The IESG has received a request from the Port Control Protocol WG (pcp) to consider the following document: - 'Port Control Protocol (PCP) Authentication Mechanism' <draft-ietf-pcp-authentication-11.txt> as Proposed Standard The IESG plans to make a decision in the next few weeks, and solicits final comments on this action. Please send substantive comments to the ietf@ietf.org mailing lists by 2015-06-29. Exceptionally, comments may be sent to iesg@ietf.org instead. In either case, please retain the beginning of the Subject line to allow automated sorting. Abstract An IPv4 or IPv6 host can use the Port Control Protocol (PCP) to flexibly manage the IP address and port mapping information on Network Address Translators (NATs) or firewalls, to facilitate communication with remote hosts. However, the un-controlled generation or deletion of IP address mappings on such network devices may cause security risks and should be avoided. In some cases the client may need to prove that it is authorized to modify, create or delete PCP mappings. This document describes an in-band authentication mechanism for PCP that can be used in those cases. The Extensible Authentication Protocol (EAP) is used to perform authentication between PCP devices. The file can be obtained via https://datatracker.ietf.org/doc/draft-ietf-pcp-authentication/ IESG discussion can be tracked via https://datatracker.ietf.org/doc/draft-ietf-pcp-authentication/ballot/ No IPR declarations have been submitted directly on this I-D. This document contains a normative reference to an Informational RFC (RFC 5281). This Last Call also requests the addition of RFC 5281 to the Downref registry (https://trac.tools.ietf.org/group/iesg/trac/wiki/DownrefRegistry).
