idnits 2.17.1 

draft-ietf-btns-core-03.txt:

  Checking boilerplate required by RFC 5378 and the IETF Trust (see
  https://trustee.ietf.org/license-info):
  ----------------------------------------------------------------------------

  ** It looks like you're using RFC 3978 boilerplate.  You should update this
     to the boilerplate described in the IETF Trust License Policy document
     (see https://trustee.ietf.org/license-info), which is required now.

  -- Found old boilerplate from RFC 3978, Section 5.1 on line 16.

  -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on
     line 460.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 471.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 478.

  -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 484.


  Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
  ----------------------------------------------------------------------------

     No issues found here.

  Checking nits according to https://www.ietf.org/id-info/checklist :
  ----------------------------------------------------------------------------

     No issues found here.

  Miscellaneous warnings:
  ----------------------------------------------------------------------------

  == The copyright year in the IETF Trust Copyright Line does not match the
     current year

  == Line 205 has weird spacing: '...   addr  addr ...'

  == Line 270 has weird spacing: '...   addr  addr ...'

  == Line 303 has weird spacing: '...   addr  addr ...'

  -- The document seems to lack a disclaimer for pre-RFC5378 work, but may
     have content which was first submitted before 10 November 2008.  If you
     have contacted all the original authors and they are all willing to grant
     the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
     this comment.  If not, you may need to add the pre-RFC5378 disclaimer. 
     (See the Legal Provisions document at
     https://trustee.ietf.org/license-info for more information.)

  -- The document date (April 2007) is 6220 days in the past.  Is this
     intentional?

  -- Found something which looks like a code comment -- if you have code
     sections in the document, please surround them with '<CODE BEGINS>' and
     '<CODE ENDS>' lines.


  Checking references for intended status: Proposed Standard
  ----------------------------------------------------------------------------

     (See RFCs 3967 and 4897 for information about using normative references
     to lower-maturity documents in RFCs)

  == Missing Reference: 'Q' is mentioned on line 167, but not defined

  == Missing Reference: 'R' is mentioned on line 168, but not defined

  == Missing Reference: 'A' is mentioned on line 167, but not defined

  == Missing Reference: 'B' is mentioned on line 167, but not defined

  == Missing Reference: 'C' is mentioned on line 181, but not defined

  == Missing Reference: 'D' is mentioned on line 169, but not defined

  == Missing Reference: 'SG-A' is mentioned on line 179, but not defined

  == Outdated reference: A later version (-11) exists of
     draft-ietf-btns-connection-latching-00

  == Outdated reference: A later version (-07) exists of
     draft-ietf-btns-prob-and-applic-05

  == Outdated reference: A later version (-04) exists of
     draft-williams-on-channel-binding-00

  -- Obsolete informational reference (is this intentional?): RFC 2408
     (Obsoleted by RFC 4306)

  -- Obsolete informational reference (is this intentional?): RFC 2409
     (Obsoleted by RFC 4306)

  -- Obsolete informational reference (is this intentional?): RFC 4306
     (Obsoleted by RFC 5996)


     Summary: 1 error (**), 0 flaws (~~), 14 warnings (==), 11 comments (--).

     Run idnits with the --verbose option for more detailed information about
     the items above.

--------------------------------------------------------------------------------


2	NETWORK WORKING GROUP                                        N. Williams
3	Internet-Draft                                                       Sun
4	Intended status: Standards Track                           M. Richardson
5	Expires: October 3, 2007                                             SSW
6	                                                              April 2007

8	     Better-Than-Nothing-Security: An Unauthenticated Mode of IPsec
9	                      draft-ietf-btns-core-03.txt

11	Status of this Memo

13	   By submitting this Internet-Draft, each author represents that any
14	   applicable patent or other IPR claims of which he or she is aware
15	   have been or will be disclosed, and any of which he or she becomes
16	   aware will be disclosed, in accordance with Section 6 of BCP 79.

18	   Internet-Drafts are working documents of the Internet Engineering
19	   Task Force (IETF), its areas, and its working groups.  Note that
20	   other groups may also distribute working documents as Internet-
21	   Drafts.

23	   Internet-Drafts are draft documents valid for a maximum of six months
24	   and may be updated, replaced, or obsoleted by other documents at any
25	   time.  It is inappropriate to use Internet-Drafts as reference
26	   material or to cite them other than as "work in progress."

28	   The list of current Internet-Drafts can be accessed at
29	   http://www.ietf.org/ietf/1id-abstracts.txt.

31	   The list of Internet-Draft Shadow Directories can be accessed at
32	   http://www.ietf.org/shadow.html.

34	   This Internet-Draft will expire on October 3, 2007.

36	Copyright Notice

38	   Copyright (C) The IETF Trust (2007).

40	Abstract

42	   This document specifies how to use the Internet Key Exchange (IKE)
43	   protocols, such as IKEv1 and IKEv2, to setup "unauthenticated"
44	   security associations (SAs) for use with the IPsec Encapsulating
45	   Security Payload (ESP) and the IPsec Authentication Header (AH).  No
46	   IKE extensions are needed, but Peer Authorization Database (PAD) and
47	   Security Policy Database (SPD) extensions are specified.
48	   Unauthenticated IPsec is herein referred to by its popular acronym,
49	   "BTNS" (Better Than Nothing Security).

51	Table of Contents

53	   1.    Introduction . . . . . . . . . . . . . . . . . . . . . . . .  3
54	   1.1.  Conventions used in this document  . . . . . . . . . . . . .  3
55	   2.    BTNS . . . . . . . . . . . . . . . . . . . . . . . . . . . .  4
56	   3.    Usage Scenarios  . . . . . . . . . . . . . . . . . . . . . .  6
57	   3.1.  Example #1: sgA  . . . . . . . . . . . . . . . . . . . . . .  6
58	   3.2.  Example #2: Q  . . . . . . . . . . . . . . . . . . . . . . .  8
59	   3.3.  Example #3: C  . . . . . . . . . . . . . . . . . . . . . . .  9
60	   3.4.  Miscaellaneous examples  . . . . . . . . . . . . . . . . . .  9
61	   4.    Security Considerations  . . . . . . . . . . . . . . . . . . 10
62	   4.1.  Connection-Latching and Channel Binding  . . . . . . . . . . 10
63	   4.2.  Leap-of-Faith (LoF) for BTNS . . . . . . . . . . . . . . . . 10
64	   5.    IANA Considerations  . . . . . . . . . . . . . . . . . . . . 12
65	   6.    References . . . . . . . . . . . . . . . . . . . . . . . . . 13
66	   6.1.  Normative References . . . . . . . . . . . . . . . . . . . . 13
67	   6.2.  Informative References . . . . . . . . . . . . . . . . . . . 13
68	         Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 14
69	         Intellectual Property and Copyright Statements . . . . . . . 15

71	1.  Introduction

73	   Here we describe how to establish unauthenticated IPsec SAs using
74	   IKEv1 [RFC2408] [RFC2409] or IKEv2 [RFC4306] and unauthenticated
75	   public keys.  No new on-the-wire protocol elements are added to IKE
76	   or IKEv2.

78	   The [RFC4301] processing model is assumed.

80	   This document does not define an opportunistic BTNS mode of IPsec
81	   whereby nodes may fallback on unprotected IP when their peers do not
82	   support IKE or IKEv2, nor does it describe "leap-of-faith" modes, or
83	   "connection latching."

85	   See [I-D.ietf-btns-prob-and-applic] for the applicability and uses of
86	   BTNS.

88	1.1.  Conventions used in this document

90	   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
91	   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
92	   document are to be interpreted as described in [RFC2119].

94	2.  BTNS

96	   The IPsec processing model, IKE and IKEv2 are hereby modified as
97	   follows:

99	   o  A new ID type is added, 'PUBLICKEY'; IDs of this type have public
100	      keys as values.  This ID type is not used on the wire.

102	   o  A BTNS-specific PAD entry.  This entry is intended to be the last
103	      entry in the PAD when BTNS is enabled.  A peer that matches no
104	      other PAD entries is to be "authenticated" by verifying that the
105	      signature in its AUTH (or SIG) payload in the IKEv2 (or v1)
106	      exchange with the public key from the peer's CERT payload.  The
107	      peer's ID MUST then be coerced to be of 'PUBLICKEY' type with the
108	      peer's public key as its value.

110	   o  A new flag for SPD entries: 'BTNS_OK'.  Traffic to/from peers that
111	      match the BTNS PAD entry will only match SPD entries that have the
112	      BTNS_OK flag set.  The SPD may be searched by address or by ID (of
113	      type PUBLICKEY, of course, for BTNS peers), as per the IPsec
114	      processing model [RFC4301]; searching by ID in this case requires
115	      creation of SPD entries that are bound to public key values (this
116	      could be used to build "leap-of-faith" behaviour, for example).

118	   Nodes MUST reject IKE_SA proposals from peers that match non-BTNS PAD
119	   entries but fail to authenticate properly.

121	   Nodes wishing to be treated as BTNS nodes by their peers SHOULD use
122	   bare RSA key CERT payloads and MAY use certificates known not to have
123	   been pre-shared with their peers or outside their trust anchors
124	   (e.g., self-signed certificates).  RSA keys for use in BTNS may be
125	   generated at any time, but "connection latching"
126	   [I-D.ietf-btns-connection-latching] requires that they remain
127	   constant between IKE exchanges setting up SAs for latched
128	   connections.

130	   To preserve standard IPsec access control semantics BTNS responders
131	   MUST NOT allow BTNS peers to assert addresses which could be asserted
132	   by non-BTNS peers.  This can be achieved by processing the PAD in
133	   order both, when peers authenticate and when BTNS peers negotiate
134	   child SAs -- in the first case the PAD is searched for a matching PAD
135	   entry as usual, and in the second it is searched to make sure that
136	   BTNS peers' asserted child SA traffic selectors do not conflict with
137	   non-BTNS PAD entries.  Note that in general, if there are multiple
138	   PAD entries with wildcard matching on peer ID then all but the last
139	   one should constrain the traffic selectors for matching peers.

141	   Note that nodes may unwittingly match peers' BTNS PAD entries and be
142	   authenticated as BTNS nodes.  This may be used in specifying the
143	   "latching" of traffic flows to peer IDs
144	   [I-D.ietf-btns-connection-latching].

146	3.  Usage Scenarios

148	   In order to explain the above rules a number of scenarios will be
149	   postulated.  The goal here is to demonstrate that the above rules are
150	   both sufficient and required.

152	   To explain the scenarios a reference diagram describing a canonical
153	   network will be used.  It is as follows:

155	                             [Q]  [R]
156	        AS1                   .    .              AS2
157	     [A]----+----[SG-A].......+....+.......[SG-B]-------[B]
158	                              ......               \
159	                              ..PI..                ----[btns-B]
160	                              ......
161	                 [btns-C].....+....+.......[btns-D]

163	                    Figure 1: Reference Network Diagram

165	   In this diagram, there are six end-nodes: A, B, C and D. Two of the
166	   systems are security gateways: SG-A, SG-B, protecting networks on
167	   which [A] and [B] reside.  There is a node [Q] which is IPsec and
168	   BTNS capable, and node [R] is a simple node, with no IPsec or BTNS
169	   capability.  Nodes [C] and [D] are BTNS capable.  We will examine
170	   interactions between the BTNS enabled nodes, and the IPsec enabled
171	   nodes.

173	   Nodes C and Q have a fixed addresses.  Node D non-fixed addresses.

175	   PI is the Public Internet ("The Wild").

177	3.1.  Example #1: sgA

179	   The machine that we will care about will be [SG-A], a firewall device
180	   of some kind which we wish to configure to respond to BTNS
181	   connections from [C]

183	   SG-A has the following "VPN" PAD and SPD entries:

185	                                Child SA
186	         Rule Remote ID        IDs allowed  SPD Search by
187	         ---- ---------        -----------  -------------
188	          1   <B's ID>         <B's network>  by-IP
189	          2   <Q's ID>         <Q's host>     by-IP
190	          3   PUBLICKEY:any         ANY       by-IP

192	   The last entry is the BTNS entry.

194	                         Figure 2: SG-A PAD table

196	   Here <ANY> is any address that is not part of A's network, and is not
197	   claimed by any other entry.  Note that sgA's PAD entry has one and
198	   only one wildcard PAD entry: the BTNS catch-all PAD entry, so, as
199	   described in Section 2.

201	   <Child SA IDs allowed> and <SPD Search by> are from [RFC4301] section
202	   4.4.3

204	         Rule Local Remote Next Layer BTNS  Action
205	               addr  addr   Protocol   ok
206	         ---- ----- ------ ---------- ----  -----------------------
207	          1   A       R       ANY      N/A  BYPASS
208	          2   A       Q       ANY      no   PROTECT(ESP,tunnel,AES,
209	                                                        SHA256)
210	          3   A       B-net   ANY      no   PROTECT(ESP,tunnel,AES,
211	                                                        SHA256)
212	          4   A       ANY     ANY      yes  PROTECT(ESP,transport,
213	                                                        integr+conf)

215	                         Figure 3: SG-A SPD table

217	   The processing by sgA of various peers then is as follows:

219	   o  Q does not match PAD entry #1, but does match PAD entry #2; PAD
220	      processing stops, then the SPD is searched by Q's ID to find entry
221	      #2; CHILD SAs are then allowed that have sgA's and Q's addresses
222	      as the end-point addresses.

224	   o  sgB matches PAD entry #1; PAD processing stops, then the SPD is
225	      searched by sgB's ID to find SPD entry #3; CHILD SAs are then
226	      allowed that have sgA's address and any addresses from B's network
227	      as the end-point addresses.

229	   o  R does not initiate any IKE_SAs; its traffic to A is bypassed by
230	      SPD entry #1.

232	   o  C does not match PAD entries #1 or #2, but does match entry #3,
233	      the BTNS wildcard PAD entry; the SPD is searched by C's address
234	      and SPD entry #4 is matched.  CHILD SAs are then allowed that have
235	      sgA's address and C's address as the end-point addresses provided
236	      that C's address is neither Q's nor any of B's (see Section 2).

238	   o  Rogue BTNS nodes attempting to assert Q's or B's addresses will
239	      either match the PAD entries for Q or B and fail to authenticate
240	      as Q or B, in which case they are rejected, or they will match PAD
241	      entry #3 but will not be allowed to create CHILD SAs with Q's or
242	      B's addresses as traffic selectors.

244	   o  Rogue BTNS nodes attempting to assert C's address are allowed.
245	      Protection for C requires additional bindings of C's specific BTNS
246	      ID (that is, its public key) to its traffic flows through
247	      connection-latching and channel binding, or leap-of-faith, none of
248	      which are described here.

250	3.2.  Example #2: Q

252	   Q is either a BITS or native IPsec implementation; if it is a native
253	   implementation it may have IPsec-aware applications, specifically
254	   NFSv4 (TCP port 2049).

256	   In any case, Q wants to communicate with A generally, and with BTNS
257	   peers for NFSv4 only.  It's PAD and SPD are configured as follows:

259	                                Child SA
260	         Rule Remote ID        IDs allowed  SPD Search by
261	         ---- ---------        -----------  -------------
262	          1   <A's ID>         <A's address>  by-IP
263	          2   PUBLICKEY:any    ANY            by-IP

265	   The last entry is the BTNS entry.

267	                           Figure 4: Q PAD table

269	         Rule Local Remote Next Layer BTNS  Action
270	               addr  addr   Protocol   ok
271	         ---- ----- ------ ---------- ----  -----------------------
272	          1     Q     A       ANY      no   PROTECT(ESP,tunnel,AES,
273	                                                        SHA256)
274	          2     Q     ANY     ANY      yes  PROTECT(ESP,transport,
275	                      and                               integr+conf)
276	                      port
277	                      2049

279	                         Figure 5: SG-A SPD table

281	   The same analysis shown above in Section 3.1 applies here with
282	   respect to sgA, C and rogue peers, except that C is allowed only
283	   access to the NFSv4 service on Q. Additionally sgB is treated as a
284	   BTNS peer as it is not known to Q, and therefore any host behind sgB
285	   can access the NFSv4 service on Q (and, because Q has no formal
286	   relationship with sgB, rogues can impersonate B).

288	3.3.  Example #3: C

290	   C only supports BTNS and wants to use BTNS to protect NFSv4 traffic.
291	   It's PAD and SPD are configured as follows:

293	                                Child SA
294	         Rule Remote ID        IDs allowed  SPD Search by
295	         ---- ---------        -----------  -------------
296	          1   PUBLICKEY:any    ANY          by-IP

298	   The last entry is the BTNS entry.

300	                           Figure 6: Q PAD table

302	         Rule Local Remote Next Layer BTNS  Action
303	               addr  addr   Protocol   ok
304	         ---- ----- ------ ---------- ----  -----------------------
305	          1     C    ANY      ANY      yes  PROTECT(ESP,transport,
306	                     and                                integr+conf)
307	                     port
308	                     2049

310	          2     C    ANY      ANY      N/A  BYPASS

312	                         Figure 7: SG-A SPD table

314	3.4.  Miscaellaneous examples

316	   If sgA were not BTNS-capable then it would not have PAD and SPD
317	   entries #3 and #4, respectively.  Then C would be rejected as usual
318	   under the standard IPsec model [RFC4301].

320	   Similarly, if Q were not BTNS-capable then it would not have PAD and
321	   SPD entries #2.  Then C would be rejected as usual under the standard
322	   IPsec model [RFC4301].

324	4.  Security Considerations

326	   Unauthenticated security association negotiation is subject to MITM
327	   attacks and should be used with care.  Where security infrastructures
328	   are lacking this may indeed be better than nothing.

330	   Use with applications that bind authentication at higher network
331	   layers to secure channels at lower layers may provide one secure way
332	   to use unauthenticated IPsec, but this is not specified herein.

334	   Use of multiple wildcard PAD entries can be problematic.  Where it is
335	   important that addresses and node identities be tightly bound it is
336	   important that such PAD entries limit the addresses that matching
337	   peers can assert for their CHILD SAs to non-overlapping address
338	   spaces.  In practice this may be difficult to configure; if it is not
339	   feasible to configure systems in this way then either BTNS should not
340	   be used or BTNS PAD entries should constrain matching peers only to
341	   using services for which authentication is not normally necessary or
342	   where IPsec-aware/connection-latching applications are used.

344	4.1.  Connection-Latching and Channel Binding

346	   BTNS is subject to MITM attacks.  One way to protect against MITM
347	   attacks subsequent to initial communications is to use "connection
348	   latching" [I-D.ietf-btns-connection-latching], whereby ULPs cooperate
349	   with IPsec in native IPsec implementations to bind individual packet
350	   flows to sequences of SAs whose end-point IDs (public keys, in the
351	   case of BTNS end-points) and other characteristics (e.g., quality of
352	   protection) must all be the same.

354	   MITMs can be detected by using application-layer authentication
355	   frameworks and/or mechanisms, such as the GSS-API [RFC2743], with
356	   channel binding [I-D.williams-on-channel-binding], where the channels
357	   to be bound to application-layer authentication are latched
358	   connections and where the channel bindings data strongly identify the
359	   end-points of the latched connection (e.g., the public keys of the
360	   end-points).

362	4.2.  Leap-of-Faith (LoF) for BTNS

364	   "Leap of faith" is the term generally used for the habit of accepting
365	   that a given key identifies a peer that one wanted to talk to without
366	   strong evidence for that proposition.  Specifically this is a common
367	   mode of operation for Secure Shell [RFC4251] clients where, when a
368	   server is encountered for the first time the client may ask the user
369	   whether to accept the server's public key as its identity and, if so,
370	   records the server's name (as given by the user) and public key in a
371	   database.

373	   Leap of Faith can work in a similar way for BTNS nodes, but it is
374	   currently still being designed and specified by the IETF BTNS WG.

376	5.  IANA Considerations

378	   This document has no IANA considerations, neither seeking to create
379	   new registrations nor new registries.  (The new ID type is not used
380	   on the wire, therefore it need not be assigned a number from the IANA
381	   IKEv2 Identification Payload ID Types registry.)

383	6.  References

385	6.1.  Normative References

387	   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
388	              Requirement Levels", BCP 14, RFC 2119, March 1997.

390	   [RFC4301]  Kent, S. and K. Seo, "Security Architecture for the
391	              Internet Protocol", RFC 4301, December 2005.

393	6.2.  Informative References

395	   [I-D.ietf-btns-connection-latching]
396	              Williams, N., "IPsec Channels: Connection Latching",
397	              draft-ietf-btns-connection-latching-00 (work in progress),
398	              February 2006.

400	   [I-D.ietf-btns-prob-and-applic]
401	              Touch, J., "Problem and Applicability Statement for Better
402	              Than Nothing Security  (BTNS)",
403	              draft-ietf-btns-prob-and-applic-05 (work in progress),
404	              February 2007.

406	   [I-D.williams-on-channel-binding]
407	              Williams, N., "On the Use of Channel Bindings to Secure
408	              Channels", draft-williams-on-channel-binding-00 (work in
409	              progress), August 2006.

411	   [RFC2408]  Maughan, D., Schneider, M., and M. Schertler, "Internet
412	              Security Association and Key Management Protocol
413	              (ISAKMP)", RFC 2408, November 1998.

415	   [RFC2409]  Harkins, D. and D. Carrel, "The Internet Key Exchange
416	              (IKE)", RFC 2409, November 1998.

418	   [RFC2743]  Linn, J., "Generic Security Service Application Program
419	              Interface Version 2, Update 1", RFC 2743, January 2000.

421	   [RFC4251]  Ylonen, T. and C. Lonvick, "The Secure Shell (SSH)
422	              Protocol Architecture", RFC 4251, January 2006.

424	   [RFC4306]  Kaufman, C., "Internet Key Exchange (IKEv2) Protocol",
425	              RFC 4306, December 2005.

427	Authors' Addresses

429	   Nicolas Williams
430	   Sun Microsystems
431	   5300 Riata Trace Ct
432	   Austin, TX  78727
433	   US

435	   Email: Nicolas.Williams@sun.com

437	   Michael C. Richardson
438	   Sandelman Software Works
439	   470 Dawson Avenue
440	   Ottawa, ON  K1Z 5V7
441	   CA

443	   Email: mcr@sandelman.ottawa.on.ca
444	   URI:   http://www.sandelman.ottawa.on.ca/

446	Full Copyright Statement

448	   Copyright (C) The IETF Trust (2007).

450	   This document is subject to the rights, licenses and restrictions
451	   contained in BCP 78, and except as set forth therein, the authors
452	   retain all their rights.

454	   This document and the information contained herein are provided on an
455	   "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
456	   OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND
457	   THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS
458	   OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF
459	   THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
460	   WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.

462	Intellectual Property

464	   The IETF takes no position regarding the validity or scope of any
465	   Intellectual Property Rights or other rights that might be claimed to
466	   pertain to the implementation or use of the technology described in
467	   this document or the extent to which any license under such rights
468	   might or might not be available; nor does it represent that it has
469	   made any independent effort to identify any such rights.  Information
470	   on the procedures with respect to rights in RFC documents can be
471	   found in BCP 78 and BCP 79.

473	   Copies of IPR disclosures made to the IETF Secretariat and any
474	   assurances of licenses to be made available, or the result of an
475	   attempt made to obtain a general license or permission for the use of
476	   such proprietary rights by implementers or users of this
477	   specification can be obtained from the IETF on-line IPR repository at
478	   http://www.ietf.org/ipr.

480	   The IETF invites any interested party to bring to its attention any
481	   copyrights, patents or patent applications, or other proprietary
482	   rights that may cover technology that may be required to implement
483	   this standard.  Please address the information to the IETF at
484	   ietf-ipr@ietf.org.

486	Acknowledgment

488	   Funding for the RFC Editor function is provided by the IETF
489	   Administrative Support Activity (IASA).