



NETCONF                                                      R. Gagliano
Internet-Draft                                             Cisco Systems
Intended status: Standards Track                              K. Larsson
Expires: 18 September 2026                           Deutsche Telekom AG
                                                             J. Lindblad
                                                             All For Eco
                                                           17 March 2026


          RESTCONF Extension to Support Trace Context Headers
            draft-ietf-netconf-restconf-trace-ctx-headers-08

Abstract

   This document defines an extension to the RESTCONF protocol in order
   to support Trace Context propagation as defined by the W3C.

About This Document

   This note is to be removed before publishing as an RFC.

   The latest revision of this draft can be found at https://github.com/
   netconf-wg/restconf-trace-ctx-headers/blob/gh-pages/draft-ietf-
   netconf-restconf-trace-ctx-headers.txt.  Status information for this
   document may be found at https://datatracker.ietf.org/doc/draft-ietf-
   netconf-restconf-trace-ctx-headers/.

   Discussion of this document takes place on the NETCONF Working Group
   mailing list (mailto:netconf@ietf.org), which is archived at
   https://mailarchive.ietf.org/arch/browse/netconf/.  Subscribe at
   https://www.ietf.org/mailman/listinfo/netconf/.

   Source for this draft and an issue tracker can be found at
   https://github.com/https://github.com/netconf-wg/restconf-trace-ctx-
   headers.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at https://datatracker.ietf.org/drafts/current/.






Gagliano, et al.        Expires 18 September 2026               [Page 1]

Internet-Draft       RESTCONF Trace Context Headers           March 2026


   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on 18 September 2026.

Copyright Notice

   Copyright (c) 2026 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents (https://trustee.ietf.org/
   license-info) in effect on the date of publication of this document.
   Please review these documents carefully, as they describe your rights
   and restrictions with respect to this document.  Code Components
   extracted from this document must include Revised BSD License text as
   described in Section 4.e of the Trust Legal Provisions and are
   provided without warranty as described in the Revised BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   3
     1.1.  Terminology . . . . . . . . . . . . . . . . . . . . . . .   3
   2.  RESTCONF Extensions . . . . . . . . . . . . . . . . . . . . .   3
     2.1.  Error Handling  . . . . . . . . . . . . . . . . . . . . .   4
     2.2.  Trace Context Header Versioning . . . . . . . . . . . . .   4
   3.  Security Considerations . . . . . . . . . . . . . . . . . . .   4
   4.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   5
   5.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .   5
   6.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   5
     6.1.  Normative References  . . . . . . . . . . . . . . . . . .   5
     6.2.  Informative References  . . . . . . . . . . . . . . . . .   6
   Appendix A.  Example RESTCONF Calls . . . . . . . . . . . . . . .   6
     A.1.  Successful creation of New Data Resources (from
           Appendix B.2.1 of RFC8040)  . . . . . . . . . . . . . . .   6
     A.2.  Unsuccessful creation of New Data Resources (from
           Appendix B.2.1 of RFC8040)  . . . . . . . . . . . . . . .   7
   Appendix B.  Changes (to be deleted by RFC Editor)  . . . . . . .   8
     B.1.  From version 07 to 08 . . . . . . . . . . . . . . . . . .   8
     B.2.  From version 06 to 07 . . . . . . . . . . . . . . . . . .   8
     B.3.  From version 05 to 06 . . . . . . . . . . . . . . . . . .   9
     B.4.  From version 04 to 05 . . . . . . . . . . . . . . . . . .   9
     B.5.  From version 03 to 04 . . . . . . . . . . . . . . . . . .   9
     B.6.  From version 02 to 03 . . . . . . . . . . . . . . . . . .   9
     B.7.  From version 01 to 02 . . . . . . . . . . . . . . . . . .   9
     B.8.  From version 00 to -01  . . . . . . . . . . . . . . . . .  10



Gagliano, et al.        Expires 18 September 2026               [Page 2]

Internet-Draft       RESTCONF Trace Context Headers           March 2026


     B.9.  From version 00 to
           draft-ietf-netconf-restconf-trace-ctx-headers-00  . . . .  10
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  10

1.  Introduction

   Network automation and management systems commonly consist of
   multiple sub-systems and, together with the network devices they
   manage, they effectively form a distributed system.  Distributed
   tracing is a methodology implemented by tracing tools to track,
   analyze and debug operations such as configuration transactions,
   across multiple distributed systems.

   The W3C has defined two HTTP headers (traceparent and tracestate) in
   [W3C-Trace-Context] for context propagation that are useful for
   distributed systems like the ones defined in section 4 of [RFC8309].
   While the traceparent header is portable and mandatory, the
   tracestate header is optional and meant to transport vendor-specific
   data presented by a set of key/value pairs.

   According to the W3C specification, each operation is uniquely
   identified by a "trace-id" field, and carries multiple metadata
   fields about the operation.  Propagating this Trace Context between
   systems provides a coherent view of the entire operation as carried
   out by all involved systems.

   In [I-D.draft-ietf-netconf-trace-ctx-extension], the NETCONF protocol
   extension is defined and we will re-use several of the YANG and XML
   objects defined in that document for RESTCONF.  Please refer to that
   document for additional context and example applications.

1.1.  Terminology

   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
   NOT","SHOULD","SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY",
   and "OPTIONAL" in this document are to be interpreted as described in
   BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all
   capitals, as shown here.

2.  RESTCONF Extensions

   A RESTCONF server that implements the Trace Context propagation
   mechanism defined in this document MUST support the Trace Context
   traceparent header as defined in [W3C-Trace-Context].

   A RESTCONF server MAY support the Trace Context tracestate header as
   defined in [W3C-Trace-Context].




Gagliano, et al.        Expires 18 September 2026               [Page 3]

Internet-Draft       RESTCONF Trace Context Headers           March 2026


   When interacting with these headers, the RESTCONF server follow the
   specifications of section 2.3 in [W3C-Trace-Context].  A detailed
   processing model example is also provided in the document.

2.1.  Error Handling

   It is NOT RECOMMENDED to reject an RPC because of the Trace Context
   header values.

   If a server decides to reject an RPC because of the Trace Context
   header values, the server MUST return a RESTCONF rpc-error with the
   following values:

     error-tag:      operation-failed
     error-type:     protocol
     error-severity: error

   Additionally, the error-info tag SHOULD contain a relevant details
   about the error.

   Finally, the sx:structure defined in
   [I-D.draft-ietf-netconf-trace-ctx-extension] SHOULD be present in any
   error message from the server.

2.2.  Trace Context Header Versioning

   The RESTCONF protocol extension described in this document refers to
   the [W3C-Trace-Context] Trace Context capability.  The W3C
   traceparent and tracestate headers include the notion of versions.
   It would be desirable for a RESTCONF client to be able to discover
   the one or multiple versions of these headers supported by a server.

   [I-D.draft-ietf-netconf-trace-ctx-extension] defines a pair YANG
   modules that SHOULD be included in the YANG library per [RFC8525] of
   the RESTCONF server supporting the RESTCONF Trace Context extension
   that will refer to the headers' supported versions.

3.  Security Considerations

   The related document [I-D.draft-ietf-netconf-trace-ctx-extension]
   defines two YANG modules that are used when implementing the Trace
   Context concept, regardless of YANG-based protocol.  These modules
   are completely empty, and therefore have very limited security
   considerations.  Their purpose is only to indicate which Trace
   Context header versions the server supports using YANG Library
   [RFC8525].





Gagliano, et al.        Expires 18 September 2026               [Page 4]

Internet-Draft       RESTCONF Trace Context Headers           March 2026


   The traceparent and tracestate headers make it easier to track and
   correlate the flow of requests and their downstream effect on other
   systems.  This is indeed the whole point with these headers.  This
   knowledge may be used by unauthorized entities to infer a map of a
   managed network.

   All advice mentioned in the [W3C-Trace-Context] under the Privacy
   Considerations and Security Considerations also apply to this
   document.

   The RESTCONF protocol has to (1) use a secure transport layer (e.g.,
   TLS [RFC8446] and QUIC [RFC9000]) and (2) has to use mutual
   authentication.

4.  IANA Considerations

   This document has no IANA actions.

5.  Acknowledgments

   The authors would like to acknowledge the valuable implementation
   feedback from Christian Rennerskog and Per Andersson.  Many thanks to
   Raul Rivas Felix, Alexander Stoklasa, Luca Relandini and Erwin
   Vrolijk for their help with the demos regarding integrations.  The
   help and support from Med Boucadair, Jean Quilbeuf and Benoît Claise
   has also been invaluable to this work.

6.  References

6.1.  Normative References

   [I-D.draft-ietf-netconf-trace-ctx-extension]
              Gagliano, R., Larsson, K., and J. Lindblad, "NETCONF
              Extension to support Trace Context propagation", Work in
              Progress, Internet-Draft, draft-ietf-netconf-trace-ctx-
              extension-05, 19 October 2025,
              <https://datatracker.ietf.org/doc/html/draft-ietf-netconf-
              trace-ctx-extension-05>.

   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
              Requirement Levels", BCP 14, RFC 2119,
              DOI 10.17487/RFC2119, March 1997,
              <https://www.rfc-editor.org/rfc/rfc2119>.

   [RFC8040]  Bierman, A., Bjorklund, M., and K. Watsen, "RESTCONF
              Protocol", RFC 8040, DOI 10.17487/RFC8040, January 2017,
              <https://www.rfc-editor.org/rfc/rfc8040>.




Gagliano, et al.        Expires 18 September 2026               [Page 5]

Internet-Draft       RESTCONF Trace Context Headers           March 2026


   [RFC8174]  Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
              2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
              May 2017, <https://www.rfc-editor.org/rfc/rfc8174>.

   [RFC8446]  Rescorla, E., "The Transport Layer Security (TLS) Protocol
              Version 1.3", RFC 8446, DOI 10.17487/RFC8446, August 2018,
              <https://www.rfc-editor.org/rfc/rfc8446>.

   [RFC8525]  Bierman, A., Bjorklund, M., Schoenwaelder, J., Watsen, K.,
              and R. Wilton, "YANG Library", RFC 8525,
              DOI 10.17487/RFC8525, March 2019,
              <https://www.rfc-editor.org/rfc/rfc8525>.

   [RFC9000]  Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based
              Multiplexed and Secure Transport", RFC 9000,
              DOI 10.17487/RFC9000, May 2021,
              <https://www.rfc-editor.org/rfc/rfc9000>.

   [W3C-Trace-Context]
              "W3C Recommendation on Trace Context", 23 November 2021,
              <https://www.w3.org/TR/2021/REC-trace-context-
              1-20211123/>.

6.2.  Informative References

   [RFC8309]  Wu, Q., Liu, W., and A. Farrel, "Service Models
              Explained", RFC 8309, DOI 10.17487/RFC8309, January 2018,
              <https://www.rfc-editor.org/rfc/rfc8309>.

Appendix A.  Example RESTCONF Calls

   All examples from Appendix B of [RFC8040] could be recreated in this
   section by adding the new header described in this document.  We
   selected one example from that document as reference.

A.1.  Successful creation of New Data Resources (from Appendix B.2.1 of
      [RFC8040])

   To create a new "artist" resource within the "library" resource, a
   client might send the following request:











Gagliano, et al.        Expires 18 September 2026               [Page 6]

Internet-Draft       RESTCONF Trace Context Headers           March 2026


    POST /restconf/data/example-jukebox:jukebox/library HTTP/1.1
    Host: example.com
    Content-Type: application/yang-data+json
    traceparent: 00-405062f633be64ee006089dfca95a153-e021f9e263aad8e2-01
    tracestate: vendorname1=opaqueValue1,vendorname2=opaqueValue2

    {
      "example-jukebox:artist" : [
        {
          "name" : "Foo Fighters"
        }
      ]
    }

   If the resource is created, the server might respond as follows:

    HTTP/1.1 201 Created
    Date: Thu, 26 Jan 2017 20:56:30 GMT
    Server: example-server
    Location: https://example.com/restconf/data/\
        example-jukebox:jukebox/library/artist=Foo%20Fighters
    Last-Modified: Thu, 26 Jan 2017 20:56:30 GMT
    ETag: "b3830f23a4c"
    traceparent: 00-405062f633be64ee006089dfca95a153-e021f9e263aad8e2-01
    tracestate: vendorname1=opaqueValue1,vendorname2=opaqueValue2

A.2.  Unsuccessful creation of New Data Resources (from Appendix B.2.1
      of [RFC8040])

   [W3C-Trace-Context] specifies that a vendor MAY validate the
   tracestate header and the processing rules SHOULD be followed.

   Example of a badly formated tracestate header using [RFC8040] example
   (Appendix B.2.1), in which a server receives a higher traceparent
   version 03:
















Gagliano, et al.        Expires 18 September 2026               [Page 7]

Internet-Draft       RESTCONF Trace Context Headers           March 2026


    POST /restconf/data/example-jukebox:jukebox/library HTTP/1.1
    Host: example.com
    Content-Type: application/yang-data+json
    traceparent: 03-405062f633be64ee006089dfca95a153-e021f9e263aad8e2-01
    tracestate: SomeBadFormatHere

    {
      "example-jukebox:artist" : [
        {
          "name" : "Foo Fighters"
        }
      ]
    }

   In this case, the server cannot parse the traceparent header and the
   response would be:

    HTTP/1.1 201 Created
    Date: Thu, 26 Jan 2017 20:56:30 GMT
    Server: example-server
    Location: https://example.com/restconf/data/\
        example-jukebox:jukebox/library/artist=Foo%20Fighters
    Last-Modified: Thu, 26 Jan 2017 20:56:30 GMT
    ETag: "b3830f23a4c"
    traceparent: 00-4bf92f3577b34da6a3ce929d0e0e4736-00f067aa0ba902b7-00

   Note that the API call was succesful but the traceparent header is
   new with its trace-flags set to 0 and the tracestate header was
   deleted.

Appendix B.  Changes (to be deleted by RFC Editor)

B.1.  From version 07 to 08

   *  Improved Error-handling example to show the most common scenario
      based on W3C standard.

   *  Uplifting dates

   *  Serveral edits based on OpsDir comments

   *  Security considerations for Quic and Mutual Authentication

B.2.  From version 06 to 07

   *  More missing edits, uplifting dates





Gagliano, et al.        Expires 18 September 2026               [Page 8]

Internet-Draft       RESTCONF Trace Context Headers           March 2026


B.3.  From version 05 to 06

   *  More missing edits

B.4.  From version 04 to 05

   *  Removed unused references and terminology

B.5.  From version 03 to 04

   *  Abbreviation change

   *  "ietf-trace-contex:trace-context-error-info" should have been a
      container in example

B.6.  From version 02 to 03

   *  Added abbreviations to terminology

   *  error messages are SHOULD to align with W3C handling.

   *  Addapted example to YANG module changes in reference.

B.7.  From version 01 to 02

   *  Added WGLC comments

   *  Changed namespaces and module name

   *  Fix error in error response

   *  Comments from Med Boucadair

   *  Removed markdown formatting of tracestate and traceparent, as
      toolchain could not handle this properly

   *  Removed references to RFC8341 (NACM) as the passage in the
      security considerations no longer need it

   *  Rearranged text in introduction to include referenes in a more
      natural order

   *  Removed several references to "we" and replaced with more neutral
      language







Gagliano, et al.        Expires 18 September 2026               [Page 9]

Internet-Draft       RESTCONF Trace Context Headers           March 2026


   *  Clarified that everything described as MUST requirements in this
      document only apply to RESTCONF implementations that implement
      this document.  Other RESTCONF implementations do not need to care
      about this document, it's an optional extension

   *  Clarified that the YANG modules used by this document is defined
      by the sibling document for NETCONF

   *  Lots of updated wording based on review feedback

B.8.  From version 00 to -01

   *  Added Security considerations

   *  Added Acknowledgements

   *  Added several Normative references

   *  Added links to latest document on github

   *  Added RESTCONF example for success and error

   *  Modified Error Handling to reflect better W3C alignment based on
      implementation feedback

   *  Firmed up error handling and YANG-library to MUST-requirements

B.9.  From version 00 to draft-ietf-netconf-restconf-trace-ctx-
      headers-00

   *  Adopted by NETCONF WG

   *  Moved repository to NETCONF WG

   *  Changed build system to use martinthomson's excellent framework

   *  Ran make fix-lint to remove white space at EOL etc.

   *  Added this change note.  No other content changes

Authors' Addresses

   Roque Gagliano
   Cisco Systems
   Avenue des Uttins 5
   CH-1180 Rolle
   Switzerland
   Email: rogaglia@cisco.com



Gagliano, et al.        Expires 18 September 2026              [Page 10]

Internet-Draft       RESTCONF Trace Context Headers           March 2026


   Kristian Larsson
   Deutsche Telekom AG
   Email: kll@dev.terastrm.net


   Jan Lindblad
   All For Eco
   Email: jan.lindblad+ietf@for.eco











































Gagliano, et al.        Expires 18 September 2026              [Page 11]
