It is, of course, a good principle to design extensibility
into protocols; a common definition of a successful protocol is one
that becomes widely used in ways not originally anticipated. Well-
designed extensibility mechanisms facilitate the evolution of
protocols and help make it easier to roll out incremental changes in
an interoperable fashion. At the same time, experience has shown
that extensibility features should be limited to what is clearly
necessary when the protocol is developed, and any later extensions
should be done carefully and with a full understanding of the base
protocol, existing implementations, and current operational practice.
However, it is not the purpose of this document to describe the
architectural principles of sound extensibility design.
<span class="grey">Bradner, et al. Best Current Practice [Page 2]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-3" ></span>
<span class="grey"><a href="./rfc4775">RFC 4775</a> Procedures for Protocol Extensions December 2006</span>
When extensions to IETF protocols are made within the IETF, the
normal IETF process is followed, including the normal processes for
IETF-wide review and IESG approval. Extensions developed in this way
should respect the same architectural principles and technical
criteria as any other IETF work.
In addition to the IETF itself, other Standards Development
Organizations (SDOs), vendors, and technology fora may identify a
requirement for an extension to an IETF protocol. The question
addressed by this document is how such bodies should proceed. There
are several possible scenarios:
1. The requirement is straightforward and within the scope of
whatever extension mechanism the base protocol includes.
2. The requirement is, or may be, outside that scope, and:
1. The IETF still has an active WG in the area;
2. The IETF has no active WG, but has relevant expertise;
3. The IETF no longer has a nucleus of relevant expertise.
Especially in the latter three cases, there are technical risks in
extension design, described in the next section. These risks are
higher when extensions to IETF protocols are made outside the IETF
and without consulting the IETF.
This document is focused on appropriate procedures and practices to
minimize the chance that extensions developed outside the IETF will
encounter these risks and, therefore, become useless or, worse,
damaging to interoperability. Architectural considerations are
documented elsewhere. This document is directed principally at other
SDOs and vendors considering requirements for extensions to IETF
protocols. It does not modify formal IETF processes.
The IETF claims no special position. Everything said here about IETF
protocols would apply with equal force to protocols specified by any
SDO. The IETF should follow whatever procedures another SDO lays
down for extensions to its own protocols, if the IETF identifies a
need for such an extension.
<span class="h2"><a class="selflink" id="section-2" href="#section-2">2</a>. Technical Risks in Extensions</span>
Extensions may be developed without full understanding of why the
existing protocol was designed the way that it is -- e.g., what ideas
were brought up during the original development and rejected because
of some problem with them. Also, extensions could unintentionally
negate some key function of the existing protocol (such as security
or congestion control). Design choices can be made without analyzing
their impact on the protocol as a whole, and basic underlying
<span class="grey">Bradner, et al. Best Current Practice [Page 3]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-4" ></span>
<span class="grey"><a href="./rfc4775">RFC 4775</a> Procedures for Protocol Extensions December 2006</span>
architectural principles of the protocol can be violated. Also,
there is a risk that mutually incompatible extensions may be
developed independently.
Of course, the IETF itself is not immune to such mistakes, suggesting
a need for WGs to document their design decisions (including paths
rejected) and some rationale for those decisions, for the benefit of
both those within the IETF and those outside the IETF, perhaps years
later.
Documentation of non-IETF extensions can sometimes be hard to obtain,
so assessing the quality of the specification, verifying
interoperability, and verifying compatibility with other extensions
(including past and future extensions) can be hard or impossible.
A set of interrelated extensions to multiple protocols typically
carries a greater danger of interoperability issues or
incompatibilities than a simple extension. Consequently, it is
important that such proposals receive earlier and more in-depth
review than unitary extensions.
All that can be said about extensions applies with equal or greater
force to variations -- in fact, by definition, protocol variations
damage interoperability. They must, therefore, be intensely
scrutinized. An extension adds features and, if well designed,
allows interoperability between old and new implementations. A
variation modifies features in such a way that old and new
implementations may not interoperate. Throughout this document, what
is said about extensions also applies to variations.
<span class="h2"><a class="selflink" id="section-3" href="#section-3">3</a>. General Considerations</span>
<span class="h3"><a class="selflink" id="section-3.1" href="#section-3.1">3.1</a>. The Importance of Interoperability</span>
According to its Mission Statement [<a href="./rfc3935" title=""A Mission Statement for the IETF"">RFC3935</a>], the IETF produces high
quality, relevant technical and engineering documents, including
protocol standards. The mission statement goes on to say that the
benefit of these standards to the Internet "is in interoperability -
that multiple products implementing a standard are able to work
together in order to deliver valuable functions to the Internet's
users".
One consequence of this mission is that the IETF designs protocols
for the single Internet. The IETF expects its protocols to work the
same everywhere. Protocol extensions designed for limited
environments may be reasonable provided that products with these
extensions interoperate with products without the extensions.
Extensions that break interoperability are unacceptable when products
<span class="grey">Bradner, et al. Best Current Practice [Page 4]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-5" ></span>
<span class="grey"><a href="./rfc4775">RFC 4775</a> Procedures for Protocol Extensions December 2006</span>
with and without the extension are mixed. It is the IETF's
experience that this tends to happen on the Internet even when the
original designers of the extension did not expect this to happen.
Another consequence of this definition of interoperability is that
the IETF values the ability to exchange one product implementing a
protocol with another. The IETF often specifies mandatory-to-
implement functionality as part of its protocols so that there is a
core set of functionality sufficient for interoperability that all
products implement. The IETF tries to avoid situations where
protocols need to be profiled to specify which optional features are
required for a given environment, because doing so harms
interoperability on the Internet as a whole.
The IETF, and in particular the IESG, will apply these considerations
when evaluating protocol extensions proposed inside or outside the
IETF.
<span class="h3"><a class="selflink" id="section-3.2" href="#section-3.2">3.2</a>. Registered Values and the Importance of IANA Assignments</span>
An extension is often likely to make use of additional values added
to an existing IANA registry (in many cases, simply by adding a new
"TLV" (type-length-value) field). It is essential that such new
values are properly registered by the applicable procedures,
including expert review where applicable (see <a href="https://www.rfc-editor.org/bcp/bcp26">BCP 26</a>, [<a href="./rfc2434" title="">RFC2434</a>]).
Extensions may even need to create new IANA registries in some cases.
Experience shows that the importance of this is often underestimated
during extension design; designers sometimes assume that a new
codepoint is theirs for the asking, or even simply for the taking.
This is hazardous; it is far too likely that someone just taking a
protocol value will find that the same value will later be formally
assigned to another function, thus guaranteeing an interoperability
problem.
In many cases, IANA assignment requests trigger a thorough technical
review of the proposal by a designated IETF expert reviewer.
Requests are sometimes refused after such a review. Thus, extension
designers must pay particular attention to any needed IANA
assignments and to the applicable criteria.
<span class="h3"><a class="selflink" id="section-3.3" href="#section-3.3">3.3</a>. Significant Extensions Require Technical Review</span>
Some extensions may be considered minor (e.g., adding a
straightforward new TLV to an application protocol, which will only
impact a subset of hosts) and some may be considered major (e.g.,
adding a new IP option type, which will potentially impact every node
on the Internet). This is essentially a matter of judgment. It
<span class="grey">Bradner, et al. Best Current Practice [Page 5]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-6" ></span>
<span class="grey"><a href="./rfc4775">RFC 4775</a> Procedures for Protocol Extensions December 2006</span>
could be argued that anything requiring at most Expert Review in
[<a href="./rfc2434" title="">RFC2434</a>] is probably minor, and anything beyond that is major.
However, even an apparently minor extension may have unforeseen
consequences on interoperability. Thus, the distinction between
major and minor is less important than ensuring that the right amount
of technical review takes place in either case. In general, the
expertise for such review lies within the same SDO that developed the
original protocol. Therefore, the expertise for such review for IETF
protocols lies within the IETF.
There may sometimes be doubt whether a particular proposal is or is
not truly a protocol extension. When in doubt, it is preferable to
err on the side of additional review. However, it should be noted
that if an 'extension' only consists of registering a new value with
IANA in a First Come First Served registry [<a href="./rfc2434" title="">RFC2434</a>], this document
is not intended to require formal IETF review. Informal review by
experts may, nevertheless, be valuable. In other cases (<a href="#section-5">Section 5</a>),
there is a well-specified procedure for extensions that should be
followed.
The only safe rule is that, even if an extension appears minor to the
person proposing it, early review by subject matter experts is
advisable. For protocols that have been developed in the IETF, the
appropriate forum for such review is the IETF, either in the relevant
WG or Area, or by individual IETF experts if no such WG exists.
<span class="h3"><a class="selflink" id="section-3.4" href="#section-3.4">3.4</a>. Quality and Consistency</span>
In order to be adequately reviewed by relevant experts, a proposed
extension must be documented in a clear and well-written
specification that IETF subject matter experts have access to and can
review. Ideally, such a document would be published as an Internet
Draft, using terminology and content that is sufficiently consistent
with the unextended specification that these experts can readily
identify the technical changes proposed at an early stage.
<span class="h3"><a class="selflink" id="section-3.5" href="#section-3.5">3.5</a>. The Role of Formal Liaisons</span>
The IETF has formal liaisons in place with a number of SDOs;
documentation of the liaison process is in [<a href="./rfc4052" title=""IAB Processes for Management of IETF Liaison Relationships"">RFC4052</a>], [<a href="./rfc4053" title=""Procedures for Handling Liaison Statements to and from the IETF"">RFC4053</a>], and
[<a href="./rfc4691" title=""Guidelines for Acting as an IETF Liaison to Another Organization"">RFC4691</a>]. These liaison channels should be used as relevant for
discussing and reviewing extensions, as should informal communication
at the engineering level (for example, experts from other SDOs are
welcome to participate in IETF meetings and mailing lists). Where
formal liaison does not exist, the point of contact in the IETF
should be the Chairs of relevant WGs, the most appropriate Area
Director, or, in case of doubt, the IESG as a whole.
<span class="grey">Bradner, et al. Best Current Practice [Page 6]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-7" ></span>
<span class="grey"><a href="./rfc4775">RFC 4775</a> Procedures for Protocol Extensions December 2006</span>
<span class="h2"><a class="selflink" id="section-4" href="#section-4">4</a>. Procedure for Review of Extensions</span>
In some cases, explicit provision is made in the relevant RFCs for
extending individual IETF protocols. Nothing in this document
overrides such procedures. Some such cases are mentioned in
<a href="#section-5">Section 5</a>.
There are several ways in which an extension to an IETF protocol can
be considered for publication as an RFC:
1. Extensions to IETF protocols developed within the IETF will be
subject to the normal IETF process, exactly like new designs. It
is not suggested that this is a panacea; appropriate cross-
working-group and cross-area review is needed within the IETF to
avoid oversights and mistakes.
2. Extensions to IETF protocols discussed in an IRTF Research Group
may well be the prelude to regular IETF discussion. However, a
Research Group may desire to specify an experimental extension
before the work is mature enough for IETF processing. In this
case, the Research Group is required to involve appropriate IETF
or IANA experts in their process to avoid oversights.
3. Extensions to IETF protocols described in Independent Submissions
to the RFC Editor are subject to IESG review, currently described
in <a href="https://www.rfc-editor.org/bcp/bcp92">BCP 92</a> [<a href="./rfc3932" title=""The IESG and RFC Editor Documents: Procedures"">RFC3932</a>]. If appropriate, the IESG advises the RFC
Editor that full IETF processing is needed, or that relevant IANA
procedures need to be followed before publication can proceed.
Note that Independent Submissions cannot be placed on the IETF
Standards Track; they would need to enter full IETF processing.
Where vendors or other SDOs identify a requirement for extending an
IETF protocol, their first step should be to consider the scenarios
listed in <a href="#section-1">Section 1</a>. If the requirement is straightforward and
within the scope of a documented extension mechanism, the way is
clear, and the documented mechanism must be followed. If these two
conditions are not met, the next step should be to contact the
relevant IETF Area Director to check whether there is an active WG in
the area or, at least, relevant expertise available in the IETF. At
this point, it will be possible to select the most appropriate of the
above three routes. Regular IETF process is most likely to be
suitable, assuming sufficient interest can be found in the IETF
community. IRTF process is unlikely to be suitable unless there is a
genuine research context for the proposed extension.
<span class="grey">Bradner, et al. Best Current Practice [Page 7]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-8" ></span>
<span class="grey"><a href="./rfc4775">RFC 4775</a> Procedures for Protocol Extensions December 2006</span>
In the event that the IETF no longer has relevant expertise, there
are still two choices to discuss with the Area Director: bring the
work to the IETF (i.e., the IETF imports expertise) or reach mutual
agreement to do the work elsewhere (i.e., the IETF explicitly exports
change control).
In the case of an SDO that identifies a requirement for a
standardized extension, a standards development process within the
IETF (while maintaining appropriate liaison) is strongly recommended
in preference to publishing a non-IETF standard. Otherwise, the
implementor community will be faced with a standard split into two or
more parts in different styles, obtained from different sources, with
no unitary control over quality, compatibility, interoperability, and
intellectual property conditions. Note that, since participation in
the IETF is open, there is no formality or restriction for
participants in other SDOs choosing to work in the IETF as well. In
some cases (see <a href="#section-5">Section 5</a>), the IETF has well-defined procedures for
this in place.
Naturally, SDOs can and do develop scenarios, requirements, and
architectures based on IETF specifications. It is only actual
protocol extensions and changes that need to go through the IETF
process. However, there is large risk of wasted effort if
significant investment is made in planning stages for use of IETF
technology without early review and feedback from the IETF. Other
SDOs are encouraged to communicate informally or formally with the
IETF as early as possible, to avoid false starts. Early technical
review in a collaborative spirit is of great value. Each SDO can
"own" its ideas and discuss them in its own fora, but should start
talking to the IETF experts about those ideas the moment the idea is
well formulated. It is understood that close collaboration may be
needed in order that the IETF experts correctly understand the
systems architecture envisaged by the other SDO. This is much
preferable to a situation where another SDO presents the IANA and the
IETF with a 'fait accompli.'
Vendors that identify a requirement for an extension are strongly
recommended to start informal discussion in the IETF and to publish a
preliminary Internet Draft describing the requirements. This will
allow the vendor, and the community, to evaluate whether there is
community interest and whether there are any major or fundamental
issues. However, in the case of a vendor that identifies a
requirement for a proprietary extension that does not generate
interest in the IETF (or IRTF) communities, an Independent Submission
to the RFC Editor is strongly recommended in preference to publishing
a proprietary document. Not only does this bring the draft to the
<span class="grey">Bradner, et al. Best Current Practice [Page 8]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-9" ></span>
<span class="grey"><a href="./rfc4775">RFC 4775</a> Procedures for Protocol Extensions December 2006</span>
attention of the community, but it also ensures a minimum of review
[<a href="./rfc3932" title=""The IESG and RFC Editor Documents: Procedures"">RFC3932</a>], and (if published as an RFC) makes the proprietary
extension available to the whole community.
If, despite these recommendations, a vendor or SDO does choose to
publish its own specification for an extension to an IETF protocol,
the following guidance applies:
o Extensions to IETF protocols should be well, and publicly,
documented, and reviewed at an early stage by the IETF community
to be sure that the extension does not undermine basic assumptions
and safeguards designed into the protocol (such as security
functions) or its architectural integrity.
o Vendors and other SDOs are formally requested to submit any such
proposed publications for IETF review, and are invited to actively
participate in the IETF process. Submission may be by an
established liaison channel if it exists, or by direct
communication with the relevant WG or the IESG. This should be
done at an early stage, before a large investment of effort has
taken place, in case basic problems are revealed. When there is a
formal liaison in place between the other SDO and the IETF, the
liaison channel should be used to ensure that review takes place,
both by relevant experts and by established review teams or
Directorates within the IETF. If there is no formal liaison, the
other SDO or vendor should ask the IESG (or a relevant Area
Director) to obtain such reviews. Note that general aspects such
as security, internationalization, and management may need review,
as well as the protocol as such.
o In the case of extensions involving only routine IANA parameter
assignments, for which there is an underlying IETF specification
containing clear IANA Considerations, this request is satisfied as
long as those considerations are satisfied (see [<a href="./rfc2434" title="">RFC2434</a>]).
Anything beyond this requires an explicit protocol review by
experts within the IETF.
o Note that, like IETF specifications, such proposed publications
must include an IANA Considerations section to ensure that
protocol parameter assignments that are needed to deploy
extensions are not made until after a proposed extension has
received adequate review, and then to ensure that IANA has precise
guidance on how to make those assignments.
<span class="grey">Bradner, et al. Best Current Practice [Page 9]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-10" ></span>
<span class="grey"><a href="./rfc4775">RFC 4775</a> Procedures for Protocol Extensions December 2006</span>
<span class="h2"><a class="selflink" id="section-5" href="#section-5">5</a>. Some Specific Issues</span>
It is relatively common for MIB modules, which are all, in effect,
extensions of the SMI data model, to be defined or extended outside
the IETF. <a href="https://www.rfc-editor.org/bcp/bcp111">BCP 111</a> [<a href="./rfc4181" title=""Guidelines for Authors and Reviewers of MIB Documents"">RFC4181</a>] offers detailed guidance for authors and
reviewers.
A number of protocols have foreseen experimental values for certain
IANA parameters, so that experimental usages and extensions may be
tested without need for a special parameter assignment. It must be
stressed that such values are not intended for production use or as a
way to evade the type of technical review described in this document.
See [<a href="./rfc3692" title=""Assigning Experimental and Testing Numbers Considered Useful"">RFC3692</a>] and [<a href="./rfc4727" title=""Experimental Values In IPv4, IPv6, ICMPv4, ICMPv6, UDP, and TCP Headers"">RFC4727</a>].
RADIUS [<a href="./rfc2865" title=""Remote Authentication Dial In User Service (RADIUS)"">RFC2865</a>] is designed to carry attributes and allow definition
of new attributes. But it is important that discussion of new
attributes involve the IETF community of experts knowledgeable about
the protocol's architecture and existing usage in order to fully
understand the implications of a proposed extension. Adding new
attributes without such discussion creates a high risk of
interoperability or functionality failure. For this reason among
others, the IETF has an active RADIUS Extensions WG at the time of
writing.
There are certain documents that specify a change process for
specific IETF protocols, such as:
The SIP change process [<a href="./rfc3427" title=""Change Process for the Session Initiation Protocol (SIP)"">RFC3427</a>]
The (G)MPLS change process [<a href="#ref-CHANGEPROC" title=""Change Process for Multiprotocol Label Switching (MPLS) and Generalized MPLS (GMPLS) Protocols and Procedures"">CHANGEPROC</a>]
This document does not override such specific change processes.
<span class="h2"><a class="selflink" id="section-6" href="#section-6">6</a>. Intellectual Property</span>
All IETF documents fall under the IETF's intellectual property rules,
<a href="https://www.rfc-editor.org/bcp/bcp78">BCP 78</a> [<a href="./rfc3978" title=""IETF Rights in Contributions"">RFC3978</a>] and <a href="https://www.rfc-editor.org/bcp/bcp79">BCP 79</a> [<a href="./rfc3979" title=""Intellectual Property Rights in IETF Technology"">RFC3979</a>], as amended. In particular,
there are restrictions on the production of derivative works, and
there are rights that remain with the original authors. Anybody
outside the IETF considering an extension based on an IETF document
must bear these legal restrictions and rights in mind.
<span class="h2"><a class="selflink" id="section-7" href="#section-7">7</a>. Security Considerations</span>
An extension must not introduce new security risks without also
providing an adequate counter-measure, and in particular it must not
inadvertently defeat security measures in the unextended protocol.
This aspect must always be considered during IETF review.
<span class="grey">Bradner, et al. Best Current Practice [Page 10]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-11" ></span>
<span class="grey"><a href="./rfc4775">RFC 4775</a> Procedures for Protocol Extensions December 2006</span>
<span class="h2"><a class="selflink" id="section-8" href="#section-8">8</a>. IANA Considerations</span>
The IETF requests IANA to pay attention to the requirements of this
document when requested to make protocol parameter assignments for
vendors or other SDOs, i.e., to respect the IANA Considerations of
all RFCs that contain them, and the general considerations of <a href="https://www.rfc-editor.org/bcp/bcp26">BCP 26</a>
[<a href="./rfc2434" title="">RFC2434</a>].
<span class="h2"><a class="selflink" id="section-9" href="#section-9">9</a>. Acknowledgements</span>
This document is heavily based on an earlier draft under a different
title by Scott Bradner and Thomas Narten.
That earlier draft stated: The initial version of this document was
put together by the IESG in 2002. Since then, it has been reworked
in response to feedback from John Loughney, Henrik Levkowetz, Mark
Townsley, Randy Bush, Bernard Aboba, and others.
Ted Hardie, Scott Brim, Dan Romascanu, Jari Arkko, Loa Andersson,
Adrian Farrel, Roy Fielding, Keith Moore, Bernard Aboba, Elwyn
Davies, Stephen Trowbridge, and Ted Ts'o also made valuable comments
on this document.
Sam Hartman contributed the section on interoperability.
This document was produced using the xml2rfc tool [<a href="./rfc2629" title=""Writing I-Ds and RFCs using XML"">RFC2629</a>].
<span class="h2"><a class="selflink" id="section-10" href="#section-10">10</a>. References</span>
<span class="h3"><a class="selflink" id="section-10.1" href="#section-10.1">10.1</a>. Normative References</span>
[<a id="ref-RFC2026">RFC2026</a>] Bradner, S., "The Internet Standards Process -- Revision
3", <a href="https://www.rfc-editor.org/bcp/bcp9">BCP 9</a>, <a href="./rfc2026">RFC 2026</a>, October 1996.
[<a id="ref-RFC2434">RFC2434</a>] Narten, T. and H. Alvestrand, "Guidelines for Writing an
IANA Considerations Section in RFCs", <a href="https://www.rfc-editor.org/bcp/bcp26">BCP 26</a>, <a href="./rfc2434">RFC 2434</a>,
October 1998.
[<a id="ref-RFC3427">RFC3427</a>] Mankin, A., Bradner, S., Mahy, R., Willis, D., Ott, J.,
and B. Rosen, "Change Process for the Session Initiation
Protocol (SIP)", <a href="https://www.rfc-editor.org/bcp/bcp67">BCP 67</a>, <a href="./rfc3427">RFC 3427</a>, December 2002.
[<a id="ref-RFC3692">RFC3692</a>] Narten, T., "Assigning Experimental and Testing Numbers
Considered Useful", <a href="https://www.rfc-editor.org/bcp/bcp82">BCP 82</a>, <a href="./rfc3692">RFC 3692</a>, January 2004.
[<a id="ref-RFC3932">RFC3932</a>] Alvestrand, H., "The IESG and RFC Editor Documents:
Procedures", <a href="https://www.rfc-editor.org/bcp/bcp92">BCP 92</a>, <a href="./rfc3932">RFC 3932</a>, October 2004.
<span class="grey">Bradner, et al. Best Current Practice [Page 11]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-12" ></span>
<span class="grey"><a href="./rfc4775">RFC 4775</a> Procedures for Protocol Extensions December 2006</span>
[<a id="ref-RFC3935">RFC3935</a>] Alvestrand, H., "A Mission Statement for the IETF",
<a href="https://www.rfc-editor.org/bcp/bcp95">BCP 95</a>, <a href="./rfc3935">RFC 3935</a>, October 2004.
[<a id="ref-RFC3978">RFC3978</a>] Bradner, S., "IETF Rights in Contributions", <a href="https://www.rfc-editor.org/bcp/bcp78">BCP 78</a>,
<a href="./rfc3978">RFC 3978</a>, March 2005.
[<a id="ref-RFC3979">RFC3979</a>] Bradner, S., "Intellectual Property Rights in IETF
Technology", <a href="https://www.rfc-editor.org/bcp/bcp79">BCP 79</a>, <a href="./rfc3979">RFC 3979</a>, March 2005.
[<a id="ref-RFC4052">RFC4052</a>] Daigle, L. and Internet Architecture Board, "IAB
Processes for Management of IETF Liaison Relationships",
<a href="https://www.rfc-editor.org/bcp/bcp102">BCP 102</a>, <a href="./rfc4052">RFC 4052</a>, April 2005.
[<a id="ref-RFC4053">RFC4053</a>] Trowbridge, S., Bradner, S., and F. Baker, "Procedures
for Handling Liaison Statements to and from the IETF",
<a href="https://www.rfc-editor.org/bcp/bcp103">BCP 103</a>, <a href="./rfc4053">RFC 4053</a>, April 2005.
[<a id="ref-RFC4181">RFC4181</a>] Heard, C., "Guidelines for Authors and Reviewers of MIB
Documents", <a href="https://www.rfc-editor.org/bcp/bcp111">BCP 111</a>, <a href="./rfc4181">RFC 4181</a>, September 2005.
[<a id="ref-RFC4727">RFC4727</a>] Fenner, B., "Experimental Values In IPv4, IPv6, ICMPv4,
ICMPv6, UDP, and TCP Headers", <a href="./rfc4727">RFC 4727</a>, November 2006.
<span class="h3"><a class="selflink" id="section-10.2" href="#section-10.2">10.2</a>. Informative References</span>
[<a id="ref-CHANGEPROC">CHANGEPROC</a>] Andersson, L. and A. Farrel, "Change Process for
Multiprotocol Label Switching (MPLS) and Generalized
MPLS (GMPLS) Protocols and Procedures", Work in
Progress, October 2006.
[<a id="ref-RFC2629">RFC2629</a>] Rose, M., "Writing I-Ds and RFCs using XML", <a href="./rfc2629">RFC 2629</a>,
June 1999.
[<a id="ref-RFC2865">RFC2865</a>] Rigney, C., Willens, S., Rubens, A., and W. Simpson,
"Remote Authentication Dial In User Service (RADIUS)",
<a href="./rfc2865">RFC 2865</a>, June 2000.
[<a id="ref-RFC4691">RFC4691</a>] Andersson, L., "Guidelines for Acting as an IETF Liaison
to Another Organization", <a href="./rfc4691">RFC 4691</a>, October 2006.
<span class="grey">Bradner, et al. Best Current Practice [Page 12]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-13" ></span>
<span class="grey"><a href="./rfc4775">RFC 4775</a> Procedures for Protocol Extensions December 2006</span>
Authors' Addresses
Scott Bradner
Harvard University
29 Oxford St.
Cambridge, MA 02138
US
EMail: sob@harvard.edu
Brian Carpenter, Ed.
IBM
8 Chemin de Blandonnet
1214 Vernier
Switzerland
EMail: brc@zurich.ibm.com
Thomas Narten
IBM
3039 Cornwallis Ave.
PO Box 12195 - BRQA/502
Research Triangle Park, NC 27709-2195
US
EMail: narten@us.ibm.com
<span class="grey">Bradner, et al. Best Current Practice [Page 13]</span></pre>
<hr class='noprint'/><!--NewPage--><pre class='newpage'><span id="page-14" ></span>
<span class="grey"><a href="./rfc4775">RFC 4775</a> Procedures for Protocol Extensions December 2006</span>
Full Copyright Statement
Copyright (C) The IETF Trust (2006).
This document is subject to the rights, licenses and restrictions
contained in <a href="https://www.rfc-editor.org/bcp/bcp78">BCP 78</a>, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST,
AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES,
EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT
THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY
IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR
PURPOSE.
Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in <a href="https://www.rfc-editor.org/bcp/bcp78">BCP 78</a> and <a href="https://www.rfc-editor.org/bcp/bcp79">BCP 79</a>.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
<a href="http://www.ietf.org/ipr">http://www.ietf.org/ipr</a>.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Acknowledgement
Funding for the RFC Editor function is currently provided by the
Internet Society.
Bradner, et al. Best Current Practice [Page 14]
</pre>
|
