tech-invite   World Map     

IETF     RFCs     Groups     SIP     ABNFs    |    3GPP     Specs     Glossaries     Architecture     IMS     UICC    |    search     info

RFC 6272

 
 
 

Internet Protocols for the Smart Grid

Part 3 of 4, p. 35 to 57
Prev RFC Part       Next RFC Part

 


prevText      Top      Up      ToC       Page 35 
4.  A Simplified View of the Business Architecture

   The Internet is a network of networks in which networks are
   interconnected in specific ways and are independently operated.  It
   is important to note that the underlying Internet architecture puts
   no restrictions on the ways that networks are interconnected;
   interconnection is a business decision.  As such, the Internet

Top      Up      ToC       Page 36 
   interconnection architecture can be thought of as a "business
   structure" for the Internet.

   Central to the Internet business structure are the networks that
   provide connectivity to other networks, called "transit networks".
   These networks sell bulk bandwidth and routing services to each other
   and to other networks as customers.  Around the periphery of the
   transit network are companies, schools, and other networks that
   provide services directly to individuals.  These might generally be
   divided into "enterprise networks" and "access networks"; enterprise
   networks provide "free" connectivity to their own employees or
   members, and also provide them a set of services including electronic
   mail, web services, and so on.  Access networks sell broadband
   connectivity (DSL, Cable Modem, 802.11 wireless, or 3GPP wireless) or
   "dial" services (including PSTN dial-up and ISDN) to subscribers.
   The subscribers are typically either residential or small office/home
   office (SOHO) customers.  Residential customers are generally
   entirely dependent on their access provider for all services, while a
   SOHO buys some services from the access provider and may provide
   others for itself.  Networks that sell transit services to nobody
   else -- SOHO, residential, and enterprise networks -- are generally
   refereed to as "edge networks"; transit networks are considered to be
   part of the "core" of the Internet, and access networks are between
   the two.  This general structure is depicted in Figure 3.

                            ------                  ------
                           /      \                /      \
                 /--\     /        \              /        \
                |SOHO|---+  Access  |            |Enterprise|
                 \--/    |  Service |            | Network  |
                 /--\    |  Provider|            |          |
                |Home|---+          |   ------   |          |
                 \--/     \        +---+      +---+        /
                           \      /   /        \   \      /
                            ------   | Transit  |   ------
                                     | Service  |
                                     | Provider |
                                     |          |
                                      \        /
                                       \      /
                                        ------

             Figure 3: Conceptual Model of Internet Businesses

Top      Up      ToC       Page 37 
   A specific example is shown in a traceroute from a home to a nearby
   school.  Internet connectivity in Figure 4 passes through

   o  the home network,

   o  Cox Communications, an access network using Cable Modem
      technology,

   o  TransitRail, a commodity peering service for research and
      education (R&E) networks,

   o  Corporation for Education Network Initiatives in California
      (CENIC), a transit provider for educational networks, and

   o  the University of California at Santa Barbara, which in this
      context might be viewed as an access network for its students and
      faculty or as an enterprise network.

     <stealth-10-32-244-218:> fred% traceroute www.ucsb.edu
     traceroute to web.ucsb.edu (128.111.24.41),
             64 hops max, 40 byte packets
      1  fred-vpn (10.32.244.217)  1.560 ms  1.108 ms  1.133 ms
      2  wsip-98-173-193-1.sb.sd.cox.net (98.173.193.1)  12.540 ms  ...
      3  68.6.13.101 ...
      4  68.6.13.129 ...
      5  langbbr01-as0.r2.la.cox.net ...
      6  calren46-cust.lsanca01.transitrail.net ...
      7  dc-lax-core1--lax-peer1-ge.cenic.net ...
      8  dc-lax-agg1--lax-core1-ge.cenic.net ...
      9  dc-ucsb--dc-lax-dc2.cenic.net ...
     10  r2--r1--1.commserv.ucsb.edu ...
     11  574-c--r2--2.commserv.ucsb.edu ...
     12  * * *

       Figure 4: Traceroute from Residential Customer to Educational
                                Institution

   Another specific example could be shown in a traceroute from the home
   through a Virtual Private Network (VPN tunnel) from the home,
   crossing Cox Cable (an access network) and Pacific Bell (a transit
   network), and terminating in Cisco Systems (an enterprise network); a
   traceroute of the path doesn't show that as it is invisible within
   the VPN and the contents of the VPN are invisible, due to encryption,
   to the networks on the path.  Instead, the traceroute in Figure 5 is
   entirely within Cisco's internal network.

Top      Up      ToC       Page 38 
         <stealth-10-32-244-218:~> fred% traceroute irp-view13
         traceroute to irp-view13.cisco.com (171.70.120.60),
                 64 hops max, 40 byte packets
          1  fred-vpn (10.32.244.217)  2.560 ms  1.100 ms  1.198 ms
                    <tunneled path through Cox and Pacific Bell>
          2  ****
          3  sjc24-00a-gw2-ge2-2 (10.34.251.137)  26.298 ms...
          4  sjc23-a5-gw2-g2-1 (10.34.250.78)  25.214 ms  ...
          5  sjc20-a5-gw1 (10.32.136.21)  23.205 ms  ...
          6  sjc12-abb4-gw1-t2-7 (10.32.0.189)  46.028 ms  ...
          7  sjc5-sbb4-gw1-ten8-2 (171.*.*.*)  26.700 ms  ...
          8  sjc12-dc5-gw2-ten3-1 ...
          9  sjc5-dc4-gw1-ten8-1 ...
         10  irp-view13 ...

                      Figure 5: Traceroute across VPN

   Note that in both cases, the home network uses private address space
   [RFC1918] while other networks generally use public address space,
   and that three middleware technologies are in use here.  These are
   the uses of a firewall, a Network Address Translator (NAT), and a
   Virtual Private Network (VPN).

   Firewalls are generally sold as and considered by many to be a
   security technology.  This is based on the fact that a firewall
   imposes a border between two administrative domains.  Typically, a
   firewall will be deployed between a residential, SOHO, or enterprise
   network and its access or transit provider.  In its essence, a
   firewall is a data diode, imposing a policy on what sessions may pass
   between a protected domain and the rest of the Internet.  Simple
   policies generally permit sessions to be originated from the
   protected network but not from the outside; more complex policies may
   permit additional sessions from the outside, such as electronic mail
   to a mail server or a web session to a web server, and may prevent
   certain applications from global access even though they are
   originated from the inside.

   Note that the effectiveness of firewalls remains controversial.
   While network managers often insist on deploying firewalls as they
   impose a boundary, others point out that their value as a security
   solution is debatable.  This is because most attacks come from behind
   the firewall.  In addition, firewalls do not protect against
   application layer attacks such as viruses carried in email.  Thus, as
   a security solution, firewalls are justified as a layer in defense in
   depth.  That is, while an end system must in the end be responsible
   for its own security, a firewall can inhibit or prevent certain kinds
   of attacks, for example the consumption of CPU time on a critical
   server.

Top      Up      ToC       Page 39 
   Key documents describing firewall technology and the issues it poses
   include:

   o  IP Multicast and Firewalls [RFC2588]

   o  Benchmarking Terminology for Firewall Performance [RFC2647]

   o  Behavior of and Requirements for Internet Firewalls [RFC2979]

   o  Benchmarking Methodology for Firewall Performance [RFC3511]

   o  Mobile IPv6 and Firewalls: Problem Statement [RFC4487]

   o  NAT and Firewall Traversal Issues of Host Identity Protocol
      Communication [RFC5207]

   Network Address Translation is a technology that was developed in
   response to ISP behaviors in the mid-1990's; when [RFC1918] was
   published, many ISPs started handing out single or small numbers of
   addresses, and edge networks were forced to translate.  In time, this
   became considered a good thing, or at least not a bad thing; it
   amplified the public address space, and it was sold as if it were a
   firewall.  It of course is not; while traditional dynamic NATs only
   translate between internal and external session address/port tuples
   during the detected duration of the session, that session state may
   exist in the network much longer than it exists on the end system,
   and as a result constitutes an attack vector.  The design, value, and
   limitations of network address translation are described in:

   o  IP Network Address Translator Terminology and Considerations
      [RFC2663]

   o  Traditional IP Network Address Translator [RFC3022]

   o  Protocol Complications with the IP Network Address Translator
      [RFC3027]

   o  Network Address Translator Friendly Application Design Guidelines
      [RFC3235]

   o  IAB Considerations for Network Address Translation [RFC3424]

   o  IPsec-Network Address Translation Compatibility Requirements
      [RFC3715]

   o  Network Address Translation Behavioral Requirements for Unicast
      UDP [RFC4787]

Top      Up      ToC       Page 40 
   o  State of Peer-to-Peer Communication across Network Address
      Translators [RFC5128]

   o  IP Multicast Requirements for a Network Address Translator and a
      Network Address Port Translator [RFC5135]

   Virtual Private Networks come in many forms; what they have in common
   is that they are generally tunneled over the Internet backbone, so
   that as in Figure 5, connectivity appears to be entirely within the
   edge network although it is in fact across a service provider's
   network.  Examples include IPsec tunnel-mode encrypted tunnels, IP-
   in-IP or GRE tunnels, and MPLS LSPs [RFC3031][RFC3032].

5.  Security Considerations

   Security is addressed in some detail in Section 2.2 and Section 3.1.

6.  Acknowledgements

   Review comments were made by Adrian Farrel, Andrew Yourtchenko, Ashok
   Narayanan, Bernie Volz, Chris Lonvick, Dan Romascanu, Dave McGrew,
   Dave Oran, David Harrington, David Su, Don Sturek, Francis Cleveland,
   Hemant Singh, James Polk, Jari Arkko, John Meylor, Joseph Salowey,
   Julien Abeille, Kerry Lynn, Lars Eggert, Magnus Westerlund, Murtaza
   Chiba, Paul Duffy, Paul Hoffman, Peter Saint-Andre, Ralph Droms,
   Robert Sparks, Russ White, Sean Turner, Sheila Frankel, Stephen
   Farrell, Tim Polk, Toerless Eckert, Tom Herbst, Vint Cerf, and
   Yoshihiro Ohba.  Several of the individuals suggested text, which was
   very useful, as the authors don't claim to know half as much as their
   reviewers collectively do.

7.  References

7.1.  Normative References

   [RFC1122]        Braden, R., "Requirements for Internet Hosts -
                    Communication Layers", STD 3, RFC 1122,
                    October 1989.

   [RFC1123]        Braden, R., "Requirements for Internet Hosts -
                    Application and Support", STD 3, RFC 1123,
                    October 1989.

   [RFC1812]        Baker, F., "Requirements for IP Version 4 Routers",
                    RFC 1812, June 1995.

   [RFC4294]        Loughney, J., "IPv6 Node Requirements", RFC 4294,
                    April 2006.

Top      Up      ToC       Page 41 
7.2.  Informative References

   [6LOWPAN-HC]     Hui, J. and P. Thubert, "Compression Format for IPv6
                    Datagrams in Low Power and Lossy Networks
                    (6LoWPAN)", Work in Progress, February 2011.

   [ABFAB-ARCH]     Howlett, J., Hartman, S., Tschofenig, H., and E.
                    Lear, "Application Bridging for Federated Access
                    Beyond Web (ABFAB) Architecture", Work in Progress,
                    March 2011.

   [AES-CCM-ECC]    McGrew, D., Bailey, D., Campagna, M., and R. Dugal,
                    "AES-CCM ECC Cipher Suites for TLS", Work
                    in Progress, January 2011.

   [COAP]           Shelby, Z., Hartke, K., Bormann, C., and B. Frank,
                    "Constrained Application Protocol (CoAP)", Work
                    in Progress, March 2011.

   [DIME-BASE]      Fajardo, V., Ed., Arkko, J., Loughney, J., and G.
                    Zorn, "Diameter Base Protocol", Work in Progress,
                    January 2011.

   [DNS-SD]         Cheshire, S. and M. Krochmal, "DNS-Based Service
                    Discovery", Work in Progress, February 2011.

   [DTLS]           Rescorla, E. and N. Modadugu, "Datagram Transport
                    Layer Security version 1.2", Work in Progress,
                    March 2011.

   [DYMO]           Chakeres, I. and C. Perkins, "Dynamic MANET On-
                    demand (DYMO) Routing", Work in Progress, July 2010.

   [IEC61850]       Wikipedia, "Wikipedia Article: IEC 61850",
                    June 2011, <http://en.wikipedia.org/w/
                    index.php?title=IEC_61850&oldid=433437827>.

   [IEC62351-3]     International Electrotechnical Commission Technical
                    Committee 57, "POWER SYSTEMS MANAGEMENT AND
                    ASSOCIATED INFORMATION EXCHANGE. DATA AND
                    COMMUNICATIONS SECURITY -- Part 3: Communication
                    network and system security Profiles including
                    TCP/IP", May 2007.

   [IEEE802.1X]     Institute of Electrical and Electronics Engineers,
                    "IEEE Standard for Local and Metropolitan Area
                    Networks - Port based Network Access Control",
                    IEEE Standard 802.1X-2010, February 2010.

Top      Up      ToC       Page 42 
   [IP-SEC]         Gont, F., "Security Assessment of the Internet
                    Protocol Version 4", Work in Progress, April 2011.

   [IPv6-NODE-REQ]  Jankiewicz, E., Loughney, J., and T. Narten, "IPv6
                    Node Requirements", Work in Progress, May 2011.

   [MULTICAST-DNS]  Cheshire, S. and M. Krochmal, "Multicast DNS", Work
                    in Progress, February 2011.

   [Model]          SGIP, "Smart Grid Architecture Committee: Conceptual
                    Model White Paper http://collaborate.nist.gov/
                    twiki-sggrid/pub/SmartGrid/
                    SGIPConceptualModelDevelopmentSGAC/
                    Smart_Grid_Conceptual_Model_20100420.doc".

   [OAUTHv2]        Hammer-Lahav, E., Recordon, D., and D. Hardt, "The
                    OAuth 2.0 Authorization Protocol", Work in Progress,
                    May 2011.

   [RESTFUL]        Fielding, "Architectural Styles and the Design of
                    Network-based Software Architectures", 2000.

   [RFC0768]        Postel, J., "User Datagram Protocol", STD 6,
                    RFC 768, August 1980.

   [RFC0791]        Postel, J., "Internet Protocol", STD 5, RFC 791,
                    September 1981.

   [RFC0792]        Postel, J., "Internet Control Message Protocol",
                    STD 5, RFC 792, September 1981.

   [RFC0793]        Postel, J., "Transmission Control Protocol", STD 7,
                    RFC 793, September 1981.

   [RFC0826]        Plummer, D., "Ethernet Address Resolution Protocol:
                    Or converting network protocol addresses to 48.bit
                    Ethernet address for transmission on Ethernet
                    hardware", STD 37, RFC 826, November 1982.

   [RFC0894]        Hornig, C., "Standard for the transmission of IP
                    datagrams over Ethernet networks", STD 41, RFC 894,
                    April 1984.

   [RFC1006]        Rose, M. and D. Cass, "ISO transport services on top
                    of the TCP: Version 3", STD 35, RFC 1006, May 1987.

   [RFC1034]        Mockapetris, P., "Domain names - concepts and
                    facilities", STD 13, RFC 1034, November 1987.

Top      Up      ToC       Page 43 
   [RFC1035]        Mockapetris, P., "Domain names - implementation and
                    specification", STD 13, RFC 1035, November 1987.

   [RFC1058]        Hedrick, C., "Routing Information Protocol",
                    RFC 1058, June 1988.

   [RFC1112]        Deering, S., "Host extensions for IP multicasting",
                    STD 5, RFC 1112, August 1989.

   [RFC1195]        Callon, R., "Use of OSI IS-IS for routing in TCP/IP
                    and dual environments", RFC 1195, December 1990.

   [RFC1332]        McGregor, G., "The PPP Internet Protocol Control
                    Protocol (IPCP)", RFC 1332, May 1992.

   [RFC1661]        Simpson, W., "The Point-to-Point Protocol (PPP)",
                    STD 51, RFC 1661, July 1994.

   [RFC1918]        Rekhter, Y., Moskowitz, R., Karrenberg, D., Groot,
                    G., and E. Lear, "Address Allocation for Private
                    Internets", BCP 5, RFC 1918, February 1996.

   [RFC1964]        Linn, J., "The Kerberos Version 5 GSS-API
                    Mechanism", RFC 1964, June 1996.

   [RFC2080]        Malkin, G. and R. Minnear, "RIPng for IPv6",
                    RFC 2080, January 1997.

   [RFC2126]        Pouffary, Y. and A. Young, "ISO Transport Service on
                    top of TCP (ITOT)", RFC 2126, March 1997.

   [RFC2131]        Droms, R., "Dynamic Host Configuration Protocol",
                    RFC 2131, March 1997.

   [RFC2136]        Vixie, P., Thomson, S., Rekhter, Y., and J. Bound,
                    "Dynamic Updates in the Domain Name System (DNS
                    UPDATE)", RFC 2136, April 1997.

   [RFC2328]        Moy, J., "OSPF Version 2", STD 54, RFC 2328,
                    April 1998.

   [RFC2357]        Mankin, A., Romanov, A., Bradner, S., and V. Paxson,
                    "IETF Criteria for Evaluating Reliable Multicast
                    Transport and Application Protocols", RFC 2357,
                    June 1998.

   [RFC2453]        Malkin, G., "RIP Version 2", STD 56, RFC 2453,
                    November 1998.

Top      Up      ToC       Page 44 
   [RFC2460]        Deering, S. and R. Hinden, "Internet Protocol,
                    Version 6 (IPv6) Specification", RFC 2460,
                    December 1998.

   [RFC2464]        Crawford, M., "Transmission of IPv6 Packets over
                    Ethernet Networks", RFC 2464, December 1998.

   [RFC2474]        Nichols, K., Blake, S., Baker, F., and D. Black,
                    "Definition of the Differentiated Services Field (DS
                    Field) in the IPv4 and IPv6 Headers", RFC 2474,
                    December 1998.

   [RFC2475]        Blake, S., Black, D., Carlson, M., Davies, E., Wang,
                    Z., and W. Weiss, "An Architecture for
                    Differentiated Services", RFC 2475, December 1998.

   [RFC2516]        Mamakos, L., Lidl, K., Evarts, J., Carrel, D.,
                    Simone, D., and R. Wheeler, "A Method for
                    Transmitting PPP Over Ethernet (PPPoE)", RFC 2516,
                    February 1999.

   [RFC2545]        Marques, P. and F. Dupont, "Use of BGP-4
                    Multiprotocol Extensions for IPv6 Inter-Domain
                    Routing", RFC 2545, March 1999.

   [RFC2560]        Myers, M., Ankney, R., Malpani, A., Galperin, S.,
                    and C. Adams, "X.509 Internet Public Key
                    Infrastructure Online Certificate Status Protocol -
                    OCSP", RFC 2560, June 1999.

   [RFC2588]        Finlayson, R., "IP Multicast and Firewalls",
                    RFC 2588, May 1999.

   [RFC2608]        Guttman, E., Perkins, C., Veizades, J., and M. Day,
                    "Service Location Protocol, Version 2", RFC 2608,
                    June 1999.

   [RFC2615]        Malis, A. and W. Simpson, "PPP over SONET/SDH",
                    RFC 2615, June 1999.

   [RFC2616]        Fielding, R., Gettys, J., Mogul, J., Frystyk, H.,
                    Masinter, L., Leach, P., and T. Berners-Lee,
                    "Hypertext Transfer Protocol -- HTTP/1.1", RFC 2616,
                    June 1999.

   [RFC2647]        Newman, D., "Benchmarking Terminology for Firewall
                    Performance", RFC 2647, August 1999.

Top      Up      ToC       Page 45 
   [RFC2663]        Srisuresh, P. and M. Holdrege, "IP Network Address
                    Translator (NAT) Terminology and Considerations",
                    RFC 2663, August 1999.

   [RFC2710]        Deering, S., Fenner, W., and B. Haberman, "Multicast
                    Listener Discovery (MLD) for IPv6", RFC 2710,
                    October 1999.

   [RFC2743]        Linn, J., "Generic Security Service Application
                    Program Interface Version 2, Update 1", RFC 2743,
                    January 2000.

   [RFC2784]        Farinacci, D., Li, T., Hanks, S., Meyer, D., and P.
                    Traina, "Generic Routing Encapsulation (GRE)",
                    RFC 2784, March 2000.

   [RFC2865]        Rigney, C., Willens, S., Rubens, A., and W. Simpson,
                    "Remote Authentication Dial In User Service
                    (RADIUS)", RFC 2865, June 2000.

   [RFC2979]        Freed, N., "Behavior of and Requirements for
                    Internet Firewalls", RFC 2979, October 2000.

   [RFC2993]        Hain, T., "Architectural Implications of NAT",
                    RFC 2993, November 2000.

   [RFC3007]        Wellington, B., "Secure Domain Name System (DNS)
                    Dynamic Update", RFC 3007, November 2000.

   [RFC3022]        Srisuresh, P. and K. Egevang, "Traditional IP
                    Network Address Translator (Traditional NAT)",
                    RFC 3022, January 2001.

   [RFC3027]        Holdrege, M. and P. Srisuresh, "Protocol
                    Complications with the IP Network Address
                    Translator", RFC 3027, January 2001.

   [RFC3031]        Rosen, E., Viswanathan, A., and R. Callon,
                    "Multiprotocol Label Switching Architecture",
                    RFC 3031, January 2001.

   [RFC3032]        Rosen, E., Tappan, D., Fedorkow, G., Rekhter, Y.,
                    Farinacci, D., Li, T., and A. Conta, "MPLS Label
                    Stack Encoding", RFC 3032, January 2001.

   [RFC3168]        Ramakrishnan, K., Floyd, S., and D. Black, "The
                    Addition of Explicit Congestion Notification (ECN)
                    to IP", RFC 3168, September 2001.

Top      Up      ToC       Page 46 
   [RFC3235]        Senie, D., "Network Address Translator (NAT)-
                    Friendly Application Design Guidelines", RFC 3235,
                    January 2002.

   [RFC3261]        Rosenberg, J., Schulzrinne, H., Camarillo, G.,
                    Johnston, A., Peterson, J., Sparks, R., Handley, M.,
                    and E. Schooler, "SIP: Session Initiation Protocol",
                    RFC 3261, June 2002.

   [RFC3265]        Roach, A., "Session Initiation Protocol (SIP)-
                    Specific Event Notification", RFC 3265, June 2002.

   [RFC3275]        Eastlake, D., Reagle, J., and D. Solo, "(Extensible
                    Markup Language) XML-Signature Syntax and
                    Processing", RFC 3275, March 2002.

   [RFC3315]        Droms, R., Bound, J., Volz, B., Lemon, T., Perkins,
                    C., and M. Carney, "Dynamic Host Configuration
                    Protocol for IPv6 (DHCPv6)", RFC 3315, July 2003.

   [RFC3376]        Cain, B., Deering, S., Kouvelas, I., Fenner, B., and
                    A. Thyagarajan, "Internet Group Management Protocol,
                    Version 3", RFC 3376, October 2002.

   [RFC3411]        Harrington, D., Presuhn, R., and B. Wijnen, "An
                    Architecture for Describing Simple Network
                    Management Protocol (SNMP) Management Frameworks",
                    STD 62, RFC 3411, December 2002.

   [RFC3412]        Case, J., Harrington, D., Presuhn, R., and B.
                    Wijnen, "Message Processing and Dispatching for the
                    Simple Network Management Protocol (SNMP)", STD 62,
                    RFC 3412, December 2002.

   [RFC3413]        Levi, D., Meyer, P., and B. Stewart, "Simple Network
                    Management Protocol (SNMP) Applications", STD 62,
                    RFC 3413, December 2002.

   [RFC3414]        Blumenthal, U. and B. Wijnen, "User-based Security
                    Model (USM) for version 3 of the Simple Network
                    Management Protocol (SNMPv3)", STD 62, RFC 3414,
                    December 2002.

   [RFC3415]        Wijnen, B., Presuhn, R., and K. McCloghrie, "View-
                    based Access Control Model (VACM) for the Simple
                    Network Management Protocol (SNMP)", STD 62,
                    RFC 3415, December 2002.

Top      Up      ToC       Page 47 
   [RFC3416]        Presuhn, R., "Version 2 of the Protocol Operations
                    for the Simple Network Management Protocol (SNMP)",
                    STD 62, RFC 3416, December 2002.

   [RFC3417]        Presuhn, R., "Transport Mappings for the Simple
                    Network Management Protocol (SNMP)", STD 62,
                    RFC 3417, December 2002.

   [RFC3418]        Presuhn, R., "Management Information Base (MIB) for
                    the Simple Network Management Protocol (SNMP)",
                    STD 62, RFC 3418, December 2002.

   [RFC3424]        Daigle, L. and IAB, "IAB Considerations for
                    UNilateral Self-Address Fixing (UNSAF) Across
                    Network Address Translation", RFC 3424,
                    November 2002.

   [RFC3436]        Jungmaier, A., Rescorla, E., and M. Tuexen,
                    "Transport Layer Security over Stream Control
                    Transmission Protocol", RFC 3436, December 2002.

   [RFC3453]        Luby, M., Vicisano, L., Gemmell, J., Rizzo, L.,
                    Handley, M., and J. Crowcroft, "The Use of Forward
                    Error Correction (FEC) in Reliable Multicast",
                    RFC 3453, December 2002.

   [RFC3511]        Hickman, B., Newman, D., Tadjudin, S., and T.
                    Martin, "Benchmarking Methodology for Firewall
                    Performance", RFC 3511, April 2003.

   [RFC3550]        Schulzrinne, H., Casner, S., Frederick, R., and V.
                    Jacobson, "RTP: A Transport Protocol for Real-Time
                    Applications", STD 64, RFC 3550, July 2003.

   [RFC3552]        Rescorla, E. and B. Korver, "Guidelines for Writing
                    RFC Text on Security Considerations", BCP 72,
                    RFC 3552, July 2003.

   [RFC3561]        Perkins, C., Belding-Royer, E., and S. Das, "Ad hoc
                    On-Demand Distance Vector (AODV) Routing", RFC 3561,
                    July 2003.

   [RFC3569]        Bhattacharyya, S., "An Overview of Source-Specific
                    Multicast (SSM)", RFC 3569, July 2003.

   [RFC3588]        Calhoun, P., Loughney, J., Guttman, E., Zorn, G.,
                    and J. Arkko, "Diameter Base Protocol", RFC 3588,
                    September 2003.

Top      Up      ToC       Page 48 
   [RFC3590]        Haberman, B., "Source Address Selection for the
                    Multicast Listener Discovery (MLD) Protocol",
                    RFC 3590, September 2003.

   [RFC3626]        Clausen, T. and P. Jacquet, "Optimized Link State
                    Routing Protocol (OLSR)", RFC 3626, October 2003.

   [RFC3629]        Yergeau, F., "UTF-8, a transformation format of ISO
                    10646", STD 63, RFC 3629, November 2003.

   [RFC3715]        Aboba, B. and W. Dixon, "IPsec-Network Address
                    Translation (NAT) Compatibility Requirements",
                    RFC 3715, March 2004.

   [RFC3810]        Vida, R. and L. Costa, "Multicast Listener Discovery
                    Version 2 (MLDv2) for IPv6", RFC 3810, June 2004.

   [RFC3828]        Larzon, L-A., Degermark, M., Pink, S., Jonsson,
                    L-E., and G. Fairhurst, "The Lightweight User
                    Datagram Protocol (UDP-Lite)", RFC 3828, July 2004.

   [RFC3853]        Peterson, J., "S/MIME Advanced Encryption Standard
                    (AES) Requirement for the Session Initiation
                    Protocol (SIP)", RFC 3853, July 2004.

   [RFC3923]        Saint-Andre, P., "End-to-End Signing and Object
                    Encryption for the Extensible Messaging and Presence
                    Protocol (XMPP)", RFC 3923, October 2004.

   [RFC3971]        Arkko, J., Kempf, J., Zill, B., and P. Nikander,
                    "SEcure Neighbor Discovery (SEND)", RFC 3971,
                    March 2005.

   [RFC3973]        Adams, A., Nicholas, J., and W. Siadak, "Protocol
                    Independent Multicast - Dense Mode (PIM-DM):
                    Protocol Specification (Revised)", RFC 3973,
                    January 2005.

   [RFC4017]        Stanley, D., Walker, J., and B. Aboba, "Extensible
                    Authentication Protocol (EAP) Method Requirements
                    for Wireless LANs", RFC 4017, March 2005.

   [RFC4033]        Arends, R., Austein, R., Larson, M., Massey, D., and
                    S. Rose, "DNS Security Introduction and
                    Requirements", RFC 4033, March 2005.

Top      Up      ToC       Page 49 
   [RFC4034]        Arends, R., Austein, R., Larson, M., Massey, D., and
                    S. Rose, "Resource Records for the DNS Security
                    Extensions", RFC 4034, March 2005.

   [RFC4035]        Arends, R., Austein, R., Larson, M., Massey, D., and
                    S. Rose, "Protocol Modifications for the DNS
                    Security Extensions", RFC 4035, March 2005.

   [RFC4108]        Housley, R., "Using Cryptographic Message Syntax
                    (CMS) to Protect Firmware Packages", RFC 4108,
                    August 2005.

   [RFC4120]        Neuman, C., Yu, T., Hartman, S., and K. Raeburn,
                    "The Kerberos Network Authentication Service (V5)",
                    RFC 4120, July 2005.

   [RFC4121]        Zhu, L., Jaganathan, K., and S. Hartman, "The
                    Kerberos Version 5 Generic Security Service
                    Application Program Interface (GSS-API) Mechanism:
                    Version 2", RFC 4121, July 2005.

   [RFC4210]        Adams, C., Farrell, S., Kause, T., and T. Mononen,
                    "Internet X.509 Public Key Infrastructure
                    Certificate Management Protocol (CMP)", RFC 4210,
                    September 2005.

   [RFC4213]        Nordmark, E. and R. Gilligan, "Basic Transition
                    Mechanisms for IPv6 Hosts and Routers", RFC 4213,
                    October 2005.

   [RFC4253]        Ylonen, T. and C. Lonvick, "The Secure Shell (SSH)
                    Transport Layer Protocol", RFC 4253, January 2006.

   [RFC4271]        Rekhter, Y., Li, T., and S. Hares, "A Border Gateway
                    Protocol 4 (BGP-4)", RFC 4271, January 2006.

   [RFC4291]        Hinden, R. and S. Deering, "IP Version 6 Addressing
                    Architecture", RFC 4291, February 2006.

   [RFC4301]        Kent, S. and K. Seo, "Security Architecture for the
                    Internet Protocol", RFC 4301, December 2005.

   [RFC4302]        Kent, S., "IP Authentication Header", RFC 4302,
                    December 2005.

   [RFC4303]        Kent, S., "IP Encapsulating Security Payload (ESP)",
                    RFC 4303, December 2005.

Top      Up      ToC       Page 50 
   [RFC4307]        Schiller, J., "Cryptographic Algorithms for Use in
                    the Internet Key Exchange Version 2 (IKEv2)",
                    RFC 4307, December 2005.

   [RFC4320]        Sparks, R., "Actions Addressing Identified Issues
                    with the Session Initiation Protocol's (SIP) Non-
                    INVITE Transaction", RFC 4320, January 2006.

   [RFC4340]        Kohler, E., Handley, M., and S. Floyd, "Datagram
                    Congestion Control Protocol (DCCP)", RFC 4340,
                    March 2006.

   [RFC4347]        Rescorla, E. and N. Modadugu, "Datagram Transport
                    Layer Security", RFC 4347, April 2006.

   [RFC4364]        Rosen, E. and Y. Rekhter, "BGP/MPLS IP Virtual
                    Private Networks (VPNs)", RFC 4364, February 2006.

   [RFC4410]        Pullen, M., Zhao, F., and D. Cohen, "Selectively
                    Reliable Multicast Protocol (SRMP)", RFC 4410,
                    February 2006.

   [RFC4422]        Melnikov, A. and K. Zeilenga, "Simple Authentication
                    and Security Layer (SASL)", RFC 4422, June 2006.

   [RFC4443]        Conta, A., Deering, S., and M. Gupta, "Internet
                    Control Message Protocol (ICMPv6) for the Internet
                    Protocol Version 6 (IPv6) Specification", RFC 4443,
                    March 2006.

   [RFC4487]        Le, F., Faccin, S., Patil, B., and H. Tschofenig,
                    "Mobile IPv6 and Firewalls: Problem Statement",
                    RFC 4487, May 2006.

   [RFC4492]        Blake-Wilson, S., Bolyard, N., Gupta, V., Hawk, C.,
                    and B. Moeller, "Elliptic Curve Cryptography (ECC)
                    Cipher Suites for Transport Layer Security (TLS)",
                    RFC 4492, May 2006.

   [RFC4556]        Zhu, L. and B. Tung, "Public Key Cryptography for
                    Initial Authentication in Kerberos (PKINIT)",
                    RFC 4556, June 2006.

   [RFC4566]        Handley, M., Jacobson, V., and C. Perkins, "SDP:
                    Session Description Protocol", RFC 4566, July 2006.

Top      Up      ToC       Page 51 
   [RFC4594]        Babiarz, J., Chan, K., and F. Baker, "Configuration
                    Guidelines for DiffServ Service Classes", RFC 4594,
                    August 2006.

   [RFC4601]        Fenner, B., Handley, M., Holbrook, H., and I.
                    Kouvelas, "Protocol Independent Multicast - Sparse
                    Mode (PIM-SM): Protocol Specification (Revised)",
                    RFC 4601, August 2006.

   [RFC4604]        Holbrook, H., Cain, B., and B. Haberman, "Using
                    Internet Group Management Protocol Version 3
                    (IGMPv3) and Multicast Listener Discovery Protocol
                    Version 2 (MLDv2) for Source-Specific Multicast",
                    RFC 4604, August 2006.

   [RFC4607]        Holbrook, H. and B. Cain, "Source-Specific Multicast
                    for IP", RFC 4607, August 2006.

   [RFC4608]        Meyer, D., Rockell, R., and G. Shepherd, "Source-
                    Specific Protocol Independent Multicast in 232/8",
                    BCP 120, RFC 4608, August 2006.

   [RFC4614]        Duke, M., Braden, R., Eddy, W., and E. Blanton, "A
                    Roadmap for Transmission Control Protocol (TCP)
                    Specification Documents", RFC 4614, September 2006.

   [RFC4741]        Enns, R., "NETCONF Configuration Protocol",
                    RFC 4741, December 2006.

   [RFC4742]        Wasserman, M. and T. Goddard, "Using the NETCONF
                    Configuration Protocol over Secure SHell (SSH)",
                    RFC 4742, December 2006.

   [RFC4743]        Goddard, T., "Using NETCONF over the Simple Object
                    Access Protocol (SOAP)", RFC 4743, December 2006.

   [RFC4744]        Lear, E. and K. Crozier, "Using the NETCONF Protocol
                    over the Blocks Extensible Exchange Protocol
                    (BEEP)", RFC 4744, December 2006.

   [RFC4760]        Bates, T., Chandra, R., Katz, D., and Y. Rekhter,
                    "Multiprotocol Extensions for BGP-4", RFC 4760,
                    January 2007.

   [RFC4787]        Audet, F. and C. Jennings, "Network Address
                    Translation (NAT) Behavioral Requirements for
                    Unicast UDP", BCP 127, RFC 4787, January 2007.

Top      Up      ToC       Page 52 
   [RFC4835]        Manral, V., "Cryptographic Algorithm Implementation
                    Requirements for Encapsulating Security Payload
                    (ESP) and Authentication Header (AH)", RFC 4835,
                    April 2007.

   [RFC4854]        Saint-Andre, P., "A Uniform Resource Name (URN)
                    Namespace for Extensions to the Extensible Messaging
                     and Presence Protocol (XMPP)", RFC 4854,
                    April 2007.

   [RFC4861]        Narten, T., Nordmark, E., Simpson, W., and H.
                    Soliman, "Neighbor Discovery for IP version 6
                    (IPv6)", RFC 4861, September 2007.

   [RFC4862]        Thomson, S., Narten, T., and T. Jinmei, "IPv6
                    Stateless Address Autoconfiguration", RFC 4862,
                    September 2007.

   [RFC4916]        Elwell, J., "Connected Identity in the Session
                    Initiation Protocol (SIP)", RFC 4916, June 2007.

   [RFC4919]        Kushalnagar, N., Montenegro, G., and C. Schumacher,
                    "IPv6 over Low-Power Wireless Personal Area Networks
                    (6LoWPANs): Overview, Assumptions, Problem
                    Statement, and Goals", RFC 4919, August 2007.

   [RFC4941]        Narten, T., Draves, R., and S. Krishnan, "Privacy
                    Extensions for Stateless Address Autoconfiguration
                    in IPv6", RFC 4941, September 2007.

   [RFC4944]        Montenegro, G., Kushalnagar, N., Hui, J., and D.
                    Culler, "Transmission of IPv6 Packets over IEEE
                    802.15.4 Networks", RFC 4944, September 2007.

   [RFC4960]        Stewart, R., "Stream Control Transmission Protocol",
                    RFC 4960, September 2007.

   [RFC4987]        Eddy, W., "TCP SYN Flooding Attacks and Common
                    Mitigations", RFC 4987, August 2007.

   [RFC5023]        Gregorio, J. and B. de hOra, "The Atom Publishing
                    Protocol", RFC 5023, October 2007.

   [RFC5061]        Stewart, R., Xie, Q., Tuexen, M., Maruyama, S., and
                    M. Kozuka, "Stream Control Transmission Protocol
                    (SCTP) Dynamic Address Reconfiguration", RFC 5061,
                    September 2007.

Top      Up      ToC       Page 53 
   [RFC5072]        Varada, S., Ed., Haskins, D., and E. Allen, "IP
                    Version 6 over PPP", RFC 5072, September 2007.

   [RFC5122]        Saint-Andre, P., "Internationalized Resource
                    Identifiers (IRIs) and Uniform Resource Identifiers
                    (URIs) for the Extensible Messaging and Presence
                    Protocol (XMPP)", RFC 5122, February 2008.

   [RFC5128]        Srisuresh, P., Ford, B., and D. Kegel, "State of
                    Peer-to-Peer (P2P) Communication across Network
                    Address Translators (NATs)", RFC 5128, March 2008.

   [RFC5135]        Wing, D. and T. Eckert, "IP Multicast Requirements
                    for a Network Address Translator (NAT) and a Network
                    Address Port Translator (NAPT)", BCP 135, RFC 5135,
                    February 2008.

   [RFC5191]        Forsberg, D., Ohba, Y., Patil, B., Tschofenig, H.,
                    and A. Yegin, "Protocol for Carrying Authentication
                    for Network Access (PANA)", RFC 5191, May 2008.

   [RFC5207]        Stiemerling, M., Quittek, J., and L. Eggert, "NAT
                    and Firewall Traversal Issues of Host Identity
                    Protocol (HIP) Communication", RFC 5207, April 2008.

   [RFC5216]        Simon, D., Aboba, B., and R. Hurst, "The EAP-TLS
                    Authentication Protocol", RFC 5216, March 2008.

   [RFC5238]        Phelan, T., "Datagram Transport Layer Security
                    (DTLS) over the Datagram Congestion Control Protocol
                    (DCCP)", RFC 5238, May 2008.

   [RFC5246]        Dierks, T. and E. Rescorla, "The Transport Layer
                    Security (TLS) Protocol Version 1.2", RFC 5246,
                    August 2008.

   [RFC5272]        Schaad, J. and M. Myers, "Certificate Management
                    over CMS (CMC)", RFC 5272, June 2008.

   [RFC5277]        Chisholm, S. and H. Trevino, "NETCONF Event
                    Notifications", RFC 5277, July 2008.

   [RFC5280]        Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
                    Housley, R., and W. Polk, "Internet X.509 Public Key
                    Infrastructure Certificate and Certificate
                    Revocation List (CRL) Profile", RFC 5280, May 2008.

Top      Up      ToC       Page 54 
   [RFC5289]        Rescorla, E., "TLS Elliptic Curve Cipher Suites with
                    SHA-256/384 and AES Galois Counter Mode (GCM)",
                    RFC 5289, August 2008.

   [RFC5308]        Hopps, C., "Routing IPv6 with IS-IS", RFC 5308,
                    October 2008.

   [RFC5340]        Coltun, R., Ferguson, D., Moy, J., and A. Lindem,
                    "OSPF for IPv6", RFC 5340, July 2008.

   [RFC5393]        Sparks, R., Lawrence, S., Hawrylyshen, A., and B.
                    Campen, "Addressing an Amplification Vulnerability
                    in Session Initiation Protocol (SIP) Forking
                    Proxies", RFC 5393, December 2008.

   [RFC5405]        Eggert, L. and G. Fairhurst, "Unicast UDP Usage
                    Guidelines for Application Designers", BCP 145,
                    RFC 5405, November 2008.

   [RFC5430]        Salter, M., Rescorla, E., and R. Housley, "Suite B
                    Profile for Transport Layer Security (TLS)",
                    RFC 5430, March 2009.

   [RFC5433]        Clancy, T. and H. Tschofenig, "Extensible
                    Authentication Protocol - Generalized Pre-Shared Key
                    (EAP-GPSK) Method", RFC 5433, February 2009.

   [RFC5437]        Saint-Andre, P. and A. Melnikov, "Sieve Notification
                    Mechanism: Extensible Messaging and Presence
                    Protocol (XMPP)", RFC 5437, January 2009.

   [RFC5539]        Badra, M., "NETCONF over Transport Layer Security
                    (TLS)", RFC 5539, May 2009.

   [RFC5545]        Desruisseaux, B., "Internet Calendaring and
                    Scheduling Core Object Specification (iCalendar)",
                    RFC 5545, September 2009.

   [RFC5546]        Daboo, C., "iCalendar Transport-Independent
                    Interoperability Protocol (iTIP)", RFC 5546,
                    December 2009.

   [RFC5548]        Dohler, M., Watteyne, T., Winter, T., and D.
                    Barthel, "Routing Requirements for Urban Low-Power
                    and Lossy Networks", RFC 5548, May 2009.

   [RFC5569]        Despres, R., "IPv6 Rapid Deployment on IPv4
                    Infrastructures (6rd)", RFC 5569, January 2010.

Top      Up      ToC       Page 55 
   [RFC5621]        Camarillo, G., "Message Body Handling in the Session
                    Initiation Protocol (SIP)", RFC 5621,
                    September 2009.

   [RFC5626]        Jennings, C., Mahy, R., and F. Audet, "Managing
                    Client-Initiated Connections in the Session
                    Initiation Protocol (SIP)", RFC 5626, October 2009.

   [RFC5652]        Housley, R., "Cryptographic Message Syntax (CMS)",
                    STD 70, RFC 5652, September 2009.

   [RFC5673]        Pister, K., Thubert, P., Dwars, S., and T. Phinney,
                    "Industrial Routing Requirements in Low-Power and
                    Lossy Networks", RFC 5673, October 2009.

   [RFC5681]        Allman, M., Paxson, V., and E. Blanton, "TCP
                    Congestion Control", RFC 5681, September 2009.

   [RFC5717]        Lengyel, B. and M. Bjorklund, "Partial Lock Remote
                    Procedure Call (RPC) for NETCONF", RFC 5717,
                    December 2009.

   [RFC5740]        Adamson, B., Bormann, C., Handley, M., and J.
                    Macker, "NACK-Oriented Reliable Multicast (NORM)
                    Transport Protocol", RFC 5740, November 2009.

   [RFC5751]        Ramsdell, B. and S. Turner, "Secure/Multipurpose
                    Internet Mail Extensions (S/MIME) Version 3.2
                    Message Specification", RFC 5751, January 2010.

   [RFC5785]        Nottingham, M. and E. Hammer-Lahav, "Defining Well-
                    Known Uniform Resource Identifiers (URIs)",
                    RFC 5785, April 2010.

   [RFC5826]        Brandt, A., Buron, J., and G. Porcu, "Home
                    Automation Routing Requirements in Low-Power and
                    Lossy Networks", RFC 5826, April 2010.

   [RFC5838]        Lindem, A., Mirtorabi, S., Roy, A., Barnes, M., and
                    R. Aggarwal, "Support of Address Families in
                    OSPFv3", RFC 5838, April 2010.

   [RFC5849]        Hammer-Lahav, E., "The OAuth 1.0 Protocol",
                    RFC 5849, April 2010.

Top      Up      ToC       Page 56 
   [RFC5867]        Martocci, J., De Mil, P., Riou, N., and W.
                    Vermeylen, "Building Automation Routing Requirements
                    in Low-Power and Lossy Networks", RFC 5867,
                    June 2010.

   [RFC5905]        Mills, D., Martin, J., Burbank, J., and W. Kasch,
                    "Network Time Protocol Version 4: Protocol and
                    Algorithms Specification", RFC 5905, June 2010.

   [RFC5932]        Kato, A., Kanda, M., and S. Kanno, "Camellia Cipher
                    Suites for TLS", RFC 5932, June 2010.

   [RFC5958]        Turner, S., "Asymmetric Key Packages", RFC 5958,
                    August 2010.

   [RFC5996]        Kaufman, C., Hoffman, P., Nir, Y., and P. Eronen,
                    "Internet Key Exchange Protocol Version 2 (IKEv2)",
                    RFC 5996, September 2010.

   [RFC5998]        Eronen, P., Tschofenig, H., and Y. Sheffer, "An
                    Extension for EAP-Only Authentication in IKEv2",
                    RFC 5998, September 2010.

   [RFC6031]        Turner, S. and R. Housley, "Cryptographic Message
                    Syntax (CMS) Symmetric Key Package Content Type",
                    RFC 6031, December 2010.

   [RFC6047]        Melnikov, A., "iCalendar Message-Based
                    Interoperability Protocol (iMIP)", RFC 6047,
                    December 2010.

   [RFC6052]        Bao, C., Huitema, C., Bagnulo, M., Boucadair, M.,
                    and X. Li, "IPv6 Addressing of IPv4/IPv6
                    Translators", RFC 6052, October 2010.

   [RFC6090]        McGrew, D., Igoe, K., and M. Salter, "Fundamental
                    Elliptic Curve Cryptography Algorithms", RFC 6090,
                    February 2011.

   [RFC6120]        Saint-Andre, P., "Extensible Messaging and Presence
                    Protocol (XMPP): Core", RFC 6120, March 2011.

   [RFC6121]        Saint-Andre, P., "Extensible Messaging and Presence
                    Protocol (XMPP): Instant Messaging and Presence",
                    RFC 6121, March 2011.

   [RFC6144]        Baker, F., Li, X., Bao, C., and K. Yin, "Framework
                    for IPv4/IPv6 Translation", RFC RFC6144, April 2011.

Top      Up      ToC       Page 57 
   [RFC6145]        Li, X., Bao, C., and F. Baker, "IP/ICMP Translation
                    Algorithm", RFC 6145, April 2011.

   [RFC6146]        Bagnulo, M., Matthews, P., and I. Beijnum, "Stateful
                    NAT64: Network Address and Protocol Translation from
                    IPv6 Clients to IPv4 Servers", RFC 6146, April 2011.

   [RFC6147]        Bagnulo, M., Sullivan, A., Matthews, P., and I.
                    Beijnum, "DNS64: DNS Extensions for Network Address
                    Translation from IPv6 Clients to IPv4 Servers",
                    RFC 6147, April 2011.

   [RFC6180]        Arkko, J. and F. Baker, "Guidelines for Using IPv6
                    Transition Mechanisms during IPv6 Deployment",
                    RFC 6180, May 2011.


   [RPL]            Winter, T., Thubert, P., Brandt, A., Clausen, T.,
                    Hui, J., Kelsey, R., Levis, P., Pister, K., Struik,
                    R., and J. Vasseur, "RPL: IPv6 Routing Protocol for
                    Low power and Lossy Networks", Work in Progress,
                    March 2011.

   [SP-MULPIv3.0]   CableLabs, "DOCSIS 3.0 MAC and Upper Layer Protocols
                    Interface Specification, CM-SP-MULPIv3.0-I10-
                    090529", May 2009.

   [SmartGrid]      Wikipedia, "Wikipedia Article: Smart Grid",
                    February 2011, <http://en.wikipedia.org/w/
                    index.php?title=Smart_grid&oldid=415838933>.

   [TCP-SEC]        Gont, F., "Security Assessment of the Transmission
                    Control Protocol (TCP)", Work in Progress,
                    January 2011.

   [r1822]          Bolt Beranek and Newman Inc., "Interface Message
                    Processor -- Specifications for the interconnection
                    of a host and a IMP, Report No. 1822", January 1976.

   [xCAL]           Daboo, C., Douglass, M., and S. Lees, "xCal: The XML
                    format for iCalendar", Work in Progress, April 2011.


Next RFC Part