RFC1169 - Explaining the role of GOSIP

Network Working Group V. Cerf

Request for Comments: 1169 IAB

K. Mills

NIST

August 1990

EXPlaining the Role of GOSIP

1. Status of this Memo

This informational RFCrepresents the official view of the Internet

Activities Board (IAB), after coordination with the Federal

Networking Council (FNC). This RFCdoes not specify a standard.

Distribution of this memo is unlimited.

Table of Contents

1. Status of this Memo........................................... 1

2. Abstract...................................................... 2

3. IntrodUCtion.................................................. 2

4. Acknowledgements.............................................. 3

5. GOSIP Background.............................................. 3

6. Understanding GOSIP........................................... 4

6.1. Applicability............................................... 4

6.1.1. Procurement Vs. Transition................................ 5

6.1.2. Small Network Add-on Vs. Major Upgrade.................... 5

6.1.3. OSI Incompleteness........................................ 5

6.2. Exclusivity................................................. 5

6.3. Implementation.............................................. 6

6.4. Waivers..................................................... 6

6.5. Enforcement................................................. 7

7. Role of the IETF in Support of OSI............................ 7

8. Role of the Internet Infrastructure Agencies in

Support of OSI................................................ 7

9. Role of the Internet Using Agencies in the

Application of OSI............................................ 7

10. Summary...................................................... 8

11. References................................................... 9

12. Appendix -- To OBTain GOSIP Documents........................ 9

12.1 GOSIP....................................................... 9

12.1.1 GOSIP Version 1........................................... 9

12.1.2 GOSIP Version 2........................................... 10

12.2 NIST Workshop for Implementors of OSI Documents............. 11

12.2.1 SIA, Version 1............................................ 11

12.2.2 SIA, Version 2............................................ 12

12.2.3 WIA (August, 1989)........................................ 13

12.3 GOSIP Users' Guide.......................................... 13

12.4 Addresses/Telephone Numbers................................. 14

13. Security Considerations...................................... 15

14. Authors' Addresses........................................... 15

2. Abstract

The Federal Networking Council (FNC), the Internet Activities Board

(IAB), and the Internet Engineering Task Force (IETF) have a firm

commitment to responsible integration of OSI based upon sound network

planning. This implies that OSI will be added to the Internet

without sacrificing services now available to existing Internet

users, and that a multi-protocol environment will exist in the

Internet for a prolonged period. Planning is underway within the

Internet community to enable integration of OSI, coexistence of OSI

with TCP/IP, and interoperability between OSI and TCP/IP.

The U.S. Government OSI Profile (GOSIP) is a necessary tool for

planning OSI integration. However, as the August 1990 requirement

date for GOSIP compliance approaches, concern remains as to how GOSIP

should be applied to near-term network planning.

The intent of this statement is to help explain the role and

applicability of the GOSIP document, as well as to emphasize the

government's commitment to an integrated interoperable OSI

environment based on responsible planning.

3. Introduction

The Federal Agencies, represented in the Federal Networking Council

(FNC), as well as the Internet community represented by the Internet

Activities Board (IAB), and the Internet Engineering Task Force

(IETF) are fully committed to integrating OSI into the Internet, as

it is recognized that OSI is an international standard networking

protocol suite. The FNC, IAB, and IETF are taking sound technical

steps to integrate OSI in a fashion and on a schedule that assures

current levels of service to users of the existing operational

networks that are a part of the Internet. The large existing

installed base of TCP/IP protocol users, the limited deployment of

commercial OSI products, and the incomplete development of OSI

standards for routing, network management, and Directory services

combine to make an immediate, total transition to a pure OSI

environment in the Internet unrealistic.

In what follows, we present a brief overview of GOSIP and we address

some of the often confusing points about the intent, applicability,

and implementation of GOSIP. We also describe the role of the IETF

regarding the integration of OSI into the Internet. Further, we

discuss the role of Federal Agencies in this process.

4. Acknowledgements

Special thanks are due to Rebecca Nitzan of Sterling and Phill Gross

of CNRI for developing several draft versions of this RFC.

5. GOSIP Background

The Government OSI Profile (GOSIP), published as Federal Information

Processing Standard (FIPS) 146, issued by the National Institute of

Standards and Technology (NIST), specifies the details of an OSI

configuration for use in the Government so that interoperable OSI

products can be procured from commercial vendors. GOSIP is needed

because OSI standards allow many potential options and choices, some

of which are incompatible. GOSIP is based on refinements of OSI

standards. The refinements are agreed to by commercial implementors

and potential users through a series of OSI Implementors Workshops

(OIW) hosted by NIST four times every year since 1983. As OSI

becomes more widely deployed, GOSIP compliance will become

increasingly important.

GOSIP was written by an inter-agency group and continues to evolve

under the guidance of the GOSIP Advanced Requirements Group. The

IETF is represented on the GOSIP Advanced Requirements Group, as are

Federal Government Agencies, including the FNC agencies.

The GOSIP FIPS consists of:

1. An announcement adopting GOSIP as a Federal standard. The

announcement section of the FIPS covers topics such as the

objectives of GOSIP, its applicability, implementation

requirements, and waiver procedures.

2. The technical specification of GOSIP products to be procured.

The technical specification section of GOSIP describes the

details of a subset of OSI protocols. Products implementing

GOSIP are in development by or available from many computer

vendors.

3. Appendices describing the plans for including additional

functionality into future versions of the GOSIP technical

specification.

The first version of GOSIP was published in August 1988 following a

long comment period beginning as early as January 1987. GOSIP was

adopted as FIPS 146 in February 1989 and will become a Federal

procurement requirement in August 1990 [1]. A second version of

GOSIP will become a FIPS in 1990 and will then become a Federal

procurement requirement 18 months later [2]. Along with the second

version of GOSIP, NIST will issue errata associated with GOSIP

Version 1.0.

There is an additional publication called the GOSIP Users' Guide

which provides an expanded explanation of GOSIP including tutorials,

interpretation, integration planning advice, and information on

registration [3]. The GOSIP Users' Guide will be updated and re-

released in coordination with each version of GOSIP. Information

regarding how to obtain GOSIP and related documents is included in

the Appendix to this RFC.

6. Understanding GOSIP

There is a common misunderstanding that GOSIP mandates an immediate,

total transition to the use of OSI protocols in August 1990. Several

factors contribute to this misunderstanding including the summary

nature of the FIPS applicability and implementation sections, trade

press synopses trying to explain a complex subject in simple terms,

and hearsay. The FIPS language will be improved in GOSIP Version

2.0. Additionally, more detailed treatment is given to these issues

in the GOSIP Users' Guide. Below is a summary of the issues.

6.1. Applicability

The motivation behind the creation of the U.S. GOSIP document is to

achieve, in the long term, a common, vendor neutral, interoperable

computer communication capability throughout the U.S. Government.

Agreement on a common configuration of OSI protocols (GOSIP) for

purposes of procurement is intended to aid this objective.

Beginning in August, 1990, federal agencies procuring computer

network products and services must require that those products and

services comply with OSI, where feasible, as specified in GOSIP

Version 1.0. This will insure that all government-procured OSI

products and services meet the same OSI Protocol profile.

If the application for which network services or products are

procured can be supported through GOSIP Version 1.0-compliant

facilities, then it is required that compliant products or services

be procured.

6.1.1. Procurement Vs. Transition

FIPS 146 is a procurement specification. The FIPS mandates the

acquisition of OSI products when agencies require the functionality

supplied by the OSI features specified in GOSIP. GOSIP does not

mandate an immediate, total transition to OSI in August 1990.

6.1.2. Small Network Add-on Vs. Major Upgrade

GOSIP applies most readily to procurement of new networks and major

upgrades to existing networks. "Major upgrade" does not necessarily

mean adding components to an existing non-GOSIP network. For

example, if an agency has an existing network and needs to add

several compatible devices, there is no mandate to retrofit GOSIP

into the entire existing network.

6.1.3. OSI Incompleteness

Many of the OSI protocols are still in the process of being

standardized. The GOSIP 1.0 and 2.0 versions address only

configurations of fully-standardized OSI protocols. As new OSI

standards emerge (e.g., for directory services, network management

and dynamic routing), the GOSIP documents will be revised to

incorporate agreed profiles/configurations. Each GOSIP document

contains appendices describing the status of OSI protocol

standardization and plans for incorporating new functionality into

subsequent GOSIP versions.

6.2. Exclusivity

GOSIP is not exclusive. When an agency implements GOSIP, other

protocols may be procured and used in the same network. This non-

exclusive arrangement will remain for the indefinite future for

several reasons:

1. Agencies, with existing networks, that are planning an OSI

integration will require support for existing protocols and

protocol converters during the integration period.

2. Non-GOSIP protocols may provide some enhanced feature or

improved performance that an agency may find beneficial.

GOSIP is meant to provide for Government-wide interoperability,

but is not meant to do so at the expense of other requirements.

3. GOSIP does not meet every networking requirement of every

agency. In fact, given the pace of technological change in

computing and communications, no single protocol suite is

likely to meet every networking requirement.

6.3. Implementation

Each agency is responsible for planning the integration of OSI into

agency networks. Many factors must be considered, including, but not

limited to:

o the installed network base

o requirements for functionality not yet present in GOSIP

o availability of funds

o future plans for networks in support of agency missions

o requirements for agency and government wide interoperability

o planned additions to OSI functionality in future versions of

GOSIP.

NIST recommends a three step approach to implement the provisions of

GOSIP:

1. develop a clear and definitive policy regarding use of OSI

within an agency

2. develop an appropriate set of plans to implement the policy

3. update and act on the plans as agency networks are acquired

and upgraded.

Agency management has the responsibility to determine applicability

of GOSIP to particular procurements and to evaluate and grant or deny

waivers from GOSIP when GOSIP would otherwise apply. For further

details on these issues see the GOSIP Users' Guide.

6.4. Waivers

Waivers may be granted from the mandated provisions of GOSIP when

adherence to GOSIP would prevent an agency from accomplishing its

mission or when an agency would suffer adverse financial effects that

are not offset by Government-wide savings. Authority to grant such

waivers is delegated to the heads of agencies.

Developing a waiver process should be part of an agency's

implementation planning. No waiver is needed if GOSIP does not

apply. Procedures are outlined in the FIPS and further discussed in

the GOSIP Users' Guide.

6.5. Enforcement

NIST does not have an enforcement responsibility with respect to

GOSIP. Any enforcement that occurs will result from the normal

process of planning, acquiring, and implementing networks within

government agencies.

7. Role of the IETF in Support of OSI

Within the Internet community the IETF, working under the direction

of the IAB, plays a key role in planning for integration of OSI into

the Internet. The IETF will define the technical mechanisms

necessary to accommodate OSI in the Internet and to permit

coexistence and interoperability between OSI and TCP/IP protocols

during the indeterminate period of multi-protocol operation. IETF

activities include, but are not limited to, drafting appropriate

RFCs, creating input to GOSIP, the GOSIP Users' Guide, and the OSI

Implementors Workshop (OIW). The IETF may also recommend to the FNC

experiments to be undertaken to further the integration of OSI into

the Internet. One of the eight areas of work for the IETF is

dedicated to OSI integration. A representative of the IETF is an

official member of the GOSIP Advanced Requirements Group.

8. Role of the Internet Infrastructure Agencies in Support of OSI

Certain of the FNC agencies have a role in providing a significant

part of the communications infrastructure for the Internet, that is,

links, backbone routers, management facilities, and directory

services. For example, the National Science Foundation (NSF), the

National Aeronautics and Space Administration (NASA), the Department

of Energy (DOE) and the Defense Advanced Research Projects Agency

(DARPA) have such a role. These agencies must provide for essential

infrastructure services such as routing of ISO 8473 packets in the

NSFnet backbone, provision of application level gateways enabling

interoperability between TCP/IP and OSI applications, and provision

of OSI directory services.

9. Role of the Internet Using Agencies in the Application of OSI

The FNC agencies using Internet services also have a necessary role

in the integration of OSI. The FNC agencies must identify their

requirements and participate in the IETF and GOSIP groups to ensure

that their needs can be met. The FNC agencies should also plan to

implement OSI within their networks in accordance with the realities

of their technical and management plans, taking cognizance of the

plans for and progress toward implementation of key OSI elements in

the Internet Infrastructure. Each FNC agency should develop an

agency policy on the adoption and use of GOSIP and should initiate

planning for incorporation of GOSIP-compliant products into agency

networks.

10. Summary

The FNC, the IAB, and the IETF have a firm commitment to responsible

integration of OSI protocols into the Internet based upon sound

network planning. A multi-protocol environment will exist in the

Internet for a considerable period of time. As OSI products grow in

number and capability and as more OSI standards are completed, the

role of GOSIP will grow in importance.

To summarize:

o FIPS 146 (GOSIP) is a specification of which OSI protocols are

to be procured for U.S. Government use. GOSIP does not

mandate, or even explicitly address, the issue of protocol

transition.

o As a procurement specification, GOSIP does not apply to existing

installed equipment. It applies to new network procurements and

major upgrades to existing networks. "Major upgrade" does not

necessarily apply to increasing the number of components of

current functionality in existing non-GOSIP networks.

o When GOSIP does apply, it is not exclusionary. That is, other

protocol families can also be procured and used.

o When GOSIP does apply, waivers are allowed in consideration of

specific agency requirements. When GOSIP does not apply, no

waiver is necessary.

o Agencies have the responsibility 1) for agency-wide planning

for GOSIP compliance in their network procurements, 2) for

developing their own waiver process, and 3) for determining

the applicability of GOSIP to any specific procurement.

11. References

[1] "U.S. Government Open Systems Interconnection Profile", U.S.

Federal Information Processing Standards Publication 146, Version

1, August 1988.

[2] "U.S. Government Open Systems Interconnection Profile", U.S.

Federal Information Processing Standards Publication 146-1, Draft

Version 2, April 1989.

[3] Boland, T., "Government Open Systems Interconnection Profile

Users' Guide", NIST Special Publication 500-163, August 1989.

12. Appendix -- To Obtain GOSIP Documents

Below is the information needed to obtain the U.S. GOSIP and NIST/OSI

Implementors Workshop (OIW) documents. All prices are in U.S.

dollars and represent the most up-to-date information available at

this time; for further pricing information and ordering details,

contact the seller (all addresses and telephone numbers are to be

found at the end).

12.1 GOSIP

12.1.1 GOSIP Version 1.

GOSIP Version 1 (Federal Information Processing Standard 146) was

published in August 1988. It becomes mandatory in applicable federal

procurements in August 1990.

NIST POINT OF CONTACT: Jerry Mulvenna

HARDCOPY:

NTIS

Order Number: FIPS PUB 146

Price: $17.00 (paper); $8.00 (microfiche)

ON-LINE:

1. The federal register announcement (FIPS 146) as well as GOSIP are

available through anonymous FTP from nic.ddn.mil (192.67.67.20) as:

o <protocols>gosip-fedreg.txt (ascii)

o <protocols>gosip-fips-draft.txt (ascii)

o <protocols>gosip-v1.txt (ascii)

2. Through anonymous ftp or FTAM (ISODE 5.0, user: ftam,

realstore=unix) from osi3.ncsl.nist.gov (129.6.48.100) as:

o pub/gosip/gosip_v1_fedreg.txt (ascii)

o pub/gosip/fips146_draft.txt (ascii)

o pub/gosip/gosip_v1.txt (ascii)

o pub/gosip/gosip_v1.txt.Z (compressed)

12.1.2 GOSIP Version 2.

GOSIP Version 2 is currently a draft. It has undergone public review

and comment. Comments will be addressed by the GOSIP Advanced

Requirements Committee in May, 1990. Final text is expected to be

available in August, 1990.

NIST POINT OF CONTACT: Jerry Mulvenna

HARDCOPY:

NIST Standards Processing Coordinator (ADP)

ON-LINE:

1. Available through anonymous ftp or FTAM (ISODE 5.0, user: ftam,

realstore=unix) from osi3.ncsl.nist.gov (129.6.48.100) as:

o pub/gosip/gosip_v2_draft.txt (ascii)

o pub/gosip/gosip_v2_draft.txt.Z (compressed)

o pub/gosip/gosip_v2_draft.ps (postscript)

o pub/gosip/gosip_v2_draft.ps.Z (compressed)

2. Available through anonymous ftp from nic.ddn.mil (192.67.67.20)

as:

o <protocols>gosip-v2-draft.doc

12.2 NIST Workshop for Implementors of OSI Documents

The output of the NIST Workshop for Implementors of OSI (OIW) is a

pair of aligned documents, one representing Stable Implementation

Agreements (SIA), the other containing Working Implementation

Agreements (WIA) that have not yet gone into the stable document.

Material is in either one or the other of these documents, but not

both, and the documents have the same index structure.

The SIA is reproduced in its entirety at the beginning of each

calendar year, with an incremented version number. Replacement page

sets are distributed subsequently three times during each year (after

each Workshop), reflecting edits to the stable material. The

replacement pages constitute the next edition of that year's version.

The WIA is reproduced in its entirety after each Workshop (held in

March, June, September and December). OIW attendees automatically

receive the WIA. OIW meeting dates in 1990 are: March 12-16; June

18-22; September 10-14; and December 10-14.

NIST POINTS OF CONTACT:

1. Tim Boland/management information

Chairman, OIW

2. Brenda Gray/administrative information

OIW Registrar

12.2.1 SIA, Version 1.

SIA, Version 1, Edition 1 (Dec, 1987) The SIA, V1E1 is published as

NIST Special Publication 500-150. It is the appropriate version and

edition of the SIA for GOSIP Version 1 (FIPS 146).

HARDCOPY:

1. U.S. Government Printing Office

GPO Stock Number: 003-02838-0

Price: $20.00

2. NTIS

Order Number: PB 88-168331

Price: $31.00 (paper); $8.00 (microfiche)

SIA, Version 1, Edition 3 (August, 1988) The SIA, V1E3 is also

published as NBS Special Publication 500-150 (note the different GPO

Stock Number when ordering).

HARDCOPY:

U.S. Government Printing Office

GPO Stock Number: 003-003-02838-0

Price: $12.00 (paper)

ON-LINE:

1. Available through anonymous ftp or FTAM (ISODE 5.0, user: ftam,

realstore=unix) from from osi3.ncsl.nist.gov (129.6.48.100) as:

o pub/gosip/nist_osiws_sia_v1e3.txt (ascii)

o pub/gosip/nist_osiws_sia_v1e3.txt.Z (compressed)

2. Available through anonymous ftp from nic.ddn.mil (192.67.67.20)

as:

o <protocols>nbsosi-argrements.doc

12.2.2 SIA, Version 2.

SIA, Version 2, Edition 1 (Dec, 1988) The SIA, V2E1 is published as

NBS Special Publication 500-162.

HARDCOPY:

1. U.S. Government Printing Office

GPO Stock Number: 003-003-02921-1

Price: $26.00

2. IEEE Computer Society

ISBN 0-8186-9022-4

Book No. 2022

Price: $75.00 (casebound)

(a subscription service is available from IEEE)

3. NTIS

Order Number: PB 89193312

Price: $53.00 (paper); $8.00 (microfiche)

SIA, Version 2, Editions 2-4 These are available as hardcopy from

NIST staff, subject to staff availability. Contact:

Brenda Gray/administrative information

OIW Registrar

SIA, Version 3, Edition 1 (Dec, 1989) The SIA V3E1 is expected to be

available in the first half of 1990. It may be ordered from the IEEE

Computer Society and the U.S. GPO. Future editions of Version 3 are

expected to be available from NTIS, and possibly GPO and the IEEE

Computer Society.

12.2.3 WIA (August, 1989).

The August, 1989 WIA, published as a NIST Interagency Report (IR-89-

4140) is the most recent copy of the WIA that is available to order.

The December, 1989 WIA document is available from NTIS and the IEEE

Computer Society. The August, 1989 WIA (NIST IR-89-4140) is

available in hardcopy from:

NTIS

Order Number: PB 89235931/AS

Price: $36.95 (paper); $6.95 (microfiche)

12.3 GOSIP Users' Guide

This publication assists federal agencies in planning for and

procuring OSI. It provides tutorial information on OSI protocols as

well as information on OSI registration, GOSIP technical evaluation,

and GOSIP transition strategies.

HARDCOPY:

NTIS

Order Number: PB 90-111212

Price: $23 (paper); $8 (microfiche)

12.4 Addresses/Telephone Numbers

NIST CONTACTS

Tim Boland/management information

Chairman, OIW

Technology, B217

Gaithersburg, MD 20899

(301) 975-3608

boland@ecf.ncsl.nist.gov

Brenda Gray/administrative information

OIW Registrar

Technology, B217

Gaithersburg, MD 20899

(301) 975-3664

Jerry Mulvenna

Technology, B217

Gaithersburg, MD 20899

(301) 975-3631

mulvenna@ecf.ncsl.nist.gov