Internet Engineering Task Force Erik Guttman INTERNET DRAFT James Kempf 19 May 2000 Sun Microsystems Expires in six months Proposed Modifications to the Service Location Protocol, Version 2 Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Copyright (C) The Internet Society (2000). All Rights Reserved. Abstract SLPv2 [1] has been widely implemented but not all features of the protocol are in common use. If these features were deprecated from the specification the protocol would be simpler, yet still perform its core function. The changes proposed in this document could be the basis for a revision of SLPv2 as it is considered for advancement to Draft Standard. 1. Introduction SLPv2 has been widely implemented but not all features of the protocol are in common use. If these features were deprecated from the specification the protocol would be simpler, yet still perform it core features. The changes proposed in this document could be the basis for a revision of SLPv2 as it is considered for advancement to Guttman, Kempf Expires: 18 November 2000 [Page 1] Internet Draft Proposed SLPv2 Revision October 1999 Draft Standard. This document begins with the motivation for revision. Specific revisions are proposed. Finally, minimal requirements for SLPv2bis compliant hosts are summarized. Changes proposed in this document will not modify any of the SLPv2 on-the-wire protocol. Features will be dropped and in a couple cases slightly new interpretations of rules are given. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY" and "OPTIONAL" in this document are to be interpreted as described in RFC 2119 [2]. 2.0 Motivation There are four features which made SLPv2 complicated to implement. - SAs and DAs MUST implement full LDAPv3 search filters [3] for matching service requests. This required complex parsing and indexing. See Section 3.1. - Attribute Requests by service type was difficult to collate. See Section 3.2. - SAs MUST keep track of all DAs it discovers and forward SrvReg and SrvDereg messages to each of them. This requires the SA to passively discover DAs and to maintain and act on non-trivial state information. See Section 3.3. - Previous Responder Lists made message headers variable length for each retransmission. See Section 3.4. Each of these features has proven to be unnecessary. In fact many implementations have foregone them. There are other features which were viewed as useful during the design phase of SLPv1 which have not proven their worth in deployment and have burdened the protocol unnecessarily. 3.0 Recommended Modifications of SLPv2 The following section details all suggested changes to the protocol. 3.1 Service Request 3.1.1. Limit requests to at most 1 '&' logical operator. Thus, only requests of type (x=4) or (&(x=4)(y=3)) are allowed. 3.1.2. Allow only '=' based comparisons. Thus all comparisons are Guttman, Kempf Expires: 18 November 2000 [Page 2] Internet Draft Proposed SLPv2 Revision October 1999 case insensitive string based. 3.1.3. Eliminate support for wild cards in queries. The result of these rules will be that SLPv2 search filters will be compatible with LDAPv3 search filter, but not visa versa. Complicated logical queries for services have not proven useful. Allowing conjunctions of required attributes has proven very useful and is easy to implement. It might be argued that eliminating support for '<=' and '>=' filters will make it impossible to do load balancing with SLPv2. It is possible to do load balancing by requesting all services and then comparing their attributes for a given value at the UA. It would also be possible to create a SLPv2 extension for load balancing on a particular attribute. 3.2 Attribute Request 3.2.1. Eliminate attribute requests by type. Attribute requests will be by service URL only. 3.2.2. Eliminate wild cards in attribute request search filters. Another possibility would be more radical: 3.2.3. Deprecate attribute requests entirely as the Attribute List Extension [8] may be used when a UA wants to retrieve attributes. Attribute requests for service by type have proven difficult to implement and interpret. This feature should be deprecated. 3.3 DA Discovery 3.3.1. Recommend that DAs do mesh enhancement [7]. Mesh enhanced DAs add very little complexity to DAs. If even one is present in a given scope, a SA does not need to keep track of other DAs in that scope. Forwarding to the mesh enhanced DA will effectively cause a registration to be forwarded to all DAs in that scope. 3.4 Transport 3.4.1. Deprecate Previous Responder lists - but random delays on replies are a MUST. If PR lists are in requests, SAs and DAs MAY ignore them. Guttman, Kempf Expires: 18 November 2000 [Page 3] Internet Draft Proposed SLPv2 Revision October 1999 PR lists only work with <100 responders. In that case, as long as replies are staggered there is no overflow risk. So PR lists are really not useful except to suppress responses to save network usage). 3.5 Scope Configuration 3.5.1. Deprecate MANDATORY flags in RFC 2610. 3.5.2. Use nested scopes in MADCAP [5] for scope config. SAs and DAs join all groups at the top of each nested scope (address range). They advertise all scopes by the name received in the MADCAP Nested Scope Option [6]. 3.5.3. The simplified scope configuration list would be in decreasing order of preference Pref Feature Requirement 'mode' 1) static configuration of scope list MUST 2) static configuration of DAs* MUST 3) dhcp configuration SHOULD 4) dhcp configuration of DAs* SHOULD 5) MADCAP / scope configuration SHOULD 6) dynamic discovery (DAAdverts)** MAY 7) dynamic discovery (SAAdverts)** MAY 8) Use of the scope "default" MUST The higher item on the list always takes precedence over the lower items. If no other configuration is supplied, a SLP Agent is configured with the scope list "default". * If a scope list is not configured (by through static configuration or DHCP) but a list of DAs is, the SLP Agent MUST unicast a SrvRqst for "service:directory-agent" to each of the DAs on the list. The SLP Agent is configured with the scope list which is the union of all scopes supported by the DAs which respond with a DAAdvert. If a DA on the configuration list does not respond, the SLP Agent SHOULD try to send it a SrvRqst again periodically (like every 30 minutes). Once a DAAdvert is received, the scope list MAY be expanded and the # of DAs known of by the SLP Agent increases. **Dynamic discovery of scopes MAY be used by User Agents and MUST NOT be used to configure Service Agent or Directory Agent scope lists. The problem with the current scope rules is that they are overly complicated. This is largely due to the 'MANDATORY' bit in the SLPv2 DHCP Option [9]. A clarification of how to do scope rules using the current specifications shows just how hard it is [10]. Further, when SLPv2 was published, the Administrative Scoping BCP Guttman, Kempf Expires: 18 November 2000 [Page 4] Internet Draft Proposed SLPv2 Revision October 1999 [4] was available, but further specifications were not. Now, with MADCAP and the MADCAP Nested Scope Option it is possible to define specific automatic scope configuration behavior. 3.6 Service Deregistration 3.6.1. Eliminate wild cards in the tag list for selective attribute deregistration. 3.7 String Matching 3.7.1. Eliminate the requirement to elide white space in requests. If white space is included unintentionally on registration or requests - that is an error. Use the templates literally (just don't add unwanted space). This effects every message - scope lists, tag lists, attribute lists, queries, and so on. Eliding white space allowed requests to be 'sloppy' and still match strings in registered by other servers. In practice this does not seem to be a problem since strings can be trimmed before being registered or before requests are sent. Many strings are will have extra white space due to manual entry anyway. 4.0 Minimal Features The following minimal features will result from this trimming of SLPv2. 4.1 Directory Agent - Send DAAdverts periodically - Respond to service requests for DA with DAAdvert - Respond to SrvRqst, AttrRqst and SrvTypeRqst with SrvRply, AttrRply and SrvTypeRqst - Accept SrvReg and SrvDereg messages - Age services out of the cache when their lifetimes expire The following mandatory features for DAs would be dropped due to the proposed revision. - Handling Previous Responder Lists. - Handling Attribute Requests by service type. - Handling wild cards in Service Deregistration tag lists. For backward compatibility with existing SLPv2 UAs and SAs other features could not be dropped. However, very few SLPv2 DAs have been deployed. It is conceivable that further features Guttman, Kempf Expires: 18 November 2000 [Page 5] Internet Draft Proposed SLPv2 Revision October 1999 (described in section 3) could be made optional for DAs. 4.2 Service Agent - Active DA discovery (1) - Passive DA discovery (1) - Respond to service request for SA with SAAdvert - Respond to service requests for services with SrvRply (2) - De/Register with discovered DAs (1) (1) If mesh enhanced DAs have been discovered, only one DA need be registered with. Further passive DA discovery would not be needed once such a DA has been discovered, too. (2) SAs return a 'not implemented error' if they cannot parse a LDAPv3 search filter. Clients can then infer that the SA can only handle the restricted subset. (Since SLPv2 SAs MUST support SrvRqst - the not implemented refers to the search filter not to the function). The following mandatory features for SAs would be dropped due to the proposed revision. - Handling Previous Responder Lists. - Eliding White Space - Handling LDAPv3 search filters - Handling wild cards in strings 4.3 User Agent - Active DA discovery (1) - Multicast SrvRqst if no discovered DAs - Unicast SrvRqst if discovered DAs (1) Active DA discovery should be done periodically if no DAs discovered initially. The following mandatory features for UAs would be dropped due to the proposed revision. - Handling Previous Responder Lists. 5.0 Backward Compatibility SLPv2 may be modified to drop features and remain backwardly compatible with the current specification. Only two things need to occur to guarantee this. First, SLPv2 DAs SHOULD remain backwards compatible with RFC 2608 features. Second, Guttman, Kempf Expires: 18 November 2000 [Page 6] Internet Draft Proposed SLPv2 Revision October 1999 SLPv2 UAs and SAs MUST be prepared to accept NOT IMPLEMENTED errors for the features which are being dropped. The risk of backward compatibility problems is limited because client and server systems (UA and SA pairs) tend to be deployed together to form end-to-end systems. As new UAs and SAs are deployed, they will not attempt to use the deprecated features. 6.0 Security Considerations The modifications described in this memo would not modify the security considerations for SLPv2 [1] except in so far as they suggest the use of mesh-enhanced registration. Those security considerations are discussed elsewhere [7]. 7.0 Acknowledgments Mikael Pahmp (Axis Communications) contributed very helpful comments which started the process of thinking about how to trim down SLPv2. 8.0 References [1] Guttman, E., Perkins, C., Veizades, J., Day, M., "Service Location Protocol, Version 2", RFC 2608, July 1999. [2] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997. [3] Howes, T., "The String Representation of LDAP Search Filters", RFC 2254, December 1997. [4] Meyer, D., "Administratively Scoped IP Multicast", RFC 2365, July 1998. [5] Hanna, S., Patel, B., Shah, M., "Multicast Address Dynamic Client Allocation Protocol (MADCAP)", RFC 2730, December 1999. [6] Kermode, R., "MADCAP Multicast Scope Nesting State Option", , April 2000, A work in progress. [7] Zhao, W., Schulzrinne, H., "Interaction of SLP Directory Agents for Reliability and Scalability", , May 2000, A work in progress. [8] Guttman, E., "Attribute List Extension for the Service Location Protocol", draft-guttman-svrloc-attrlist-ext-02.txt, March 1999, Guttman, Kempf Expires: 18 November 2000 [Page 7] Internet Draft Proposed SLPv2 Revision October 1999 A work in progress. [9] Perkins, C., Guttman, E., "DHCP Options for Service Location Protocol", RFC 2610 June 1999. [10] Kempf, J., Pahmp, M., Holm, R., "SLP Scope and DA Configuration", , December 1999, A work in progress. 9.0 Authors' Contact Information Erik Guttman Network and Security Research Center, Sun Laboratories Sun Microsystems, Inc. Eichhoelzelstr. 7 74915 Waibstadt Germany Phone: +49 172 865 5497 Fax: +49 7263 911 701 Email: Erik.Guttman@Sun.Com James Kempf Network and Security Research Center, Sun Laboratories Sun Microsystems, Inc. 15 Network Circle Menlo Park, CA 94025 USA Phone: +1 650 786 5890 Fax: +1 650 786 6445 Email: James.Kempf@Sun.Com 10. Full Copyright Statement Copyright (C) The Internet Society (2000). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are Guttman, Kempf Expires: 18 November 2000 [Page 8] Internet Draft Proposed SLPv2 Revision October 1999 perpetual and will not be revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE." Guttman, Kempf Expires: 18 November 2000 [Page 9]