[rfc-dist] RFC 5713 on Security Threats and Security Requirements for the Access Node Control Protocol (ANCP)

rfc-editor at rfc-editor.org rfc-editor at rfc-editor.org
Thu Jan 14 23:09:32 PST 2010

A new Request for Comments is now available in online RFC libraries.

        RFC 5713

        Title:      Security Threats and Security Requirements 
                    for the Access Node Control Protocol 
        Author:     H. Moustafa, H. Tschofenig,
                    S. De Cnodder
        Status:     Informational
        Date:       January 2010
        Mailbox:    hassnaa.moustafa at orange-ftgroup.com, 
                    Hannes.Tschofenig at gmx.net, 
                    stefaan.de_cnodder at alcatel-lucent.com
        Pages:      18
        Characters: 39600
        Updates/Obsoletes/SeeAlso:   None

        I-D Tag:    draft-ietf-ancp-security-threats-08.txt

        URL:        http://www.rfc-editor.org/rfc/rfc5713.txt

The Access Node Control Protocol (ANCP) aims to communicate Quality
of Service (QoS)-related, service-related, and subscriber-related
configurations and operations between a Network Access Server (NAS)
and an Access Node (e.g., a Digital Subscriber Line Access
Multiplexer (DSLAM)).  The main goal of this protocol is to allow the
NAS to configure, manage, and control access equipment, including the
ability for the Access Nodes to report information to the NAS.

This present document investigates security threats that all ANCP
nodes could encounter.  This document develops a threat model for
ANCP security, with the aim of deciding which security functions are
required.  Based on this, security requirements regarding the Access
Node Control Protocol are defined.  This document is not an Internet 
Standards Track specification; it is published for informational purposes.

This document is a product of the Access Node Control Protocol Working Group of the IETF.

INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.

This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see

For searching the RFC series, see http://www.rfc-editor.org/rfcsearch.html.
For downloading RFCs, see http://www.rfc-editor.org/rfc.html.

Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor at rfc-editor.org.  Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.

The RFC Editor Team
USC/Information Sciences Institute

More information about the rfc-dist mailing list