Network Working Group                                            V. Cerf
Request for Comments:  1169                                          IAB
                                                                K. Mills
                                                                    NIST
                                                             August 1990


                      Explaining the Role of GOSIP

1.  Status of this Memo

   This informational RFC represents the official view of the Internet
   Activities Board (IAB), after coordination with the Federal
   Networking Council (FNC).  This RFC does not specify a standard.

   Distribution of this memo is unlimited.

Table of Contents

   1.  Status of this Memo...........................................  1
   2.  Abstract......................................................  2
   3.  Introduction..................................................  2
   4.  Acknowledgements..............................................  3
   5.  GOSIP Background..............................................  3
   6.  Understanding GOSIP...........................................  4
   6.1.  Applicability...............................................  4
   6.1.1.  Procurement Vs. Transition................................  5
   6.1.2.  Small Network Add-on Vs. Major Upgrade....................  5
   6.1.3.  OSI Incompleteness........................................  5
   6.2.  Exclusivity.................................................  5
   6.3.  Implementation..............................................  6
   6.4.  Waivers.....................................................  6
   6.5.  Enforcement.................................................  7
   7.  Role of the IETF in Support of OSI............................  7
   8.  Role of the Internet Infrastructure Agencies in
       Support of OSI................................................  7
   9.  Role of the Internet Using Agencies in the
       Application of OSI............................................  7
   10.  Summary......................................................  8
   11.  References...................................................  9
   12.  Appendix -- To Obtain GOSIP Documents........................  9
   12.1  GOSIP.......................................................  9
   12.1.1  GOSIP Version 1...........................................  9
   12.1.2  GOSIP Version 2........................................... 10
   12.2  NIST Workshop for Implementors of OSI Documents............. 11
   12.2.1  SIA, Version 1............................................ 11
   12.2.2  SIA, Version 2............................................ 12
   12.2.3  WIA (August, 1989)........................................ 13



Cerf & Mills                                                    [Page 1]


RFC 1169              Explaining the Role of GOSIP           August 1990


   12.3  GOSIP Users' Guide.......................................... 13
   12.4  Addresses/Telephone Numbers................................. 14
   13.  Security Considerations...................................... 15
   14.  Authors' Addresses........................................... 15

2.  Abstract

   The Federal Networking Council (FNC), the Internet Activities Board
   (IAB), and the Internet Engineering Task Force (IETF) have a firm
   commitment to responsible integration of OSI based upon sound network
   planning.  This implies that OSI will be added to the Internet
   without sacrificing services now available to existing Internet
   users, and that a multi-protocol environment will exist in the
   Internet for a prolonged period.  Planning is underway within the
   Internet community to enable integration of OSI, coexistence of OSI
   with TCP/IP, and interoperability between OSI and TCP/IP.

   The U.S. Government OSI Profile (GOSIP) is a necessary tool for
   planning OSI integration.  However, as the August 1990 requirement
   date for GOSIP compliance approaches, concern remains as to how GOSIP
   should be applied to near-term network planning.

   The intent of this statement is to help explain the role and
   applicability of the GOSIP document, as well as to emphasize the
   government's commitment to an integrated interoperable OSI
   environment based on responsible planning.

3.  Introduction

   The Federal Agencies, represented in the Federal Networking Council
   (FNC), as well as the Internet community represented by the Internet
   Activities Board (IAB), and the Internet Engineering Task Force
   (IETF) are fully committed to integrating OSI into the Internet, as
   it is recognized that OSI is an international standard networking
   protocol suite.  The FNC, IAB, and IETF are taking sound technical
   steps to integrate OSI in a fashion and on a schedule that assures
   current levels of service to users of the existing operational
   networks that are a part of the Internet.  The large existing
   installed base of TCP/IP protocol users, the limited deployment of
   commercial OSI products, and the incomplete development of OSI
   standards for routing, network management, and directory services
   combine to make an immediate, total transition to a pure OSI
   environment in the Internet unrealistic.

   In what follows, we present a brief overview of GOSIP and we address
   some of the often confusing points about the intent, applicability,
   and implementation of GOSIP.  We also describe the role of the IETF
   regarding the integration of OSI into the Internet.  Further, we



Cerf & Mills                                                    [Page 2]


RFC 1169              Explaining the Role of GOSIP           August 1990


   discuss the role of Federal Agencies in this process.

4.  Acknowledgements

   Special thanks are due to Rebecca Nitzan of Sterling and Phill Gross
   of CNRI for developing several draft versions of this RFC.

5.  GOSIP Background

   The Government OSI Profile (GOSIP), published as Federal Information
   Processing Standard (FIPS) 146, issued by the National Institute of
   Standards and Technology (NIST), specifies the details of an OSI
   configuration for use in the Government so that interoperable OSI
   products can be procured from commercial vendors.  GOSIP is needed
   because OSI standards allow many potential options and choices, some
   of which are incompatible.  GOSIP is based on refinements of OSI
   standards.  The refinements are agreed to by commercial implementors
   and potential users through a series of OSI Implementors Workshops
   (OIW) hosted by NIST four times every year since 1983.  As OSI
   becomes more widely deployed, GOSIP compliance will become
   increasingly important.

   GOSIP was written by an inter-agency group and continues to evolve
   under the guidance of the GOSIP Advanced Requirements Group.  The
   IETF is represented on the GOSIP Advanced Requirements Group, as are
   Federal Government Agencies, including the FNC agencies.

   The GOSIP FIPS consists of:

      1. An announcement adopting GOSIP as a Federal standard.  The
         announcement section of the FIPS covers topics such as the
         objectives of GOSIP, its applicability, implementation
         requirements, and waiver procedures.

      2. The technical specification of GOSIP products to be procured.
         The technical specification section of GOSIP describes the
         details of a subset of OSI protocols.  Products implementing
         GOSIP are in development by or available from many computer
         vendors.

      3. Appendices describing the plans for including additional
         functionality into future versions of the GOSIP technical
         specification.

   The first version of GOSIP was published in August 1988 following a
   long comment period beginning as early as January 1987.  GOSIP was
   adopted as FIPS 146 in February 1989 and will become a Federal
   procurement requirement in August 1990 [1].  A second version of



Cerf & Mills                                                    [Page 3]


RFC 1169              Explaining the Role of GOSIP           August 1990


   GOSIP will become a FIPS in 1990 and will then become a Federal
   procurement requirement 18 months later [2].  Along with the second
   version of GOSIP, NIST will issue errata associated with GOSIP
   Version 1.0.

   There is an additional publication called the GOSIP Users' Guide
   which provides an expanded explanation of GOSIP including tutorials,
   interpretation, integration planning advice, and information on
   registration [3].  The GOSIP Users' Guide will be updated and re-
   released in coordination with each version of GOSIP.  Information
   regarding how to obtain GOSIP and related documents is included in
   the Appendix to this RFC.

6.  Understanding GOSIP

   There is a common misunderstanding that GOSIP mandates an immediate,
   total transition to the use of OSI protocols in August 1990.  Several
   factors contribute to this misunderstanding including the summary
   nature of the FIPS applicability and implementation sections, trade
   press synopses trying to explain a complex subject in simple terms,
   and hearsay.  The FIPS language will be improved in GOSIP Version
   2.0.  Additionally, more detailed treatment is given to these issues
   in the GOSIP Users' Guide.  Below is a summary of the issues.

6.1.  Applicability

   The motivation behind the creation of the U.S. GOSIP document is to
   achieve, in the long term, a common, vendor neutral, interoperable
   computer communication capability throughout the U.S. Government.
   Agreement on a common configuration of OSI protocols (GOSIP) for
   purposes of procurement is intended to aid this objective.

   Beginning in August, 1990, federal agencies procuring computer
   network products and services must require that those products and
   services comply with OSI, where feasible, as specified in GOSIP
   Version 1.0.  This will insure that all government-procured OSI
   products and services meet the same OSI Protocol profile.

   If the application for which network services or products are
   procured can be supported through GOSIP Version 1.0-compliant
   facilities, then it is required that compliant products or services
   be procured.









Cerf & Mills                                                    [Page 4]


RFC 1169              Explaining the Role of GOSIP           August 1990


6.1.1.  Procurement Vs. Transition

   FIPS 146 is a procurement specification.  The FIPS mandates the
   acquisition of OSI products when agencies require the functionality
   supplied by the OSI features specified in GOSIP.  GOSIP does not
   mandate an immediate, total transition to OSI in August 1990.

6.1.2.  Small Network Add-on Vs. Major Upgrade

   GOSIP applies most readily to procurement of new networks and major
   upgrades to existing networks.  "Major upgrade" does not necessarily
   mean adding components to an existing non-GOSIP network.  For
   example, if an agency has an existing network and needs to add
   several compatible devices, there is no mandate to retrofit GOSIP
   into the entire existing network.

6.1.3.  OSI Incompleteness

   Many of the OSI protocols are still in the process of being
   standardized.  The GOSIP 1.0 and 2.0 versions address only
   configurations of fully-standardized OSI protocols.  As new OSI
   standards emerge (e.g., for directory services, network management
   and dynamic routing), the GOSIP documents will be revised to
   incorporate agreed profiles/configurations.  Each GOSIP document
   contains appendices describing the status of OSI protocol
   standardization and plans for incorporating new functionality into
   subsequent GOSIP versions.

6.2.  Exclusivity

   GOSIP is not exclusive.  When an agency implements GOSIP, other
   protocols may be procured and used in the same network.  This non-
   exclusive arrangement will remain for the indefinite future for
   several reasons:

      1. Agencies, with existing networks, that are planning an OSI
         integration will require support for existing protocols and
         protocol converters during the integration period.

      2. Non-GOSIP protocols may provide some enhanced feature or
         improved performance that an agency may find beneficial.
         GOSIP is meant to provide for Government-wide interoperability,
         but is not meant to do so at the expense of other requirements.

      3. GOSIP does not meet every networking requirement of every
         agency.  In fact, given the pace of technological change in
         computing and communications, no single protocol suite is
         likely to meet every networking requirement.



Cerf & Mills                                                    [Page 5]


RFC 1169              Explaining the Role of GOSIP           August 1990


6.3.  Implementation

   Each agency is responsible for planning the integration of OSI into
   agency networks.  Many factors must be considered, including, but not
   limited to:

      o the installed network base

      o requirements for functionality not yet present in GOSIP

      o availability of funds

      o future plans for networks in support of agency missions

      o requirements for agency and government wide interoperability

      o planned additions to OSI functionality in future versions of
        GOSIP.

   NIST recommends a three step approach to implement the provisions of
   GOSIP:

      1. develop a clear and definitive policy regarding use of OSI
         within an agency

      2. develop an appropriate set of plans to implement the policy

      3. update and act on the plans as agency networks are acquired
         and upgraded.

   Agency management has the responsibility to determine applicability
   of GOSIP to particular procurements and to evaluate and grant or deny
   waivers from GOSIP when GOSIP would otherwise apply.  For further
   details on these issues see the GOSIP Users' Guide.

6.4.  Waivers

   Waivers may be granted from the mandated provisions of GOSIP when
   adherence to GOSIP would prevent an agency from accomplishing its
   mission or when an agency would suffer adverse financial effects that
   are not offset by Government-wide savings.  Authority to grant such
   waivers is delegated to the heads of agencies.

   Developing a waiver process should be part of an agency's
   implementation planning.  No waiver is needed if GOSIP does not
   apply.  Procedures are outlined in the FIPS and further discussed in
   the GOSIP Users' Guide.




Cerf & Mills                                                    [Page 6]


RFC 1169              Explaining the Role of GOSIP           August 1990


6.5.  Enforcement

   NIST does not have an enforcement responsibility with respect to
   GOSIP.  Any enforcement that occurs will result from the normal
   process of planning, acquiring, and implementing networks within
   government agencies.

7.  Role of the IETF in Support of OSI

   Within the Internet community the IETF, working under the direction
   of the IAB, plays a key role in planning for integration of OSI into
   the Internet.  The IETF will define the technical mechanisms
   necessary to accommodate OSI in the Internet and to permit
   coexistence and interoperability between OSI and TCP/IP protocols
   during the indeterminate period of multi-protocol operation.  IETF
   activities include, but are not limited to, drafting appropriate
   RFCs, creating input to GOSIP, the GOSIP Users' Guide, and the OSI
   Implementors Workshop (OIW).  The IETF may also recommend to the FNC
   experiments to be undertaken to further the integration of OSI into
   the Internet.  One of the eight areas of work for the IETF is
   dedicated to OSI integration.  A representative of the IETF is an
   official member of the GOSIP Advanced Requirements Group.

8.  Role of the Internet Infrastructure Agencies in Support of OSI

   Certain of the FNC agencies have a role in providing a significant
   part of the communications infrastructure for the Internet, that is,
   links, backbone routers, management facilities, and directory
   services.  For example, the National Science Foundation (NSF), the
   National Aeronautics and Space Administration (NASA), the Department
   of Energy (DOE) and the Defense Advanced Research Projects Agency
   (DARPA) have such a role.  These agencies must provide for essential
   infrastructure services such as routing of ISO 8473 packets in the
   NSFnet backbone, provision of application level gateways enabling
   interoperability between TCP/IP and OSI applications, and provision
   of OSI directory services.

9.  Role of the Internet Using Agencies in the Application of OSI

   The FNC agencies using Internet services also have a necessary role
   in the integration of OSI.  The FNC agencies must identify their
   requirements and participate in the IETF and GOSIP groups to ensure
   that their needs can be met.  The FNC agencies should also plan to
   implement OSI within their networks in accordance with the realities
   of their technical and management plans, taking cognizance of the
   plans for and progress toward implementation of key OSI elements in
   the Internet Infrastructure.  Each FNC agency should develop an
   agency policy on the adoption and use of GOSIP and should initiate



Cerf & Mills                                                    [Page 7]


RFC 1169              Explaining the Role of GOSIP           August 1990


   planning for incorporation of GOSIP-compliant products into agency
   networks.

10.  Summary

   The FNC, the IAB, and the IETF have a firm commitment to responsible
   integration of OSI protocols into the Internet based upon sound
   network planning.  A multi-protocol environment will exist in the
   Internet for a considerable period of time.  As OSI products grow in
   number and capability and as more OSI standards are completed, the
   role of GOSIP will grow in importance.

   To summarize:

      o FIPS 146 (GOSIP) is a specification of which OSI protocols are
        to be procured for U.S. Government use.  GOSIP does not
        mandate, or even explicitly address, the issue of protocol
        transition.

      o As a procurement specification, GOSIP does not apply to existing
        installed equipment.  It applies to new network procurements and
        major upgrades to existing networks.  "Major upgrade" does not
        necessarily apply to increasing the number of components of
        current functionality in existing non-GOSIP networks.

      o When GOSIP does apply, it is not exclusionary.  That is, other
        protocol families can also be procured and used.

      o When GOSIP does apply, waivers are allowed in consideration of
        specific agency requirements.  When GOSIP does not apply, no
        waiver is necessary.

      o Agencies have the responsibility 1) for agency-wide planning
        for GOSIP compliance in their network procurements, 2) for
        developing their own waiver process, and 3) for determining
        the applicability of GOSIP to any specific procurement.















Cerf & Mills                                                    [Page 8]


RFC 1169              Explaining the Role of GOSIP           August 1990


11.  References

   [1] "U.S. Government Open Systems Interconnection Profile", U.S.
       Federal Information Processing Standards Publication 146, Version
       1, August 1988.

   [2] "U.S. Government Open Systems Interconnection Profile", U.S.
       Federal Information Processing Standards Publication 146-1, Draft
       Version 2, April 1989.

   [3] Boland, T., "Government Open Systems Interconnection Profile
       Users' Guide", NIST Special Publication 500-163, August 1989.

12.  Appendix -- To Obtain GOSIP Documents

   Below is the information needed to obtain the U.S. GOSIP and NIST/OSI
   Implementors Workshop (OIW) documents.  All prices are in U.S.
   dollars and represent the most up-to-date information available at
   this time; for further pricing information and ordering details,
   contact the seller (all addresses and telephone numbers are to be
   found at the end).

12.1  GOSIP

12.1.1  GOSIP Version 1.

   GOSIP Version 1 (Federal Information Processing Standard 146) was
   published in August 1988.  It becomes mandatory in applicable federal
   procurements in August 1990.

   NIST POINT OF CONTACT: Jerry Mulvenna

   HARDCOPY:

         NTIS
         Order Number:  FIPS PUB 146
         Price:  $17.00 (paper); $8.00 (microfiche)














Cerf & Mills                                                    [Page 9]


RFC 1169              Explaining the Role of GOSIP           August 1990


   ON-LINE:

   1. The federal register announcement (FIPS 146) as well as GOSIP are
   available through anonymous ftp from nic.ddn.mil (192.67.67.20) as:

             o <protocols>gosip-fedreg.txt (ascii)

             o <protocols>gosip-fips-draft.txt (ascii)

             o <protocols>gosip-v1.txt (ascii)

   2. Through anonymous ftp or FTAM (ISODE 5.0, user:  ftam,
   realstore=unix) from osi3.ncsl.nist.gov (129.6.48.100) as:

             o pub/gosip/gosip_v1_fedreg.txt (ascii)

             o pub/gosip/fips146_draft.txt (ascii)

             o pub/gosip/gosip_v1.txt (ascii)

             o pub/gosip/gosip_v1.txt.Z (compressed)

12.1.2  GOSIP Version 2.

   GOSIP Version 2 is currently a draft.  It has undergone public review
   and comment.  Comments will be addressed by the GOSIP Advanced
   Requirements Committee in May, 1990.  Final text is expected to be
   available in August, 1990.

   NIST POINT OF CONTACT: Jerry Mulvenna

   HARDCOPY:

         NIST Standards Processing Coordinator (ADP)

   ON-LINE:

   1. Available through anonymous ftp or FTAM (ISODE 5.0, user:  ftam,
   realstore=unix) from osi3.ncsl.nist.gov (129.6.48.100) as:

             o pub/gosip/gosip_v2_draft.txt (ascii)

             o pub/gosip/gosip_v2_draft.txt.Z (compressed)

             o pub/gosip/gosip_v2_draft.ps (postscript)

             o pub/gosip/gosip_v2_draft.ps.Z (compressed)




Cerf & Mills                                                   [Page 10]


RFC 1169              Explaining the Role of GOSIP           August 1990


   2. Available through anonymous ftp from nic.ddn.mil (192.67.67.20)
   as:

             o <protocols>gosip-v2-draft.doc

12.2  NIST Workshop for Implementors of OSI Documents

   The output of the NIST Workshop for Implementors of OSI (OIW) is a
   pair of aligned documents, one representing Stable Implementation
   Agreements (SIA), the other containing Working Implementation
   Agreements (WIA) that have not yet gone into the stable document.
   Material is in either one or the other of these documents, but not
   both, and the documents have the same index structure.

   The SIA is reproduced in its entirety at the beginning of each
   calendar year, with an incremented version number.  Replacement page
   sets are distributed subsequently three times during each year (after
   each Workshop), reflecting edits to the stable material.  The
   replacement pages constitute the next edition of that year's version.

   The WIA is reproduced in its entirety after each Workshop (held in
   March, June, September and December).  OIW attendees automatically
   receive the WIA.  OIW meeting dates in 1990 are:  March 12-16; June
   18-22; September 10-14; and December 10-14.

   NIST POINTS OF CONTACT:

         1. Tim Boland/management information
            Chairman, OIW

         2. Brenda Gray/administrative information
            OIW Registrar

12.2.1  SIA, Version 1.

   SIA, Version 1, Edition 1 (Dec, 1987)  The SIA, V1E1 is published as
   NIST Special Publication 500-150.  It is the appropriate version and
   edition of the SIA for GOSIP Version 1 (FIPS 146).

   HARDCOPY:

         1. U.S. Government Printing Office
            GPO Stock Number:  003-02838-0
            Price:  $20.00







Cerf & Mills                                                   [Page 11]


RFC 1169              Explaining the Role of GOSIP           August 1990


         2. NTIS
            Order Number:  PB 88-168331
            Price:  $31.00 (paper); $8.00 (microfiche)

   SIA, Version 1, Edition 3 (August, 1988)  The SIA, V1E3 is also
   published as NBS Special Publication 500-150 (note the different GPO
   Stock Number when ordering).

   HARDCOPY:

         U.S. Government Printing Office
         GPO Stock Number:  003-003-02838-0
         Price:  $12.00 (paper)

   ON-LINE:

   1. Available through anonymous ftp or FTAM (ISODE 5.0, user:  ftam,
   realstore=unix) from from osi3.ncsl.nist.gov (129.6.48.100) as:

             o pub/gosip/nist_osiws_sia_v1e3.txt (ascii)

             o pub/gosip/nist_osiws_sia_v1e3.txt.Z (compressed)

   2. Available through anonymous ftp from nic.ddn.mil (192.67.67.20)
   as:

             o <protocols>nbsosi-argrements.doc

12.2.2  SIA, Version 2.

   SIA, Version 2, Edition 1 (Dec, 1988)  The SIA, V2E1 is published as
   NBS Special Publication 500-162.

   HARDCOPY:

         1. U.S. Government Printing Office
            GPO Stock Number:  003-003-02921-1
            Price:  $26.00

         2. IEEE Computer Society
            ISBN 0-8186-9022-4
            Book No.  2022
            Price:  $75.00 (casebound)
            (a subscription service is available from IEEE)

         3. NTIS
            Order Number:  PB 89193312
            Price:  $53.00 (paper); $8.00 (microfiche)



Cerf & Mills                                                   [Page 12]


RFC 1169              Explaining the Role of GOSIP           August 1990


   SIA, Version 2, Editions 2-4  These are available as hardcopy from
   NIST staff, subject to staff availability.  Contact:

        Brenda Gray/administrative information
        OIW Registrar

   SIA, Version 3, Edition 1 (Dec, 1989)  The SIA V3E1 is expected to be
   available in the first half of 1990.  It may be ordered from the IEEE
   Computer Society and the U.S. GPO.  Future editions of Version 3 are
   expected to be available from NTIS, and possibly GPO and the IEEE
   Computer Society.

12.2.3  WIA (August, 1989).

   The August, 1989 WIA, published as a NIST Interagency Report (IR-89-
   4140) is the most recent copy of the WIA that is available to order.
   The December, 1989 WIA document is available from NTIS and the IEEE
   Computer Society.  The August, 1989 WIA (NIST IR-89-4140) is
   available in hardcopy from:

         NTIS
         Order Number:  PB 89235931/AS
         Price:  $36.95 (paper); $6.95 (microfiche)

12.3  GOSIP Users' Guide

   This publication assists federal agencies in planning for and
   procuring OSI.  It provides tutorial information on OSI protocols as
   well as information on OSI registration, GOSIP technical evaluation,
   and GOSIP transition strategies.

   HARDCOPY:

         NTIS
         Order Number:  PB 90-111212
         Price:  $23 (paper); $8 (microfiche)















Cerf & Mills                                                   [Page 13]


RFC 1169              Explaining the Role of GOSIP           August 1990


12.4  Addresses/Telephone Numbers

   NIST CONTACTS

           Tim Boland/management information
           Chairman, OIW
           Technology, B217
           Gaithersburg, MD 20899
           (301) 975-3608
           boland@ecf.ncsl.nist.gov

           Brenda Gray/administrative information
           OIW Registrar
           Technology, B217
           Gaithersburg, MD 20899
           (301) 975-3664

           Jerry Mulvenna
           Technology, B217
           Gaithersburg, MD 20899
           (301) 975-3631
           mulvenna@ecf.ncsl.nist.gov

   OTHER SOURCES OF DOCUMENTS

           National Technical Information Service (NTIS)
           U.S. Department of Commerce
           5285 Port Royal Road
           Springfield, VA 22161
           (703)487-4650

           IEEE Computer Society
           Order Department
           10662 Los Vaqueros Circle
           Los Alamitos, CA 90720
           1-800-272-6657

           U.S. Government Printing Office
           Washington, DC 20402
           (202) 783-3238

           Standards Processing Coordinator (ADP)
           National Institute of Standards and Technology
           Technology Building, Room B-64
           Gaithersburg, MD 20899
           (301) 975-2816





Cerf & Mills                                                   [Page 14]


RFC 1169              Explaining the Role of GOSIP           August 1990


13.  Security Considerations

   Security issues are not discussed in this memo.

14.  Authors' Addresses

   Vinton G. Cerf
   Chairman, IAB
   Corporation for National Research Initiatives
   1895 Preston White Drive, Suite 100
   Reston, VA 22091

   Phone: (703) 620-8990

   EMail: vcerf@nri.reston.va.us


   Kevin L. Mills
   National Institute of Standards and Technology
   Building 225, Room B217
   Gaithersburg, MD 20899

   Phone:  (301) 975-3618

   EMail: MILLS@ECF.NCSL.NIST.GOV


























Cerf & Mills                                                   [Page 15]