GENWiki

Premier IT Outsourcing and Support Services within the UK

User Tools

Site Tools


rfc:rfc1174

Network Working Group V. Cerf Request for Comments: 1174 CNRI

                                                           August 1990

IAB Recommended Policy on Distributing Internet Identifier Assignment

                                and
    IAB Recommended Policy Change to Internet "Connected" Status

Status of this Memo

 This informational RFC represents the official view of the Internet
 Activities Board (IAB), and describes the recommended policies and
 procedures on distributing Internet identifier assignments and
 dropping the connected status requirement.  This RFC does not specify
 a standard.  Distribution of this memo is unlimited.

Table of Contents

 Status of this Memo...............................................  1
 Overview..........................................................  1
 1.  Recommendation about Internet Identifiers.....................  2
 1.1.  Summary.....................................................  2
 1.2.  Introduction................................................  2
 1.3.  Proposed Method of Operation................................  2
 2.  Recommendation about Connected Status.........................  3
 2.1.  Summary.....................................................  3
 2.2.  Introduction................................................  3
 2.3.  Recommendations.............................................  4
 2.a.1.  Attachment 1..............................................  4
 2.a.1.1.  Summary.................................................  4
 2.a.1.2.  Background..............................................  4
 2.a.1.3.  Recommendation..........................................  6
 2.a.1.4.  Discussion..............................................  7
 2.a.2.  Attachment 2..............................................  8
 Security Considerations...........................................  8
 Author's Address..................................................  9

Overview

 This RFC includes two recommendations from the IAB to the FNC.  The
 first is a "Recommended Policy on Distributing Internet Identifier
 Assignment", that is, a suggestion to distribute the function of
 assigning network and autonomous system numbers.  The second is a
 "Recommended Policy Change to Internet 'Connected' Status", that is,
 a suggestion to drop the notion of connected status in favor of
 recording the acceptable use policy and traffic access policy for
 each network.  Included in this second recommendation is the explict

Cerf [Page 1] RFC 1174 Identifier Assignment and Connected Status August 1990

 suggestion that any registered network may be entered into the DNS
 database without regard to connected status.

1. Recommendation about Internet Identifiers

 To: Chairman, Federal Networking Council
 From: Chairman, Internet Activities Board
 CC: IAB, IESG
 Subject: Recommended Policy on Distributing Internet
          Identifier Assignment

1.1. Summary

 This document recommends procedures for distributing assignment of
 Internet identifiers (network and autonomous system numbers).

1.2. Introduction

 Throughout its entire history, the Internet system has employed a
 central Internet Assigned Numbers Authority (IANA) for the allocation
 and assignment of various numeric identifiers needed for the
 operation of the Internet.  The IANA function is performed by USC
 Information Sciences Institute.  The IANA has the discretionary
 authority to delegate portions of this responsibility and, with
 respect to numeric network and autonomous system identifiers, has
 lodged this responsibility with an Internet Registry (IR).  This
 function is performed by SRI International at its Network Information
 Center (DDN-NIC).
 With the rapid escalation of the number of networks in the Internet
 and its concurrent internationalization, it is timely to consider
 further delegation of assignment and registration authority on an
 international basis.  It is also essential to take into consideration
 that such identifiers, particularly network identifiers of class A
 and B type, will become an increasingly scarce commodity whose
 allocation must be handled with thoughtful care.

1.3. Proposed Method of Operation

 It is proposed to retain the centralized IANA and IR functions.
 The IR would continue to be the principal registry for all network
 and autonomous system numbers.  It would also continue to maintain
 the list of root Domain Name System servers and a database of
 registered nets and autonomous systems.
 In addition, however, the IR would also allocate to organizations
 approved by the Coordinating Committee for Intercontinental Research

Cerf [Page 2] RFC 1174 Identifier Assignment and Connected Status August 1990

 Networking (CCIRN) blocks of network and autonomous system numbers,
 as needed, and delegate to them further assignment authority.
 It is recommended that, at least initially, the IR serve as the
 default registry in cases where no delegated registration authority
 has been identified.
 Copies of the aggregate Internet registration database(s) should be
 maintained by the IR and copies provided to each delegated registry
 to improve redundancy and access to this information.  Updates to the
 database, however, would still be centralized at the IR with complete
 copies redistributed by file transfer or other means on a timely
 basis.
 It is recommended that candidate delegated registries meet with the
 IANA and IR to review operational procedures and requirements and to
 produce documentation to be issued as RFCs describing the details of
 the proposed distributed mode of operation.
 It is recommended that host Domain Name registration continue in its
 present form which already accommodates distribution of this
 function.

2. Recommendation about Connected Status

 To: Chairman, Federal Networking Council (FNC)
 From: Chairman, Internet Activities Board
 CC: IAB, IESG
 Subject: Recommended Policy Change to Internet "Connected" Status

2.1. Summary

 This memorandum recommends a change in the current policy for
 associating "connected" status to a subset of networks which have
 been assigned an Internet identifier.

2.2. Introduction

 In the following, the term Internet Assigned Number Authority (IANA)
 refers to the organization which has primary authority to allocate
 and assign numeric identifiers required for operation of the
 Internet.  This function is presently performed by USC Information
 Sciences Institute.  The term Internet Registry (IR) refers to the
 organization which has the responsibility for gathering and
 registering information about networks to which identifiers (network
 numbers, autonomous system numbers) have been assigned by the IR.  At
 present, SRI International serves as the IR.

Cerf [Page 3] RFC 1174 Identifier Assignment and Connected Status August 1990

 Attachments (1) and (2) outline the rationale for and implications of
 changing the current policy for associating "connected" status with
 only a subset of networks which have been assigned Internet
 identifiers.

2.3. Recommendations

 The following actions are recommended:
    1. The Internet Registry should be instructed to drop all
    reference to "connected" status in its databases and in its forms
    for Internet network and autonomous system registration.
    2. The Internet Registry should be instructed to request brief
    statements of acceptable network usage, access and transit policy
    for external traffic (i.e., traffic entering from or exiting to
    other networks) from each applicant for a network or autonomous
    system identifier.  For example, some networks conform to the
    National Science Foundation acceptable use guidelines; other
    networks will carry any traffic (e.g., common carriers); others
    may prohibit transit use.  Retrospective statements should be
    gathered by the IR for networks already registered.  Such
    statements should be made available on-line and widely publicized.
    3. The Internet Registry should be instructed to allow any
    registered networks to be entered into the Domain Name Server
    database without regard to "connected" status.
 Attachment: (1) Recommendation for replacement of "Connected" Status
             (2) Recommendation on DNS and Connectivity

2.a.1. Attachment 1

Recommendation for Replacement of "Connected" Status

2.a.1.1. Summary

 A revision of the current Internet procedures controlling connection
 to the Internet is recommended to solve urgent problems caused by
 Internet growth both in the US and internationally.  The
 recommendation involves relaxation of the present "connected" status
 rule and the creation of a policy database to guide network
 administrators.

2.a.1.2. Background

 With the demise of the ARPANET and the growth of a global Internet,
 the administration and registration of Internet network numbers has

Cerf [Page 4] RFC 1174 Identifier Assignment and Connected Status August 1990

 outgrown its initially conceived client base: military, government
 and government-sponsored research organizations.  Since the
 international growth has extended the Internet community to industry
 and a broad range of academic and research institutions, we must re-
 evaluate some of the criteria for assignment and use of Internet
 network numbers.
 In the early phases of the Internet research project, numbers were
 assigned only to networks of organizations that were participating in
 the research effort.  Later, as the system became more stable and
 expanded into a widespread infrastructure, other organizations with
 networks were assigned network numbers and allowed to interconnect if
 they were parts of the U.S. Government or sponsored by a Government
 organization.  To ensure global uniqueness, a single Internet
 Registry (IR) was designated: the Defense Data Net Network
 Information Center (DDN-NIC) at SRI International.
 As the Internet protocols became popular in the commercial
 marketplace, many organizations purchased and installed private
 networks that needed network number assignments but were not intended
 to be connected to the federally-sponsored system.  The IR adopted a
 policy of assigning network numbers to all who requested them, while
 distinguishing networks permitted to link to the global Internet by
 assigning them "connected" status.  Essentially, this meant that the
 network to which the number was assigned had the sanction of a U.S.
 Government sponsoring organization to link to the Internet.
 The present day Internet encompasses networks that serve as
 intermediaries to access the federally-sponsored backbones.  Many of
 these intermediate networks were initiated under the sponsorship of
 the National Science Foundation.  Some have been founded without
 federal assistance as consortia of using organizations.  The
 Government has expressed a desire that all such networks be self-
 supporting, without the need for federal subsidy.  To achieve this
 goal, it has been essential for the intermediate networks to support
 an increasingly varied range of users.  A great many industrial
 participants can be found on the intermediate level networks.  Their
 use of the federally-sponsored backbones is premised on the basis
 that the traffic is in support of academic, scholarly or other
 research work.  The criteria for use of the intermediate level
 networks alone is sometimes more relaxed and, in the cases of the
 newly-formed commercial networks, there are no restrictions at all.
 In essence, each network needs to be able to determine, on the basis
 of its own criteria, with which networks it will interconnect and for
 which networks it will support transit service.  There is no longer a
 simple binary correlation between "connected" status and acceptable
 use policy.  The matter becomes even more complex as we contemplate

Cerf [Page 5] RFC 1174 Identifier Assignment and Connected Status August 1990

 the large and growing number of non-U.S. networks joining the global
 Internet.  It is inappropriate to require that all of these networks
 adhere to U.S. access and use criteria; rather, it can only be
 required that the traffic they send through the federally-sponsored
 networks be consistent with the federal criteria.

2.a.1.3. Recommendation

 Since the concept of a single, global "connected" status is no longer
 meaningful, it is recommended that it be retired and to define new
 characteristics that could be used by networks within the Internet to
 determine a specific network's eligibility to communicate with other
 networks.
 Some attributes which might be useful to track and could be used as
 criteria to determine the acceptability of Internet traffic for
 routing purposes include:
     1) Country codes
     2) Conformance to acceptable use policy for:
           NSFNET, MILNET, NSI, ESnet, NORDUnet, ...
 To implement this idea, the IR would update the current Internet-
 Number-Template to query applicants for the necessary information.
 This information would then be collected in a database containing,
 for instance, a matrix of network numbers over policies.  Note that
 the policies might be presented in narrative form.  In addition, the
 usage policies of the various networks must be publicly available so
 that applicants and other interested parties can be advised of policy
 issues as they relate to various networks.
 Under this proposal, the IR would be charged with the registration
 and administration of the Internet number space but not with the
 enforcement of policy.  The IR should collect enough information to
 permit network administrators to make intelligent decisions as to the
 acceptability of traffic destined to or from each and every
 legitimate Internet number.  Enforcement of policies is discussed
 below.
 At a later step, we anticipate that it will be desirable to
 distribute the IR function among multiple centers, e.g., with centers
 on different continents.  This should be straight-forward once the IR
 function is divorced from policy enforcement.

Cerf [Page 6] RFC 1174 Identifier Assignment and Connected Status August 1990

2.a.1.4. Discussion

 It is already true in the current Internet that there are
 restrictions on certain traffic on particular networks.  For example,
 two intermediate level networks that are willing to carry arbitrary
 traffic can link with each other but are barred from passing
 commercial traffic or any other traffic that is not for academic or
 scholarly purposes across the federally-sponsored backbones.
 Routing of traffic based upon acceptable-use policies requires a
 technical ability known as "policy-based routing" (PBR).  At the
 present time, the PBR mechanism available in the Internet operates as
 the level of an entire network; all users and hosts on a network are
 subject to the same routes for a given destination.  Using this PBR
 mechanism, a network maintains routes (and provides transit services)
 only for networks with compatible use policies.  For an intermediate
 level network, for example, the routing decisions must be made on the
 basis of the network numbers assigned to the organizations; some
 might be considered to have traffic conformant with federal use
 policies and some might not.
 Although it is much more fine-grained than the current "on or off"
 rule of connected status, the use of PBR based on networks is still a
 very coarse measure of control.  Since the decision on acceptability
 is made at the network level, one has to assign a set of
 characteristics to all traffic emanating from or entering into a
 given network to make this access control strategy work.  Strict
 application of such controls could prevent a commercial organization
 from legitimately sending research or scholarly data across the
 federal backbone (e.g., IBM needs to communicate with MCI and MERIT
 about NSFNET, but other parts of IBM may need to communicate on
 commercial matters). Organizations with a variety of uses might have
 to artificially define several networks with which to associate
 different use policies.
 The practical result is that in order to support desirable usage
 patterns, government-sponsored networks will sometimes have to depend
 upon self-policing by traffic sources, rather than upon strict
 mechanical enforcement of acceptable use policies.  Higher certainty
 on usage will have a cost in terms of limiting desirable access.
 An important project now underway in the Internet Engineering Task
 Force (IETF) is developing a more general mechanism for PBR that will
 allow control at the level of individual hosts and possibly even
 user.  It will give an end host or user the ability to select routes,
 taking into consideration issues such as cost, performance and
 reliability of the transit networks.

Cerf [Page 7] RFC 1174 Identifier Assignment and Connected Status August 1990

2.a.2. Attachment 2

IAB Policy Recommendation on DNS and Connectivity

 The Internet Domain Name system (DNS) is an essential part of the
 networking infrastructure.  It establishes a global distributed
 database for mapping host names into IP addresses and for delivering
 electronic mail.  Its efficient and reliable functioning is vital to
 nearly all Internet users.
 Some DNS operations depend upon the existence of a complete database
 at certain "root" servers, in particular at the Internet Registry
 (IP) located at the Defense Data Net Network Information Center at
 SRI International (DDN-NIC).  The past policy has been to tie
 inclusion in this database to approval of Internet interconnection by
 a U.S. Government agency.  This "connected" status restriction is no
 longer viable, and recommendations for its replacement have been put
 forward.
 In any case, we believe that the DNS database is not the proper
 architectural level for enforcement of administrative access
 restrictions, e.g., controls over the announcement of networks in the
 routing protocols.
 The Internet Activities Board (IAB) therefore strongly endorses the
 following recommendation from the Federal Engineering Planning Group
 to the Federal Networking Council, to provide DNS service regardless
 of access control policies:
    "There has been a great deal of discussion about domain
    nameservers, the IN-ADDR domain, and "connected" status as the
    Internet has grown to include many more nations than just the
    United States.  As we move to a more global Internet, it seems
    like it would be a good idea to re-evaluate some of the rules that
    have governed the naming and registration policies that exist.
    The naming and routing should be completely decoupled.  In
    particular, it should be possible to register both a name/domain,
    as well as address servers within the IN-ADDR domain, independent
    of whether the client has "connected" status or not.  This should
    be implemented immediately by the IR at the DDN-NIC.  No U.S.
    Government sponsor should be required for domain name/address
    registration."

Security Considerations

 Security issues are not addressed in this memo.

Cerf [Page 8] RFC 1174 Identifier Assignment and Connected Status August 1990

Author's Address

 Vinton G. Cerf
 Corporation for National Research Initiatives
 1895 Preston White Drive, Suite 100
 Reston, VA 22091
 Phone: (703) 620-8990
 EMail: vcerf@nri.reston.va.us

Cerf [Page 9]

/data/webs/external/dokuwiki/data/pages/rfc/rfc1174.txt · Last modified: 1990/08/10 02:15 (external edit)