This document provides for the encryption of RPC requests
and replies, using opportunistic transport-layer security.
In addition, it provides facilities that can be used to
authenticate the client, in order to avoid situations in which
unauthenticated requests issued by unauthenticated clients can
be executed by RPC servers.
Working Group Summary.
The working group was quite supportive of this work, including
many who developed prototype implementations. While this work
often indicated the need for clarification or other updates to
the evolving draft, there was no occasions on which contention
This document is of high quality. Beyond the normal level of
working group review, it has benefited the discovery of issues
exposed by work on protoype implementations. In addition,
because of the importance of this work and the fact that the
authors were not expert in security matters, some early reviews
by the Security Area Directorate were scheduled during the
early development of this document during 2019. Alan DeKok and
Derrel Piper provided the requested reviews. While these reviews,
somewhat unsuprisingly, showed that there were issues to address,
these issues have been addressed, contributing to the document's
high level of quality.
David Noveck is the document shepherd. Magnus Westerlund is
the responsible area director