idnits 2.17.1 draft-ietf-ipngwg-rfc2013-update-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** There is 1 instance of too long lines in the document, the longest one being 2 characters in excess of 72. ** The abstract seems to contain references ([4]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (July 2001) is 8321 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Missing reference section? '4' on line 456 looks like a reference -- Missing reference section? '5' on line 459 looks like a reference -- Missing reference section? '6' on line 462 looks like a reference -- Missing reference section? '7' on line 466 looks like a reference -- Missing reference section? '8' on line 469 looks like a reference -- Missing reference section? '9' on line 472 looks like a reference -- Missing reference section? '10' on line 476 looks like a reference -- Missing reference section? '11' on line 480 looks like a reference -- Missing reference section? '12' on line 484 looks like a reference -- Missing reference section? '13' on line 487 looks like a reference -- Missing reference section? '14' on line 490 looks like a reference -- Missing reference section? '15' on line 494 looks like a reference -- Missing reference section? '16' on line 545 looks like a reference -- Missing reference section? '17' on line 502 looks like a reference -- Missing reference section? '18' on line 506 looks like a reference -- Missing reference section? '19' on line 546 looks like a reference -- Missing reference section? '20' on line 513 looks like a reference -- Missing reference section? '1' on line 447 looks like a reference -- Missing reference section? '2' on line 450 looks like a reference -- Missing reference section? '3' on line 453 looks like a reference Summary: 5 errors (**), 0 flaws (~~), 2 warnings (==), 22 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 IPv6 MIB Revision Design Team Bill Fenner 2 INTERNET-DRAFT AT&T Research 3 Expires: January 2002 Brian Haberman 4 Nortel Networks 5 Keith McCloghrie 6 Cisco Systems 7 Juergen Schoenwalder 8 TU Braunschweig 9 Dave Thaler 10 Microsoft 11 July 2001 13 Management Information Base 14 for the User Datagram Protocol (UDP) 15 draft-ietf-ipngwg-rfc2013-update-00.txt 17 Status of this Document 19 This document is an Internet-Draft and is in full conformance with all 20 provisions of Section 10 of RFC2026. 22 Internet-Drafts are working documents of the Internet Engineering Task 23 Force (IETF), its areas, and its working groups. Note that other groups 24 may also distribute working documents as Internet-Drafts. 26 Internet-Drafts are draft documents valid for a maximum of six months 27 and may be updated, replaced, or obsoleted by other documents at any 28 time. It is inappropriate to use Internet-Drafts as reference material 29 or to cite them other than as "work in progress." 31 The list of current Internet-Drafts can be accessed at 32 http://www.ietf.org/ietf/1id-abstracts.txt 34 The list of Internet-Draft Shadow Directories can be accessed at 35 http://www.ietf.org/shadow.html. 37 This document is a product of the IPv6 MIB Revision Design Team. 38 Comments should be addressed to the authors, or the mailing list at 39 ipng@sunroof.eng.sun.com. 41 Copyright Notice 43 Copyright (C) The Internet Society (2001). All Rights Reserved. 45 Abstract 47 This memo defines a portion of the Management Information Base (MIB) for 48 use with network management protocols in the Internet community. In 49 particular, it describes managed objects used for implementations of the 50 User Datagram Protocol (UDP) [4] in an IP version independent manner. 52 Table of Contents 54 1. The SNMP Management Framework . . . . . . . . . . . . . . . . . . 3 55 2. Revision History. . . . . . . . . . . . . . . . . . . . . . . . . 4 56 3. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . . . 5 57 4. Open Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 58 5. Acknowledgements. . . . . . . . . . . . . . . . . . . . . . . . . 11 59 6. References. . . . . . . . . . . . . . . . . . . . . . . . . . . . 11 60 7. Security Considerations . . . . . . . . . . . . . . . . . . . . . 12 61 8. Editor's Address. . . . . . . . . . . . . . . . . . . . . . . . . 13 62 9. Full Copyright Statement. . . . . . . . . . . . . . . . . . . . . 14 64 1. The SNMP Management Framework 66 The SNMP Management Framework presently consists of five major 67 components: 69 o An overall architecture, described in RFC 2571 [5]. 71 o Mechanisms for describing and naming objects and events for the 72 purpose of management. The first version of this Structure of 73 Management Information (SMI) is called SMIv1 and described in STD 16, 74 RFC 1155 [6], STD 16, RFC 1212 [7] and RFC 1215 [8]. The second 75 version, called SMIv2, is described in STD 58, RFC 2578 [9], STD 58, 76 RFC 2579 [10] and STD 58, RFC 2580 [11]. 78 o Message protocols for transferring management information. The first 79 version of the SNMP message protocol is called SNMPv1 and described in 80 STD 15, RFC 1157 [12]. A second version of the SNMP message protocol, 81 which is not an Internet standards track protocol, is called SNMPv2c 82 and described in RFC 1901 [13] and RFC 1906 [14]. The third version of 83 the message protocol is called SNMPv3 and described in RFC 1906 [14], 84 RFC 2572 [15] and RFC 2574 [16]. 86 o Protocol operations for accessing management information. The first 87 set of protocol operations and associated PDU formats is described in 88 STD 15, RFC 1157 [12]. A second set of protocol operations and 89 associated PDU formats is described in RFC 1905 [17]. 91 o A set of fundamental applications described in RFC 2573 [18] and the 92 view-based access control mechanism described in RFC 2575 [19]. 94 A more detailed introduction to the current SNMP Management Framework 95 can be found in RFC 2570 [20]. 97 Managed objects are accessed via a virtual information store, termed the 98 Management Information Base or MIB. Objects in the MIB are defined 99 using the mechanisms defined in the SMI. 101 This memo specifies a MIB module that is compliant to the SMIv2. A MIB 102 conforming to the SMIv1 can be produced through the appropriate 103 translations. The resulting translated MIB must be semantically 104 equivalent, except where objects or events are omitted because no 105 translation is possible (use of Counter64). Some machine readable 106 information in SMIv2 will be converted into textual descriptions in 107 SMIv1 during the translation process. However, this loss of machine 108 readable information is not considered to change the semantics of the 109 MIB. 111 2. Revision History 113 Changes from draft-ops-rfc2013-update-00.txt 115 12 Jul 2001 117 Turned into IPNG WG document 119 Changes from first draft posted to v6mib mailing list: 121 23 Feb 2001 123 Made threshold for HC packet counters 1Mpps 125 Added copyright statements and table of contents 127 21 Feb 2001 -- Juergen's changes 129 Renamed udpInetTable to udpListenerTable 131 Updated Conformance info 133 6 Feb 2001 135 Removed v6-only objects. 137 Removed remote and instance objects, turning the table back into a 138 listener-only table. 140 Renamed inetUdp* to udpInet* 142 Added HC in and out datagram counters 143 Added SIZE restriction to udpListenerLocalAddress. (36 = 32-byte 144 addresses plus 4-byte scope, but it's just a strawman) 146 Used InetPortNumber TC from updated INET-ADDRESS-MIB 148 Updated compliance statements. 150 Added Keith to authors 152 Added open issues section. 154 3. Definitions 156 UDP-MIB DEFINITIONS ::= BEGIN 158 IMPORTS 159 MODULE-IDENTITY, OBJECT-TYPE, Counter32, Counter64, 160 IpAddress, mib-2 FROM SNMPv2-SMI 161 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF 162 InetAddress, InetAddressType, 163 InetPortNumber FROM INET-ADDRESS-MIB; 165 udpMIB MODULE-IDENTITY 166 LAST-UPDATED "200102210000Z" 167 ORGANIZATION "IETF IPv6 MIB Revision Team" 168 CONTACT-INFO 169 "Bill Fenner (editor) 171 AT&T Labs -- Research 172 75 Willow Rd. 173 Menlo Park, CA 94025 175 Phone: +1 650 330-7893 176 Email: " 177 DESCRIPTION 178 "The MIB module for managing UDP implementations." 179 REVISION "200102210000Z" 180 DESCRIPTION 181 "IP version neutral revision, published as RFC XXXX." 182 REVISION "9411010000Z" 183 DESCRIPTION 184 "Initial SMIv2 version, published as RFC 2013." 185 REVISION "9103310000Z" 186 DESCRIPTION 187 "The initial revision of this MIB module was part of MIB-II." 188 ::= { mib-2 50 } 190 -- the UDP group 192 udp OBJECT IDENTIFIER ::= { mib-2 7 } 194 udpInDatagrams OBJECT-TYPE 195 SYNTAX Counter32 196 MAX-ACCESS read-only 197 STATUS current 198 DESCRIPTION 199 "The total number of UDP datagrams delivered to UDP users." 200 ::= { udp 1 } 202 udpNoPorts OBJECT-TYPE 203 SYNTAX Counter32 204 MAX-ACCESS read-only 205 STATUS current 206 DESCRIPTION 207 "The total number of received UDP datagrams for which there 208 was no application at the destination port." 209 ::= { udp 2 } 211 udpInErrors OBJECT-TYPE 212 SYNTAX Counter32 213 MAX-ACCESS read-only 214 STATUS current 215 DESCRIPTION 216 "The number of received UDP datagrams that could not be 217 delivered for reasons other than the lack of an application 218 at the destination port." 219 ::= { udp 3 } 221 udpOutDatagrams OBJECT-TYPE 222 SYNTAX Counter32 223 MAX-ACCESS read-only 224 STATUS current 225 DESCRIPTION 226 "The total number of UDP datagrams sent from this entity." 227 ::= { udp 4 } 229 udpHCInDatagrams OBJECT-TYPE 230 SYNTAX Counter64 231 MAX-ACCESS read-only 232 STATUS current 233 DESCRIPTION 234 "The total number of UDP datagrams delivered to UDP users, 235 for devices which can receive more than 1 million UDP 236 packets per second." 237 ::= { udp 26 } 239 udpHCOutDatagrams OBJECT-TYPE 240 SYNTAX Counter64 241 MAX-ACCESS read-only 242 STATUS current 243 DESCRIPTION 244 "The total number of UDP datagrams sent from this entity, for 245 devices which can transmit more than 1 million UDP packets 246 per second." 247 ::= { udp 27 } 249 -- The UDP Listener table 251 -- The UDP listener table contains information about this 252 -- entity's UDP end-points on which a local application is 253 -- currently accepting datagrams. 255 udpListenerTable OBJECT-TYPE 256 SYNTAX SEQUENCE OF UdpListenerEntry 257 MAX-ACCESS not-accessible 258 STATUS current 259 DESCRIPTION 260 "A table containing UDP listener information." 261 ::= { udp 7 } 263 udpListenerEntry OBJECT-TYPE 264 SYNTAX UdpListenerEntry 265 MAX-ACCESS not-accessible 266 STATUS current 267 DESCRIPTION 268 "Information about a particular current UDP listener." 269 INDEX { udpListenerLocalAddressType, 270 udpListenerLocalAddress, 271 udpListenerLocalPort } 272 ::= { udpListenerTable 1 } 274 UdpListenerEntry ::= SEQUENCE { 275 udpListenerLocalAddressType InetAddressType, 276 udpListenerLocalAddress InetAddress, 277 udpListenerLocalPort InetPortNumber 278 } 280 udpListenerLocalAddressType OBJECT-TYPE 281 SYNTAX InetAddressType 282 MAX-ACCESS not-accessible 283 STATUS current 284 DESCRIPTION 285 "The address type of udpListenerLocalAddress" 287 ::= { udpListenerEntry 1 } 289 udpListenerLocalAddress OBJECT-TYPE 290 SYNTAX InetAddress (SIZE(0..36)) 291 MAX-ACCESS not-accessible 292 STATUS current 293 DESCRIPTION 294 "The local IP address for this UDP listener. In the case of 295 a UDP listener which is willing to accept datagrams for any 296 IP interface associated with the node, a value of all zeroes 297 is used." 298 ::= { udpListenerEntry 2 } 300 udpListenerLocalPort OBJECT-TYPE 301 SYNTAX InetPortNumber 302 MAX-ACCESS read-only 303 STATUS current 304 DESCRIPTION 305 "The local port number for this UDP listener." 306 ::= { udpListenerEntry 3 } 308 -- The deprecated UDP Listener table 310 -- The UDP listener table contains information about this 311 -- entity's IPv4 UDP end-points on which a local application is 312 -- currently accepting datagrams. 314 udpTable OBJECT-TYPE 315 SYNTAX SEQUENCE OF UdpEntry 316 MAX-ACCESS not-accessible 317 STATUS deprecated 318 DESCRIPTION 319 "A table containing IPv4-specific UDP listener information. 320 It contains information about all local IPv4 UDP end-points 321 on which an application is currently accepting datagrams. 322 This table has been deprecated in favor of the version 323 neutral udpListenerTable." 324 ::= { udp 5 } 326 udpEntry OBJECT-TYPE 327 SYNTAX UdpEntry 328 MAX-ACCESS not-accessible 329 STATUS deprecated 330 DESCRIPTION 331 "Information about a particular current UDP listener." 332 INDEX { udpLocalAddress, udpLocalPort } 333 ::= { udpTable 1 } 335 UdpEntry ::= SEQUENCE { 336 udpLocalAddress IpAddress, 337 udpLocalPort INTEGER 338 } 340 udpLocalAddress OBJECT-TYPE 341 SYNTAX IpAddress 342 MAX-ACCESS read-only 343 STATUS deprecated 344 DESCRIPTION 345 "The local IP address for this UDP listener. In the case of 346 a UDP listener which is willing to accept datagrams for any 347 IP interface associated with the node, the value 0.0.0.0 is 348 used." 349 ::= { udpEntry 1 } 351 udpLocalPort OBJECT-TYPE 352 SYNTAX INTEGER (0..65535) 353 MAX-ACCESS read-only 354 STATUS deprecated 355 DESCRIPTION 356 "The local port number for this UDP listener." 357 ::= { udpEntry 2 } 359 -- conformance information 361 udpMIBConformance OBJECT IDENTIFIER ::= { udpMIB 2 } 363 udpMIBCompliances OBJECT IDENTIFIER ::= { udpMIBConformance 1 } 364 udpMIBGroups OBJECT IDENTIFIER ::= { udpMIBConformance 2 } 366 -- compliance statements 368 udpMIBCompliance2 MODULE-COMPLIANCE 369 STATUS current 370 DESCRIPTION 371 "The compliance statement for systems which implement UDP." 372 MODULE -- this module 373 MANDATORY-GROUPS { udpBaseGroup, udpListenerGroup } 374 GROUP udpHCGroup 375 DESCRIPTION 376 "This group is mandatory for those systems which are capable 377 of receiving or transmitting more than 1 million UDP 378 packets per second. 1 million packets per second will 379 cause a Counter32 to wrap in just over an hour." 380 ::= { udpMIBCompliances 2 } 382 udpMIBCompliance MODULE-COMPLIANCE 383 STATUS deprecated 384 DESCRIPTION 385 "The compliance statement for IPv4-only systems which 386 implement UDP. For IP version independence, this compliance 387 statement is deprecated in favor of udpMIBCompliance2." 388 MODULE -- this module 389 MANDATORY-GROUPS { udpGroup } 390 ::= { udpMIBCompliances 1 } 392 -- units of conformance 394 udpGroup OBJECT-GROUP 395 OBJECTS { udpInDatagrams, udpNoPorts, 396 udpInErrors, udpOutDatagrams, 397 udpLocalAddress, udpLocalPort } 398 STATUS deprecated 399 DESCRIPTION 400 "The deprecated group of objects providing for management of 401 UDP over IPv4." 402 ::= { udpMIBGroups 1 } 404 udpBaseGroup OBJECT-GROUP 405 OBJECTS { udpInDatagrams, udpNoPorts, udpInErrors, udpOutDatagrams } 406 STATUS current 407 DESCRIPTION 408 "The group of objects providing for counters of UDP 409 statistics." 410 ::= { udpMIBGroups 2 } 412 udpHCGroup OBJECT-GROUP 413 OBJECTS { udpHCInDatagrams, udpHCOutDatagrams } 414 STATUS current 415 DESCRIPTION 416 "The group of objects providing for counters of high speed 417 UDP implementations." 418 ::= { udpMIBGroups 3 } 420 udpListenerGroup OBJECT-GROUP 421 OBJECTS { udpListenerLocalPort } 422 STATUS current 423 DESCRIPTION 424 "The group of objects providing for the IP version 425 independent management of UDP listeners." 427 ::= { udpMIBGroups 4 } 429 END 431 4. Open Issues 433 [optional] connection table to more fully specify sockets? 435 Per-connection/listener datagram / octet count objects in an optional 436 conformance group? 438 IPV6_V6ONLY? 440 5. Acknowledgements 442 This document contains a modified subset of RFC 1213 and updates RFC 443 2013 and RFC 2454. 445 6. References 447 [1] Rose, M. and K. McCloghrie, "Management Information Base for Network 448 Management of TCP/IP-based internets", RFC 1213, March 1991. 450 [2] K. McCloghrie, "SNMPv2 Management Information Base for the User 451 Datagram Protocol using SMIv2", RFC 2013, November 1996. 453 [3] Haskin, D. and S. Onishi, "IP Version 6 Management Information Base 454 for the User Datagram Protocol", RFC 2454, December 1998. 456 [4] Postel, J., "User Datagram Protocol", STD 6, RFC 768, DARPA, August 457 1980. 459 [5] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for 460 Describing SNMP Management Frameworks", RFC 2571, April 1999. 462 [6] Rose, M., and K. McCloghrie, "Structure and Identification of 463 Management Information for TCP/IP-based Internets", STD 16, RFC 464 1155, May 1990. 466 [7] Rose, M., and K. McCloghrie, "Concise MIB Definitions", STD 16, RFC 467 1212, March 1991. 469 [8] Rose, M., "A Convention for Defining Traps for use with the SNMP", 470 RFC 1215, March 1991. 472 [9] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., 473 and S. Waldbusser, "Structure of Management Information Version 2 474 (SMIv2)", STD 58, RFC 2578, April 1999. 476 [10] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., 477 and S. Waldbusser, "Textual Conventions for SMIv2", STD 58, RFC 478 2579, April 1999. 480 [11] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose, M., 481 and S. Waldbusser, "Conformance Statements for SMIv2", STD 58, RFC 482 2580, April 1999. 484 [12] Case, J., Fedor, M., Schoffstall, M., and J. Davin, "Simple Network 485 Management Protocol", STD 15, RFC 1157, May 1990. 487 [13] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, 488 "Introduction to Community-based SNMPv2", RFC 1901, January 1996. 490 [14] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport 491 Mappings for Version 2 of the Simple Network Management Protocol 492 (SNMPv2)", RFC 1906, January 1996. 494 [15] Case, J., Harrington D., Presuhn R., and B. Wijnen, "Message 495 Processing and Dispatching for the Simple Network Management 496 Protocol (SNMP)", RFC 2572, April 1999. 498 [16] Blumenthal, U., and B. Wijnen, "User-based Security Model (USM) for 499 version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 500 2574, April 1999. 502 [17] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol 503 Operations for Version 2 of the Simple Network Management Protocol 504 (SNMPv2)", RFC 1905, January 1996. 506 [18] Levi, D., Meyer, P., and B. Stewart, "SNMPv3 Applications", RFC 507 2573, April 1999. 509 [19] Wijnen, B., Presuhn, R., and K. McCloghrie, "View-based Access 510 Control Model (VACM) for the Simple Network Management Protocol 511 (SNMP)", RFC 2575, April 1999. 513 [20] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction to 514 Version 3 of the Internet-standard Network Management Framework", 515 RFC 2570, April 1999. 517 7. Security Considerations 519 There are no management objects defined in this MIB that have a MAX- 520 ACCESS clause of read-write and/or read-create. So, if this MIB is 521 implemented correctly, then there is no risk that an intruder can alter 522 or create any management objects of this MIB via direct SNMP SET 523 operations. 525 There are a number of managed objects in this MIB that may contain 526 sensitive information. These are: 528 o The udpListenerLocalPort and udpLocalPort objects can be used to 529 identify what ports are open on the machine and can thus what attacks 530 are likely to succeed, without the attacker having to run a port 531 scanner. 533 It is thus important to control even GET access to these objects and 534 possibly to even encrypt the values of these object when sending them 535 over the network via SNMP. Not all versions of SNMP provide features 536 for such a secure environment. 538 SNMPv1 by itself is not a secure environment. Even if the network 539 itself is secure (for example by using IPSec), even then, there is no 540 control as to who on the secure network is allowed to access and GET/SET 541 (read/change/create/delete) the objects in this MIB. 543 It is recommended that the implementers consider the security features 544 as provided by the SNMPv3 framework. Specifically, the use of the User- 545 based Security Model RFC 2574 [16] and the View-based Access Control 546 Model RFC 2575 [19] is recommended. 548 It is then a customer/user responsibility to ensure that the SNMP entity 549 giving access to an instance of this MIB, is properly configured to give 550 access to the objects only to those principals (users) that have 551 legitimate rights to indeed GET or SET (change/create/delete) them. 553 8. Editor's Address 554 Bill Fenner 555 AT&T Labs -- Research 556 75 Willow Rd 557 Menlo Park, CA 94025 558 USA 560 Email: fenner@research.att.com 562 9. Full Copyright Statement 564 Copyright (C) The Internet Society (2001). All Rights Reserved. 566 This document and translations of it may be copied and furnished to 567 others, and derivative works that comment on or otherwise explain it or 568 assist in its implementation may be prepared, copied, published and 569 distributed, in whole or in part, without restriction of any kind, 570 provided that the above copyright notice and this paragraph are included 571 on all such copies and derivative works. However, this document itself 572 may not be modified in any way, such as by removing the copyright notice 573 or references to the Internet Society or other Internet organizations, 574 except as needed for the purpose of developing Internet standards in 575 which case the procedures for copyrights defined in the Internet 576 Standards process must be followed, or as required to translate it into 577 languages other than English. 579 The limited permissions granted above are perpetual and will not be 580 revoked by the Internet Society or its successors or assigns. 582 This document and the information contained herein is provided on an "AS 583 IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK 584 FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT 585 LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT 586 INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR 587 FITNESS FOR A PARTICULAR PURPOSE.