idnits 2.17.1 draft-ietf-ldapext-ldapv3-vlv-08.txt: ** The Abstract section seems to be numbered Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == There is 1 instance of lines with non-ascii characters in the document. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an Introduction section. ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year == The document seems to lack the recommended RFC 2119 boilerplate, even if it appears to use RFC 2119 keywords. (The document does seem to have the reference to RFC 2119 which the ID-Checklist requires). -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (Aug 2002) is 7918 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Looks like a reference, but probably isn't: '0' on line 241 -- Looks like a reference, but probably isn't: '1' on line 244 ** Obsolete normative reference: RFC 2251 (ref. 'LDAPv3') (Obsoleted by RFC 4510, RFC 4511, RFC 4512, RFC 4513) Summary: 5 errors (**), 0 flaws (~~), 3 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 Internet-Draft D. Boreham, Bozeman Pass 2 LDAPext Working Group J. Sermersheim, Novell 3 Intended Category: Standards Track A. Kashi, Microsoft 4 5 Expires: Feb 2003 Aug 2002 7 LDAP Extensions for Scrolling View Browsing of Search Results 9 1. Status of this Memo 11 This document is an Internet-Draft and is in full conformance with 12 all provisions of Section 10 of RFC2026. 14 Internet-Drafts are working documents of the Internet Engineering 15 Task Force (IETF), its areas, and its working groups. Note that other 16 groups may also distribute working documents as Internet-Drafts. 18 Internet-Drafts are draft documents valid for a maximum of six months 19 and may be updated, replaced, or obsoleted by other documents at any 20 time. It is inappropriate to use Internet-Drafts as reference 21 material or to cite them other than as "work in progress." 23 The list of current Internet-Drafts can be accessed at 24 http://www.ietf.org/ietf/1id-abstracts.txt 26 The list of Internet-Draft Shadow Directories can be accessed at 27 http://www.ietf.org/shadow.html. 29 This document is intended to be submitted, after review and revision, 30 as a Standards Track document. Distribution of this memo is 31 unlimited. 32 Please send comments to the authors. 34 2. Abstract 36 This document describes a Virtual List View control extension for the 37 Lightweight Directory Access Protocol (LDAP) Search operation. This 38 control is designed to allow the "virtual list box" feature, common 39 in existing commercial e-mail address book applications, to be 40 supported efficiently by LDAP servers. LDAP servers' inability to 41 support this client feature is a significant impediment to LDAP 42 replacing proprietary protocols in commercial e-mail systems. 44 The control allows a client to specify that the server return, for a 45 given LDAP search with associated sort keys, a contiguous subset of 46 the search result set. This subset is specified in terms of offsets 47 into the ordered list, or in terms of a greater than or equal 48 comparison value. 50 Boreham et al Internet-Draft 1 51 Browsing of Search Results 53 3. Conventions used in this document 54 The key words "MUST", "SHOULD", "SHOULD NOT", and "MAY" in this 55 document are to be interpreted as described in RFC 2119 [Bradner97]. 57 Protocol elements are described using ASN.1 [X.680]. The term "BER- 58 encoded" means the element is to be encoded using the Basic Encoding 59 Rules [X.690] under the restrictions detailed in Section 5.1 of 60 [LDAPv3]. 62 4. Background 64 A Virtual List is a graphical user interface technique employed where 65 ordered lists containing a large number of entries need to be 66 displayed. A window containing a small number of visible list entries 67 is drawn. The visible portion of the list may be relocated to 68 different points within the list by means of user input. This input 69 can be to a scroll bar slider; from cursor keys; from page up/down 70 keys; from alphanumeric keys for "typedown". The user is given the 71 impression that they may browse the complete list at will, even 72 though it may contain millions of entries. It is the fact that the 73 complete list contents are never required at any one time that 74 characterizes Virtual List View. Rather than fetch the complete list 75 from wherever it is stored (typically from disk or a remote server), 76 only that information which is required to display the part of the 77 list currently in view is fetched. The subject of this document is 78 the interaction between client and server required to implement this 79 functionality in the context of the results from a sorted [SSS] 80 Lightweight Directory Access Protocol (LDAP) [LDAPv3] search request. 82 For example, suppose an e-mail address book application displays a 83 list view onto the list containing the names of all the holders of e- 84 mail accounts at a large university. The list is sorted 85 alphabetically. While there may be tens of thousands of entries in 86 this list, the address book list view displays only 20 such accounts 87 at any one time. The list has an accompanying scroll bar and text 88 input window for type-down. When first displayed, the list view shows 89 the first 20 entries in the list, and the scroll bar slider is 90 positioned at the top of its range. Should the user drag the slider 91 to the bottom of its range, the displayed contents of the list view 92 should be updated to show the last 20 entries in the list. Similarly, 93 if the slider is positioned somewhere in the middle of its travel, 94 the displayed contents of the list view should be updated to contain 95 the 20 entries located at that relative position within the complete 96 list. Starting from any display point, if the user uses the cursor 97 keys or clicks on the scroll bar to request that the list be scrolled 98 up or down by one entry, the displayed contents should be updated to 99 reflect this. Similarly the list should be displayed correctly when 100 the user requests a page scroll up or down. Finally, when the user 101 types characters in the type-down window, the displayed contents of 102 the list should "jump" or "seek" to the appropriate point within the 104 Boreham et al Internet-Draft 2 105 Browsing of Search Results 107 list. For example, if the user types "B", the displayed list could 108 center around the first user with a name beginning with the letter 109 "B". When this happens, the scroll bar slider should also be updated 110 to reflect the new relative location within the list. 112 This document defines a request control which extends the LDAP search 113 operation. Always used in conjunction with the server side sorting 114 control [SSS], this allows a client to retrieve selected portions of 115 large search result set in a fashion suitable for the implementation 116 of a virtual list view. 118 5. Client-Server Interaction 120 The Virtual List View control extends a regular LDAP Search operation 121 which MUST also include a server-side sorting control [SSS]. Rather 122 than returning the complete set of appropriate SearchResultEntry 123 messages, the server is instructed to return a contiguous subset of 124 those entries, taken from the sorted result set, centered around a 125 particular target entry. Henceforth, in the interests of brevity, the 126 sorted search result set will be referred to as "the list". 128 The sort control may contain any sort specification valid for the 129 server. The attributeType field in the first SortKeyList sequence 130 element has special significance for "typedown". 132 The desired target entry and the number of entries to be returned, 133 both before and after that target entry in the list, are determined 134 by the client's VirtualListViewRequest control. 136 When the server returns the set of entries to the client, it attaches 137 a VirtualListViewResponse control to the SearchResultDone message. 138 The server returns in this control: its current estimate for the list 139 content count, the location within the list corresponding to the 140 target entry, any error codes, and optionally a context identifier. 142 The target entry is specified in the VirtualListViewRequest control 143 by one of two methods. The first method is for the client to indicate 144 the target entry's offset within the list. The second way is for the 145 client to supply an attribute assertion value. The value is compared 146 against the values of the attribute specified as the primary sort key 147 in the sort control attached to the search operation. The first sort 148 key in the SortKeyList is the primary sort key. The target entry is 149 the first entry in the list with value greater than or equal to (in 150 the primary sort order), the presented value. The order is determined 151 by rules defined in [SSS]. Selection of the target entry by this 152 means is designed to implement "typedown". Note that it is possible 153 that no entry satisfies these conditions, in which case there is no 154 target entry. This condition is indicated by the server returning the 155 special value contentCount + 1 in the target position field. 157 Boreham et al Internet-Draft 3 158 Browsing of Search Results 160 Because the server may not have an accurate estimate of the number of 161 entries in the list, and to take account of cases where the list size 162 is changing during the time the user browses the list, and because 163 the client needs a way to indicate specific list targets "beginning" 164 and "end", offsets within the list are transmitted between client and 165 server as ratios---offset to content count. The server sends its 166 latest estimate as to the number of entries in the list (content 167 count) to the client in every response control. The client sends its 168 assumed value for the content count in every request control. The 169 server examines the content count and offsets presented by the client 170 and computes the corresponding offsets within the list, based on its 171 own idea of the content count. 173 Si = Sc * (Ci / Cc) 175 Where: 176 Si is the actual list offset used by the server 177 Sc is the server's estimate for content count 178 Ci is the client's submitted offset 179 Cc is the client's submitted content count 180 The result is rounded to the nearest integer. 182 If the content count is stable, and the client returns to the server 183 the content count most recently received, Cc = Sc and the offsets 184 transmitted become the actual server list offsets. 186 The following special cases exist when the client is specifying the 187 offset and content count: 188 - an offset of one and a content count of non-one (Ci = 1, Cc != 1) 189 indicates that the target is the first entry in the list. 190 - equivalent values (Ci = Cc) indicate that the target is the last 191 entry in the list. 192 - a content count of zero, and a non-zero offset (Cc = 0, Ci != 0) 193 means the client has no idea what the content count is, the server 194 MUST use its own content count estimate in place of the client's. 196 Because the server always returns contentCount and targetPosition, 197 the client can always determine which of the returned entries is the 198 target entry. Where the number of entries returned is the same as the 199 number requested, the client is able to identify the target by simple 200 arithmetic. Where the number of entries returned is not the same as 201 the number requested (because the requested range crosses the 202 beginning or end of the list, or both), the client MUST use the 203 target position and content count values returned by the server to 204 identify the target entry. For example, suppose that 10 entries 205 before and 10 after the target were requested, but the server returns 206 13 entries, a content count of 100 and a target position of 3. The 207 client can determine that the first entry must be entry number 1 in 208 the list, therefore the 13 entries returned are the first 13 entries 209 in the list, and the target is the third one. 211 Boreham et al Internet-Draft 4 212 Browsing of Search Results 214 A server-generated context identifier MAY be returned to clients. A 215 client receiving a context identifier MUST return it unchanged, or 216 not return it at all in a subsequent request which relates to the 217 same list. The purpose of this interaction is to enhance the 218 performance and effectiveness of servers which employ approximate 219 positioning. 221 6. The Controls 223 Support for the virtual list view control extension is indicated by 224 the presence of the OID "2.16.840.1.113730.3.4.9" in the 225 supportedControl attribute of a server's root DSE. 227 6.1. Request Control 229 This control is included in the SearchRequest message as part of the 230 controls field of the LDAPMessage, as defined in Section 4.1.12 of 231 [LDAPv3]. The controlType is set to "2.16.840.1.113730.3.4.9". If 232 this control is included in a SearchRequest message, a Server Side 233 Sorting request control [SSS] MUST also be present in the message. 234 The controlValue, an OCTET STRING, is the BER-encoding of the 235 following SEQUENCE: 237 VirtualListViewRequest ::= SEQUENCE { 238 beforeCount INTEGER (0..maxInt), 239 afterCount INTEGER (0..maxInt), 240 CHOICE { 241 byoffset [0] SEQUENCE { 242 offset INTEGER (0 .. maxInt), 243 contentCount INTEGER (0 .. maxInt) }, 244 greaterThanOrEqual [1] AssertionValue }, 245 contextID OCTET STRING OPTIONAL } 247 beforeCount indicates how many entries before the target entry the 248 client wants the server to send. afterCount indicates the number of 249 entries after the target entry the client wants the server to send. 250 offset and contentCount identify the target entry as detailed in 251 section 4. greaterThanOrEqual is an attribute assertion value defined 252 in [LDAPv3]. The assertion value is encoded according to the 253 attributeDescription in the sort control [SSS]. If present, the value 254 supplied in greaterThanOrEqual is used to determine the target entry 255 by comparison with the values of the attribute specified as the 256 primary sort key. The first list entry who's value is no less than 257 (less than or equal to when the sort order is reversed) the supplied 258 value is the target entry. If present, the contextID field contains 259 the value of the most recently received contextID field from a 260 VirtualListViewResponse control. The type AssertionValue and value 261 maxInt are defined in [LDAPv3]. contextID values have no validity 262 outside the connection on which they were received. That is, a client 264 Boreham et al Internet-Draft 5 265 Browsing of Search Results 267 SHOULD NOT submit a contextID which it received from another 268 connection, a connection now closed, or a different server. 270 6.2. Response Control 272 If the request control is serviced, this response control is included 273 in the SearchResultDone message as part of the controls field of the 274 LDAPMessage, as defined in Section 4.1.12 of [LDAPv3]. 276 The controlType is set to "2.16.840.1.113730.3.4.10". The criticality 277 is FALSE (MAY be absent). The controlValue, an OCTET STRING, is the 278 BER-encoding of the following SEQUENCE: 280 VirtualListViewResponse ::= SEQUENCE { 281 targetPosition INTEGER (0 .. maxInt), 282 contentCount INTEGER (0 .. maxInt), 283 virtualListViewResult ENUMERATED { 284 success (0), 285 operationsError (1), 286 unwillingToPerform (53), 287 insufficientAccessRights (50), 288 busy (51), 289 timeLimitExceeded (3), 290 adminLimitExceeded (11), 291 sortControlMissing (60), 292 offsetRangeError (61), 293 other(80), 294 ... }, 295 contextID OCTET STRING OPTIONAL } 297 targetPosition gives the list offset for the target entry. 298 contentCount gives the server's estimate of the current number of 299 entries in the list. Together these give sufficient information for 300 the client to update a list box slider position to match the newly 301 retrieved entries and identify the target entry. The contentCount 302 value returned SHOULD be used in a subsequent VirtualListViewRequest 303 control. contextID is a server-defined octet string. If present, the 304 contents of the contextID field SHOULD be returned to the server by a 305 client in a subsequent VirtualListViewRequest control. 307 The virtualListViewResult codes which are common to the LDAP 308 searchResponse (adminLimitExceeded, timeLimitExceeded, busy, 309 operationsError, unwillingToPerform, insufficientAccessRights, 310 success, other) have the same meanings as defined in [LDAPv3], but 311 they pertain specifically to the VLV operation. For example, the 312 server could exceed an administration limit while processing a 313 SearchRequest with a VirtualListViewRequest control. However, the 314 same administration limit would not be exceeded should the same 315 SearchRequest be submitted by the client without the 316 VirtualListViewRequest control. In this case, the client can 318 Boreham et al Internet-Draft 6 319 Browsing of Search Results 321 determine that an administration limit has been exceeded in servicing 322 the VLV request, and can if it chooses resubmit the SearchRequest 323 without the VirtualListViewRequest control. 325 insufficientAccessRights means that the server denied the client 326 permission to perform the VLV operation. 328 If the server determines that the results of the search presented 329 exceed the range specified in INTEGER values, it MUST return 330 offsetRangeError. 332 6.2.1 virtualListViewError 334 A new LDAP error is introduced called virtualListViewError. Its value 335 is 76. 337 If the server returns any code other than success (0) for 338 virtualListViewResult, then the server SHOULD return 339 virtualListViewError as the resultCode of the SearchResultDone 340 message. 342 [Note to the IESG/IANA/RFC Editor: 343 It is requested that IANA register the LDAP result code 344 virtualListViewError (76) upon Standards Action by the IESG. The 345 value 76 has been suggested by experts, had expert review, and is 346 currently being used by some implementations. The following 347 registration template is suggested: 349 Subject: LDAP Result Code Registration 350 Person & email address to contact for further information: Jim 351 Sermersheim 352 Result Code Name: virtualListViewError 353 Specification: RFCXXXX 354 Author/Change Controller: IESG 355 Comments: request LDAP result codes be assigned 356 ] 358 7. Protocol Example 360 Here we walk through the client-server interaction for a specific 361 virtual list view example: The task is to display a list of all 78564 362 people in the US company "Ace Industry". This will be done by 363 creating a graphical user interface object to display the list 364 contents, and by repeatedly sending different versions of the same 365 virtual list view search request to the server. The list view 366 displays 20 entries on the screen at a time. 368 We form a search with baseDN "o=Ace Industry,c=us"; search scope 369 subtree; filter "(objectClass=inetOrgPerson)". We attach a server 370 sort order control to the search, specifying ascending sort on 371 attribute "cn". To this search, we attach a virtual list view request 373 Boreham et al Internet-Draft 7 374 Browsing of Search Results 376 control with contents determined by the user activity and send the 377 search to the server. We display the results from each search in the 378 list window and update the slider position. 380 When the list view is first displayed, we want to initialize the 381 contents showing the beginning of the list. Therefore, we set 382 beforeCount to 0, afterCount to 19, contentCount to 0, offset to 1 383 and send the request to the server. The server duly returns the first 384 20 entries in the list, plus the content count = 78564 and 385 targetPosition = 1. We therefore leave the scroll bar slider at its 386 current location (the top of its range). 388 Say that next the user drags the scroll bar slider down to the bottom 389 of its range. We now wish to display the last 20 entries in the list, 390 so we set beforeCount = 19, afterCount = 0, contentCount = 78564, 391 offset = 78564 and send the request to the server. The server returns 392 the last 20 entries in the list, plus the content count = 78564 and 393 targetPosition = 78564. 395 Next the user presses a page up key. Our page size is 20, so we set 396 beforeCount = 0, afterCount = 19, contentCount = 78564, offset = 397 78564-19-20 and send the request to the server. The server returns 398 the preceding 20 entries in the list, plus the content count = 78564 399 and targetPosition = 78525. 401 Now the user grabs the scroll bar slider and drags it to 68% of the 402 way down its travel. 68% of 78564 is 53424 so we set beforeCount = 9, 403 afterCount = 10, contentCount = 78564, offset = 53424 and send the 404 request to the server. The server returns the preceding 20 entries in 405 the list, plus the content count = 78564 and targetPosition = 53424. 407 Lastly, the user types the letter "B". We set beforeCount = 9, 408 afterCount = 10 and greaterThanOrEqual = "B". The server finds the 409 first entry in the list not less than "B", let's say "Babs Jensen", 410 and returns the nine preceding entries, the target entry, and the 411 proceeding 10 entries. The server returns content count = 78564 and 412 targetPosition = 5234 and so the client updates its scroll bar slider 413 to 6.7% of full scale. 415 8. Notes for Implementers 417 While the feature is expected to be generally useful for arbitrary 418 search and sort specifications, it is specifically designed for those 419 cases where the result set is very large. The intention is that this 420 feature be implemented efficiently by means of pre-computed indices 421 pertaining to a set of specific cases. For example, an offset 422 relating to "all the employees in the local organization, sorted by 423 surname" would be a common case. 425 Boreham et al Internet-Draft 8 426 Browsing of Search Results 428 The intention for client software is that the feature should fit 429 easily with the host platform's graphical user interface facilities 430 for the display of scrolling lists. Thus the task of the client 431 implementers should be one of reformatting up the requests for 432 information received from the list view code to match the format of 433 the virtual list view request and response controls. 435 Client implementers MUST be aware that any offset value returned by 436 the server might be approximate. Do not design clients that only 437 operate correctly when offsets are exact. 439 Server implementers using indexing technology which features 440 approximate positioning should consider returning context identifiers 441 to clients. The use of a context identifier will allow the server to 442 distinguish between client requests which relate to different 443 displayed lists on the client. Consequently the server can decide 444 more intelligently whether to reposition an existing database cursor 445 accurately to within a short distance of its current position, or to 446 reposition to an approximate position. Thus the client will see 447 precise offsets for "short" repositioning (e.g. paging up or down), 448 but approximate offsets for a "long" reposition (e.g. a slider 449 movement). 451 Server implementers are free to return an ldap result code of 452 virtualListViewError and a virtualListViewResult of 453 unwillingToPerform should their server be unable to service any 454 particular VLV search. This might be because the resolution of the 455 search is computationally infeasible, or because excessive server 456 resources would be required to service the search. 458 Client implementers should note that this control is only defined on 459 a client interaction with a single server. If a search scope spans 460 multiple naming contexts that are not held locally, search result 461 references will be returned, and may occur at any point in the search 462 operation. The client is responsible for deciding when and how to 463 apply this control to the referred-to servers, and how to collate the 464 results from multiple servers. 466 9. Relationship to "Simple Paged Results" 468 These controls are designed to support the virtual list view, which 469 has proved hard to implement with the Simple Paged Results mechanism 470 [SPaged]. However, the controls described here support any operation 471 possible with the Simple Paged Results mechanism. The two mechanisms 472 are not complementary; rather one has a superset of the other's 473 features. One area where the mechanism presented here is not a strict 474 superset of the Simple Paged Results scheme is that here we require a 475 sort order to be specified. No such requirement is made for paged 476 results. 478 Boreham et al Internet-Draft 9 479 Browsing of Search Results 481 10. Security Considerations 483 Server implementers may wish to consider whether clients are able to 484 consume excessive server resources in requesting virtual list 485 operations. Access control to the feature itself; configuration 486 options limiting the feature�s use to certain predetermined search 487 base DNs and filters; throttling mechanisms designed to limit the 488 ability for one client to soak up server resources, may be 489 appropriate. 491 Consideration should be given as to whether a client will be able to 492 retrieve the complete contents, or a significant subset of the 493 complete contents of the directory using this feature. This may be 494 undesirable in some circumstances and consequently it may be 495 necessary to enforce some access control. 497 Clients can, using this control, determine how many entries are 498 contained within a portion of the DIT. This may constitute a security 499 hazard. Again, access controls may be appropriate. 501 Server implementers should exercise caution concerning the content of 502 the contextID. Should the contextID contain internal server state, it 503 may be possible for a malicious client to use that information to 504 gain unauthorized access to information. 506 11. Acknowledgements 508 Chris Weider, Anoop Anantha, and Michael Armijo of Microsoft co- 509 authored previous versions of this document. 511 12. Normative References 513 [X.680] ITU-T Rec. X.680, "Abstract Syntax Notation One (ASN.1) - 514 Specification of Basic Notation", 1994. 516 [X.690] ITU-T Rec. X.690, "Specification of ASN.1 encoding rules: 517 Basic, Canonical, and Distinguished Encoding Rules", 518 1994. 520 [LDAPv3] Wahl, M., Kille, S. and T. Howes, "Lightweight Directory 521 Access Protocol (v3)", Internet Standard, RFC 2251, 522 December, 1997. 524 [SSS] Wahl, M., Herron, A. and T. Howes, "LDAP Control 525 Extension for Server Side Sorting of Search Results", 526 RFC 2891, August, 2000. 528 Boreham et al Internet-Draft 10 529 Browsing of Search Results 531 [Bradner97] Bradner, S., "Key Words for use in RFCs to Indicate 532 Requirement Levels", BCP 14, RFC 2119, March 1997. 534 13. Informative References 536 [SPaged] Weider, C., Herron, A., Anantha, A. and T. Howes, "LDAP 537 Control Extension for Simple Paged Results Manipulation", 538 RFC2696, September 1999. 540 14. Authors' Addresses 542 David Boreham 543 Bozeman Pass, Inc 544 +1 406 222 7093 545 david@bozemanpass.com 547 Jim Sermersheim 548 Novell 549 1800 South Novell Place 550 Provo, Utah 84606, USA 551 jimse@novell.com 553 Asaf Kashi 554 Microsoft Corporation 555 1 Microsoft Way 556 Redmond, WA 98052, USA 557 +1 425 882-8080 558 asafk@microsoft.com 560 15. Full Copyright Statement 562 Copyright (C) The Internet Society (2002). All Rights Reserved. 563 This document and translations of it may be copied and furnished to 564 others, and derivative works that comment on or otherwise explain it 565 or assist in its implementation may be prepared, copied, published 566 and distributed, in whole or in part, without restriction of any 567 kind, provided that the above copyright notice and this paragraph are 568 included on all such copies and derivative works. However, this 569 document itself may not be modified in any way, such as by removing 570 the copyright notice or references to the Internet Society or other 571 Internet organizations, except as needed for the purpose of 572 developing Internet standards in which case the procedures for 573 copyrights defined in the Internet Standards process must be 574 followed, or as required to translate it into languages other than 575 English. The limited permissions granted above are perpetual and will 576 not be revoked by the Internet Society or its successors or assigns. 577 This document and the information contained herein is provided on an 578 "AS IS" basis and THE INTERNET SOCIETY AND THE 579 INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR 581 Boreham et al Internet-Draft 11 582 Browsing of Search Results 584 IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 585 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 586 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE." 588 Boreham et al Internet-Draft 12