idnits 2.17.00 (12 Aug 2021) /tmp/idnits8153/draft-ietf-conex-destopt-12.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords -- however, there's a paragraph with a matching beginning. Boilerplate error? (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document date (January 18, 2016) is 2308 days in the past. Is this intentional? Checking references for intended status: Experimental ---------------------------------------------------------------------------- == Unused Reference: 'RFC4302' is defined on line 528, but no explicit reference was found in the text == Unused Reference: 'RFC4303' is defined on line 532, but no explicit reference was found in the text == Unused Reference: 'I-D.wagner-conex-audit' is defined on line 548, but no explicit reference was found in the text == Outdated reference: draft-ietf-conex-abstract-mech has been published as RFC 7713 ** Obsolete normative reference: RFC 2460 (Obsoleted by RFC 8200) == Outdated reference: A later version (-03) exists of draft-ietf-6man-hbh-header-handling-00 == Outdated reference: draft-ietf-conex-tcp-modifications has been published as RFC 7786 == Outdated reference: A later version (-02) exists of draft-wagner-conex-audit-01 Summary: 1 error (**), 0 flaws (~~), 9 warnings (==), 1 comment (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 ConEx Working Group S. Krishnan 3 Internet-Draft Ericsson 4 Intended status: Experimental M. Kuehlewind 5 Expires: July 21, 2016 ETH Zurich 6 B. Briscoe 7 Simula Research Laboratory 8 C. Ralli 9 Telefonica 10 January 18, 2016 12 IPv6 Destination Option for Congestion Exposure (ConEx) 13 draft-ietf-conex-destopt-12 15 Abstract 17 Congestion Exposure (ConEx) is a mechanism by which senders inform 18 the network about the congestion encountered by packets earlier in 19 the same flow. This document specifies an IPv6 destination option 20 that is capable of carrying ConEx markings in IPv6 datagrams. 22 Status of This Memo 24 This Internet-Draft is submitted in full conformance with the 25 provisions of BCP 78 and BCP 79. 27 Internet-Drafts are working documents of the Internet Engineering 28 Task Force (IETF). Note that other groups may also distribute 29 working documents as Internet-Drafts. The list of current Internet- 30 Drafts is at http://datatracker.ietf.org/drafts/current/. 32 Internet-Drafts are draft documents valid for a maximum of six months 33 and may be updated, replaced, or obsoleted by other documents at any 34 time. It is inappropriate to use Internet-Drafts as reference 35 material or to cite them other than as "work in progress." 37 This Internet-Draft will expire on July 21, 2016. 39 Copyright Notice 41 Copyright (c) 2016 IETF Trust and the persons identified as the 42 document authors. All rights reserved. 44 This document is subject to BCP 78 and the IETF Trust's Legal 45 Provisions Relating to IETF Documents 46 (http://trustee.ietf.org/license-info) in effect on the date of 47 publication of this document. Please review these documents 48 carefully, as they describe your rights and restrictions with respect 49 to this document. Code Components extracted from this document must 50 include Simplified BSD License text as described in Section 4.e of 51 the Trust Legal Provisions and are provided without warranty as 52 described in the Simplified BSD License. 54 Table of Contents 56 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 57 2. Conventions used in this document . . . . . . . . . . . . . . 3 58 3. Requirements for the coding of ConEx in IPv6 . . . . . . . . 3 59 4. ConEx Destination Option (CDO) . . . . . . . . . . . . . . . 4 60 5. Implementation in the fast path of ConEx-aware routers . . . 7 61 6. Tunnel Processing . . . . . . . . . . . . . . . . . . . . . . 8 62 7. Compatibility with use of IPsec . . . . . . . . . . . . . . . 8 63 8. Mitigating flooding attacks by using preferential drop . . . 9 64 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 10 65 10. Security Considerations . . . . . . . . . . . . . . . . . . . 11 66 11. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 67 12. References . . . . . . . . . . . . . . . . . . . . . . . . . 11 68 12.1. Normative References . . . . . . . . . . . . . . . . . . 11 69 12.2. Informative References . . . . . . . . . . . . . . . . . 12 70 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 12 72 1. Introduction 74 Congestion Exposure (ConEx) [I-D.ietf-conex-abstract-mech] is a 75 mechanism by which senders inform the network about the congestion 76 encountered by packets earlier in the same flow. This document 77 specifies an IPv6 destination option [RFC2460] that can be used for 78 performing ConEx markings in IPv6 datagrams. 80 This document specifies the ConEx wire protocol in IPv6. The ConEx 81 information can be used by any network element on the path to e.g. do 82 traffic management or egress policing. Additionally this information 83 will potentially be used by an audit function that checks the 84 integrity of the sender's signaling. Further each transport 85 protocol, that supports ConEx signaling, will need to specify 86 precisely when the transport sets ConEx markings (e.g. the behavior 87 for TCP is specified in [I-D.ietf-conex-tcp-modifications]). 89 This document specifies ConEx for IPv6 only. Due to space 90 limitations in the IPv4 header and the risk of options that might be 91 stripped by middlebox in IPv4 the primary goal of the working goal 92 was to specify ConEx in IPv6 for experimentation. 94 This specification is experimental to allow the IETF to assess 95 whether the decision to implement the ConEx signal as a destination 96 option fulfills the requirements stated in this document, as well as 97 to evaluate the proposed encoding of the ConEx signals as described 98 in [I-D.ietf-conex-abstract-mech]. 100 The duration of this experiment is expected to be no less than two 101 years from publication of this document as infrastructure is needed 102 to be set up to determine the outcome of this experiment. 103 Experimenting with Conex requires IPv6 traffic. Even though the 104 amount of IPv6 traffic is growing, the traffic mix carried over IPv6 105 is still very different as over IPv4. Therefore, it might taker 106 longer to find a suitable test scenario where only IPv6 traffic is 107 managed using ConEx. 109 2. Conventions used in this document 111 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL","SHALL NOT", 112 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 113 document are to be interpreted as described in [RFC2119]. 115 3. Requirements for the coding of ConEx in IPv6 117 A set of requirement for an ideal concrete ConEx wire protocol is 118 given in [I-D.ietf-conex-abstract-mech]. In the ConEx working group 119 is was recognized that it will be difficult to find an encoding in 120 IPv6 that satisfies all requirements. The choice in this document to 121 implement the ConEx information in a destination option aims to 122 satisfy those requirements that constrain the placement of ConEx 123 information: 125 R-1: The marking mechanism needs to be visible to all ConEx-capable 126 nodes on the path. 128 R-2: The mechanism needs to be able to traverse nodes that do not 129 understand the markings. This is required to ensure that ConEx can 130 be incrementally deployed over the Internet. 132 R-3: The presence of the marking mechanism should not significantly 133 alter the processing of the packet. This is required to ensure that 134 ConEx marked packets do not face any undue delays or drops due to a 135 badly chosen mechanism. 137 R-4: The markings should be immutable once set by the sender. At the 138 very least, any tampering should be detectable. 140 Based on these requirements four solutions to implement the ConEx 141 information in the IPv6 header have been investigated: hop-by-hop 142 options, destination options, using IPv6 header bits (from the flow 143 label), and new extension headers. After evaluating the different 144 solutions, the ConEx working group concluded that the use of a 145 destination option would best address these requirements. 147 Hop-by-hop options would have been the best solution for carrying 148 ConEx markings if requirement R-3 would have been met. There is 149 currently some work ongoing in the 6man wgto address this very issue 150 [I-D.ietf-6man-hbh-header-handling]. This new behavior would address 151 R-3 and would make hop-by-hop options the preferred solution for 152 carrying ConEx markings. 154 Choosing to use a destination option does not necessarily satisfy the 155 requirement for on-path visibility, because it can be encapsulated by 156 additional IP header(s). Therefore, ConEx-aware network devices, 157 including policy or audit devices, might have to follow the chaining 158 (extension-)headers into inner IP headers to find ConEx information. 159 This choice was a compromise between fast-path performance of Conex- 160 aware network nodes and visibility, as discussed in 161 Section Section 5. 163 Please note that the IPv6 specification [RFC2460] does not require or 164 expect intermediate nodes to inspect destination options such as the 165 CDO. This implies that ConEx-aware intermediate nodes following this 166 specification need updated extension header processing code to be 167 able read the destination options. 169 4. ConEx Destination Option (CDO) 171 The ConEx Destination Option (CDO) is a destination option that can 172 be included in IPv6 datagrams that are sent by ConEx-aware senders in 173 order to inform ConEx-aware nodes on the path about the congestion 174 encountered by packets earlier in the same flow or the expected risk 175 of encountering congestion in the future. The CDO has an alignment 176 requirement of (none). 178 0 1 2 179 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 180 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 181 | Option Type | Option Length |X|L|E|C| res | 182 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 184 Figure 1: ConEx Destination Option Layout 186 Option Type 188 8-bit identifier of the type of option. Set to the value 189 30 (0x1E) allocated for experimental work. 191 Option Length 193 8-bit unsigned integer. The length of the option in octets 194 (excluding the Option Type and Option Length fields). Set to 195 the value 1. 197 X Bit 199 When this bit is set, the transport sender is using ConEx with 200 this packet. If it is not set, the sender is not using ConEx 201 with this packet. 203 L Bit 205 When this bit is set, the transport sender has experienced a 206 loss. 208 E Bit 210 When this bit is set, the transport sender has experienced 211 congestion signaled using Explicite Congestion Notification 212 (ECN) [RFC3168]. 214 C Bit 216 When this bit is set, the transport sender is building up 217 congestion credit in the audit function. 219 Reserved (res) 221 These four bits are not used in the current specification. 222 They are set to zero on the sender and are ignored on the 223 receiver. 225 Option Layout 227 All packets sent over a ConEx-capable TCP connection or belonging to 228 the same ConEx-capable flow MUST carry the CDO. The chg bit (the 229 third-highest-order bit) in the CDO Option Type field is set to zero, 230 meaning that the CDO option is immutable. Network devices with 231 ConEx-aware functions read the flags, but all network devices MUST 232 forward the CDO unaltered. 234 The CDO SHOULD be placed as the first option in the destination 235 option header before the AH and/or ESP (if present). IPsec 236 Authentication Header (AH) MAY be used to verify that the CDO has not 237 been modified. 239 If the X bit is zero all other three bits are undefined and thus MUST 240 be ignored and forwarded unchanged by network nodes. The X bit set 241 to zero means that the connection is ConEx-capable but this packet 242 MUST NOT be counted when determining ConEx information in an audit 243 function. This can be the case if no congestion feedback is 244 (currently) available e.g. in TCP if one endpoint has been receiving 245 data but sending nothing but pure ACKs (no user data) for some time. 246 This is because pure ACKs do not advance the sequence number, so the 247 TCP endpoint receiving them cannot reliably tell whether any have 248 been lost due to congestion. Pure TCP ACKs cannot be ECN-marked 249 either [RFC3168]. 251 If the X bit is set, any of the other three bits (L, E, C) might be 252 set. Whenever one of these bits is set, the number of bytes carried 253 by this IP packet (including the IP header that directly encapsulates 254 the CDO and everything that IP header encapsulates) SHOULD be counted 255 to determine congestion or credit information. In IPv6 the number of 256 bytes can easily be calculated by adding the number 40 (length of the 257 IPv6 header in bytes) to the value present in the Payload Length 258 field in the IPv6 header. 260 The credit signal represents potential for congestion. If a 261 congestion event occurs, a corresponding amount of credit is consumed 262 as outlined in [I-D.ietf-conex-abstract-mech]. A ConEx-enabled 263 sender SHOULD, therefore, signal sufficient credit in advance to any 264 congestion event to cover the (estimated maximum) amount of lost or 265 CE-marked bytes that could occur in such a congestion event. This 266 estmation depends on the heuristics used and aggressiveness of the 267 sender whening deciding about the apropriate sending rate (congestion 268 control). Note, the maximum congestion risk is that all packets in 269 flight get lost or CE-marked, and therefore this would be the most 270 conservative estimation for the congestion risk. After a congestion 271 event, if the sender intends to take the same risk again, it just 272 needs to replace the consumed credit as non-consumed credit does not 273 expire. For the case of TCP, this is described in detail in 274 [I-D.ietf-conex-tcp-modifications]. 276 If the L or E bit is set, a congestion signal in the form of a loss 277 or, respectively, an ECN mark was previously experienced by the same 278 connection. 280 In principle all of these three bits (L, E, C) might be set in the 281 same packet. In this case the packet size MUST be counted more than 282 once for each respective ConEx information counter. 284 If a network node extracts the ConEx information from a connection, 285 it is expected to hold this information in bytes, e.g. comparing the 286 total number of bytes sent with the number of bytes sent with ConEx 287 congestion marks (L, E) to determine the current whole path 288 congestion level. Therefore a ConEx-aware nodes, that processes the 289 CDO, MUST use the Payload length field of the preceding IPv6 header 290 for byte-based counting. When a ratio is measured and equally sized 291 packets can be assumed, counting the number of packets (instead of 292 the number of bytes) should deliver the same result. But an audit 293 function must be aware that this estimation can be quite wrong, if 294 e.g. different sized packed are sent and thus it is not reliable. 296 All remaining bits in the CDO are reserved for future use (which are 297 currently the last four bits of the eight bit option space). A ConEx 298 sender SHOULD set the reserved bits in the CDO to zero. Other nodes 299 MUST ignore these bits and ConEx-aware intermediate nodes MUST 300 forward them unchanged, whatever their values. They MAY log the 301 presence of a non-zero reserved field. 303 The CDO is only applicable on unicast or anycast packets (see 304 [I-D.ietf-conex-abstract-mech] note regarding item J on multicast at 305 the end of section 3.3 for reasoning). A ConEx sender MUST NOT send 306 a packet with the CDO to a multicast address. ConEx-capable network 307 nodes MUST treat a multicast packet with the X flag set the same as 308 an equivalent packet without the CDO, and they SHOULD forward it 309 unchanged. 311 As stated in [I-D.ietf-conex-abstract-mech] (see section 3.3 item N 312 on network layer requirements) protocol specs should describe any 313 warning or error messages relevant to the encoding. There are no 314 warnings or error messages associated with the CDO. 316 5. Implementation in the fast path of ConEx-aware routers 318 The ConEx information is being encoded into a destination option so 319 that it does not impact forwarding performance in the non-ConEx-aware 320 nodes on the path. Since destination options are not usually 321 processed by routers, the existence of the CDO does not affect the 322 fast path processing of the datagram on non-ConEx-aware routers, i.e. 323 they are not pushed into the slow path towards the control plane for 324 exception processing. 326 ConEx-aware nodes still need to process the CDO without severely 327 affecting forwarding. For this to be possible, the ConEx-aware 328 routers need to quickly ascertain the presence of the CDO and process 329 the option if it is present. To efficiently perform this, the CDO 330 needs to be placed in a fairly deterministic location. In order to 331 facilitate forwarding on ConEx-aware routers, ConEx-aware senders 332 that send IPv6 datagrams with the CDO SHOULD place the CDO as the 333 first destination option in the destination options header. 335 6. Tunnel Processing 337 As with any destination option, an ingress tunnel endpoint will not 338 normally copy the CDO when adding an encapsulating outer IP header. 339 In general an ingress tunnel SHOULD NOT copy the CDO to the outer 340 header as this would changed the number of bytes that would be 341 counted. However, it MAY copy the CDO to the outer header in order 342 to facilitate visibility by subsequent on-path ConEx functions if the 343 configuration of the tunnel ingress and the ConEx nodes is co- 344 ordinated. This trades off the performance of ConEx functions 345 against that of tunnel processing. 347 An egress tunnel endpoint SHOULD ignore any CDO in the outer header 348 on decapsulation of an outer IP header. The information in any inner 349 CDO will always be considered correct, even if it differs from any 350 outer CDO. Therefore, the decapsulator can strip the outer CDO 351 without comparison to the inner. A decapsulator MAY compare the two, 352 and MAY log any case where they differ. However, the packet MUST be 353 forwarded irrespective of any such anomaly, given an outer CDO is 354 only a performance optimization. 356 A network node that assesses ConEx information SHOULD search for 357 encapsulated IP headers until a CDO is found. At any specific 358 network location, the maximum necessary depth of search is likely to 359 be the same for all packets between a given set of tunnel endpoints. 361 7. Compatibility with use of IPsec 363 A network-based attacker could alter ConEx information to fool an 364 audit function in a downstream network into discarding packets. If 365 the endpoints are using the IPsec Authentication Header (AH) 366 [RFC2460] to detect alteration of IP headers along the path, AH will 367 also detect alteration of the CDO header. Nonetheless, AH protection 368 will rarely need to be introduced for ConEx, because attacks by one 369 network on another are rare if they are traceable. Other known 370 attacks from one network on another such a TTL expiry attacks are 371 more damaging to the innocent network (because ConEx audit discards 372 silently) and less traceable (because TTL is meant to change, whereas 373 CDO is not). 375 Section 4 specifies that the CDO is placed in the destination option 376 header before the AH and/or ESP headers so that ConEx information 377 remains in the clear if ESP is being used to encrypt other 378 transmitted information in transport mode [RFC4301]. In general, a 379 Destination Option header inside an IPv6 packet can be placed in two 380 possible positions, either before the Routing header or after the 381 ESP/AH headers as described in Section 4.1 of [RFC2460]. If the CDO 382 were placed in the latter position and an ESP header was used with 383 encryption, ConEx-aware intermediate nodes would not be able to view 384 and interpret the CDO, effectively rendering it useless. 386 The IPv6 protocol architecture currently does not provide a mechanism 387 for new headers to be copied to the outer IP header. Therefore if 388 IPsec encryption is used in tunnel mode, ConEx information cannot be 389 accessed over the extent of the ESP tunnel. 391 Also, the destination IP stack will not usually process the CDO, 392 therefore the sender can send a CDO without checking if the receiver 393 will understand it. The CDO MUST still be forwarded to the 394 destination IP stack, because the destination might check the 395 integrity of the whole packet, irrespective of whether it understands 396 ConEx. 398 8. Mitigating flooding attacks by using preferential drop 400 This section is aspirational, and not critical to the use of ConEx 401 for more general traffic management. However, once CDO information 402 is present, the CDO header could optionally also be used in the data 403 plane of any IP-aware forwarding node to mitigate flooding attacks. 405 Please note that ConEx is an experimental protocol and that any kind 406 of mechanisms that reacts on information provided by the ConEx 407 protocol needs to be evaluated in experimentation as well. This is 408 also true, or especially true, for the preferential drop mechanism 409 described below. 411 Dropping packets preferentially that are not ConEx-capable or do not 412 carry a ConEx mark can be beneficial to migrate flooding attacks as 413 ConEx-marked packets can be assumed to be already restricted by an 414 ConEx ingress policer as further described in 415 [I-D.ietf-conex-abstract-mech]. Therefore the following ConEx-based 416 perferential dropping scheme is proposed: 418 If a router queue experiences very high load so that it has to drop 419 arriving packets, it MAY preferentially drop packets within the same 420 DiffServ PHB using the preference order given in Table 1 (1 means 421 drop first). Additionally, if a router implements preferential drop 422 based on ConEx it SHOULD also support ECN-marking. Even though 423 preferential dropping can be difficult to implement on some hardware, 424 if nowhere else, routers at the egress of a network SHOULD implement 425 preferential drop based on ConEx markings (stronger than the MAY 426 above). 428 +----------------------+----------------+ 429 | | Preference | 430 +----------------------+----------------+ 431 | Not-ConEx or no CDO | 1 (drop first) | 432 | X (but not L,E or C) | 2 | 433 | X and L,E or C | 3 | 434 +----------------------+----------------+ 436 Table 1: Drop preference for ConEx packets 438 A flooding attack is inherently about congestion of a resource. As 439 load focuses on a victim, upstream queues grow, requiring honest 440 sources to pre-load packets with a higher fraction of ConEx-marks. 442 If ECN marking is supported by downstream queues, preferential 443 dropping provides the most benefits because, if the queue is so 444 congested that it drops traffic, it will be CE-marking 100% of any 445 forwarded traffic. Honest sources will therefore be sending 100% 446 ConEx E-marked packets (and subject to rate-limiting at an ingress 447 policer). 449 Senders under malicious control can either do the same as honest 450 sources, and be rate-limited at ingress, or they can understate 451 congestion and not set the E bit. 453 If the preferential drop ranking is implemented on queues, these 454 queues will preserve E/L-marked traffic until last. So, the traffic 455 from malicious sources will all be automatically dropped first. 456 Either way, malicious sources cannot send more than honest sources. 457 Therefore ConEx-based perferential drooping as describe above 458 discriminates against attack traffic if done as part of the overall 459 policing framework as described in [I-D.ietf-conex-abstract-mech]. 461 9. Acknowledgements 463 The authors would like to thank David Wganer, Marcelo Bagnulo, 464 Ingemar Johansson, Joel Halpern, John Leslie, Martin Stiemerling, 465 Robert Sparks, Ron Bonica, Brian Haberman, Kathleen Moriarty, Bob 466 Hinden, Ole Troan and Brian Carpenter for the discussions that made 467 this document better. 469 10. Security Considerations 471 [I-D.ietf-conex-abstract-mech] describes the overall audit framework 472 for assuring that ConEx markings truly reflect actual path 473 congestion. This section focuses purely on the security of the 474 encoding chosen for ConEx markings. 476 The CDO Option Type is defined with a chg bit set to zero as 477 described in Section 4. If IPsec AH is used, a zero chg bit causes 478 AH to cover the CDO option so that its end-to-end integrity can be 479 verified, as explained in Section 4. 481 This document specifies that the Reserved field in the CDO must be 482 ignored and forwarded unchanged even if it does not contain all 483 zeroes. The Reserved field is also required to sit outside the 484 Encapsulating Security Payload (ESP), at least in transport mode (see 485 Section 7). This allows the sender to use the Reserved field as a 4- 486 bit-per-packet covert channel to send information to an on-path node 487 outside the control of IPsec. However, a covert channel is only a 488 concern if it can circumvent IPsec in tunnel mode and, in the tunnel 489 mode case, ESP would close the covert channel as outlined in 490 Section 7. 492 11. IANA Considerations 494 The IPv6 ConEx destination option is used for carrying ConEx 495 markings. This document uses the experimental option type 0x1E with 496 the act bits set to 00 and the chg bit set to 0 for realizing this 497 option. No further allocation action is required from IANA at this 498 time. 500 12. References 502 12.1. Normative References 504 [I-D.ietf-conex-abstract-mech] 505 Mathis, M. and B. Briscoe, "Congestion Exposure (ConEx) 506 Concepts, Abstract Mechanism and Requirements", draft- 507 ietf-conex-abstract-mech-13 (work in progress), October 508 2014. 510 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 511 Requirement Levels", BCP 14, RFC 2119, 512 DOI 10.17487/RFC2119, March 1997, 513 . 515 [RFC2460] Deering, S. and R. Hinden, "Internet Protocol, Version 6 516 (IPv6) Specification", RFC 2460, DOI 10.17487/RFC2460, 517 December 1998, . 519 [RFC3168] Ramakrishnan, K., Floyd, S., and D. Black, "The Addition 520 of Explicit Congestion Notification (ECN) to IP", 521 RFC 3168, DOI 10.17487/RFC3168, September 2001, 522 . 524 [RFC4301] Kent, S. and K. Seo, "Security Architecture for the 525 Internet Protocol", RFC 4301, DOI 10.17487/RFC4301, 526 December 2005, . 528 [RFC4302] Kent, S., "IP Authentication Header", RFC 4302, 529 DOI 10.17487/RFC4302, December 2005, 530 . 532 [RFC4303] Kent, S., "IP Encapsulating Security Payload (ESP)", 533 RFC 4303, DOI 10.17487/RFC4303, December 2005, 534 . 536 12.2. Informative References 538 [I-D.ietf-6man-hbh-header-handling] 539 Baker, F., "IPv6 Hop-by-Hop Header Handling", draft-ietf- 540 6man-hbh-header-handling-00 (work in progress), November 541 2015. 543 [I-D.ietf-conex-tcp-modifications] 544 Kuehlewind, M. and R. Scheffenegger, "TCP modifications 545 for Congestion Exposure", draft-ietf-conex-tcp- 546 modifications-10 (work in progress), October 2015. 548 [I-D.wagner-conex-audit] 549 Wagner, D. and M. Kuehlewind, "Auditing of Congestion 550 Exposure (ConEx) signals", draft-wagner-conex-audit-01 551 (work in progress), February 2014. 553 Authors' Addresses 555 Suresh Krishnan 556 Ericsson 557 8400 Blvd Decarie 558 Town of Mount Royal, Quebec 559 Canada 561 Email: suresh.krishnan@ericsson.com 562 Mirja Kuehlewind 563 ETH Zurich 565 Email: mirja.kuehlewind@tik.ee.ethz.ch 567 Bob Briscoe 568 Simula Research Laboratory 570 Email: ietf@bobbriscoe.net 571 URI: http://bobbriscoe.net/ 573 Carlos Ralli Ucendo 574 Telefonica 576 Email: ralli@tid.es