idnits 2.17.1 draft-ietf-radius-auth-clientmib-01.txt: ** The Abstract section seems to be numbered Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Cannot find the required boilerplate sections (Copyright, IPR, etc.) in this document. Expected boilerplate is as follows today (2024-04-26) according to https://trustee.ietf.org/license-info : IETF Trust Legal Provisions of 28-dec-2009, Section 6.a: This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 2: Copyright (c) 2024 IETF Trust and the persons identified as the document authors. All rights reserved. IETF Trust Legal Provisions of 28-dec-2009, Section 6.b(i), paragraph 3: This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** Missing expiration date. The document expiration date should appear on the first and last page. ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories. == The page length should not exceed 58 lines per page, but there was 9 longer pages, the longest (page 2) being 66 lines Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There are 108 instances of too long lines in the document, the longest one being 11 characters in excess of 72. Miscellaneous warnings: ---------------------------------------------------------------------------- == Line 12 has weird spacing: '...), its areas...' == Line 13 has weird spacing: '... its worki...' == Line 17 has weird spacing: '... and may ...' == Line 18 has weird spacing: '...afts as refer...' == Line 21 has weird spacing: '... To learn...' == (31 more instances...) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (12 February 1998) is 9570 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Unused Reference: '2' is defined on line 422, but no explicit reference was found in the text == Unused Reference: '3' is defined on line 425, but no explicit reference was found in the text == Unused Reference: '4' is defined on line 428, but no explicit reference was found in the text == Unused Reference: '5' is defined on line 433, but no explicit reference was found in the text == Unused Reference: '6' is defined on line 438, but no explicit reference was found in the text == Unused Reference: '7' is defined on line 444, but no explicit reference was found in the text == Unused Reference: '8' is defined on line 449, but no explicit reference was found in the text == Unused Reference: '9' is defined on line 455, but no explicit reference was found in the text == Unused Reference: '10' is defined on line 460, but no explicit reference was found in the text == Unused Reference: '11' is defined on line 465, but no explicit reference was found in the text == Unused Reference: '12' is defined on line 471, but no explicit reference was found in the text == Unused Reference: '13' is defined on line 477, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2138 (ref. '1') (Obsoleted by RFC 2865) ** Obsolete normative reference: RFC 2139 (ref. '2') (Obsoleted by RFC 2866) == Outdated reference: A later version (-06) exists of draft-ietf-radius-ext-00 ** Downref: Normative reference to an Informational draft: draft-ietf-radius-ext (ref. '3') -- Possible downref: Non-RFC (?) normative reference: ref. '4' ** Downref: Normative reference to an Historic RFC: RFC 1901 (ref. '5') ** Obsolete normative reference: RFC 1902 (ref. '6') (Obsoleted by RFC 2578) ** Obsolete normative reference: RFC 1903 (ref. '7') (Obsoleted by RFC 2579) ** Obsolete normative reference: RFC 1904 (ref. '8') (Obsoleted by RFC 2580) ** Obsolete normative reference: RFC 1905 (ref. '9') (Obsoleted by RFC 3416) ** Obsolete normative reference: RFC 1906 (ref. '10') (Obsoleted by RFC 3417) ** Obsolete normative reference: RFC 1907 (ref. '11') (Obsoleted by RFC 3418) ** Obsolete normative reference: RFC 1908 (ref. '12') (Obsoleted by RFC 2576) ** Downref: Normative reference to an Historic RFC: RFC 1909 (ref. '13') Summary: 22 errors (**), 0 flaws (~~), 20 warnings (==), 3 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 RADIUS Working Group Bernard Aboba 2 INTERNET-DRAFT Microsoft 3 Category: Standards Track Glen Zorn 4 Microsoft 5 12 February 1998 7 RADIUS Authentication Client MIB 9 1. Status of this Memo 11 This document is an Internet-Draft. Internet-Drafts are working docu- 12 ments of the Internet Engineering Task Force (IETF), its areas, and 13 its working groups. Note that other groups may also distribute work- 14 ing documents as Internet-Drafts. 16 Internet-Drafts are draft documents valid for a maximum of six months 17 and may be updated, replaced, or obsoleted by other documents at any 18 time. It is inappropriate to use Internet-Drafts as reference mate- 19 rial or to cite them other than as ``work in progress.'' 21 To learn the current status of any Internet-Draft, please check the 22 ``1id-abstracts.txt'' listing contained in the Internet-Drafts Shadow 23 Directories on ds.internic.net (US East Coast), nic.nordu.net 24 (Europe), ftp.isi.edu (US West Coast), or munnari.oz.au (Pacific Rim). 26 The distribution of this memo is unlimited. It is filed as , and expires August 1, 1998. 28 Please send comments to the authors. 30 2. Abstract 32 This memo defines a set of extensions which instrument RADIUS authen- 33 tication client functions. These extensions represent a portion of the 34 Management Information Base (MIB) for use with network management pro- 35 tocols in the Internet community. Using these extensions IP-based 36 management stations can manage RADIUS authentication clients. 38 3. Introduction 40 This memo defines a portion of the Management Information Base (MIB) 41 for use with network management protocols in the Internet community. 42 In particular, it describes managed objects used for managing RADIUS 43 authentication clients. 45 Today a wide range of network devices, including routers and NASes, 46 act as RADIUS authentication clients in order to provide authentica- 47 tion and authorization services. As a result, the effective management 48 of RADIUS authentication clients is of considerable importance. 50 4. The SNMPv2 Network Management Framework 52 The SNMPv2 Network Management Framework consists of four major compo- 53 nents. They are: 55 o RFC 1902 which defines the SMI, the mechanisms used for 56 describing and naming objects for the purpose of management. 58 o RFC 1905 which defines the protocol used for network access to 59 managed objects. 61 o RFC 1907 defines the core set of managed objects for the 62 Internet suite of protocols. 64 o RFC 1909 which defines the administrative aspects of the 65 framework. 67 The Framework permits new objects to be defined for the purpose of 68 experimentation and evaluation. 70 4.1. Object Definitions 72 Managed objects are accessed via a virtual information store, termed 73 the Management Information Base or MIB. Objects in the MIB are 74 defined using the subset of Abstract Syntax Notation One (ASN.1) 75 defined in the SMI. In particular, each object object type is named by 76 an OBJECT IDENTIFIER, an administratively assigned name. The object 77 type together with an object instance serves to uniquely identify a 78 specific instantiation of the object. For human convenience, we often 79 use a textual string, termed the descriptor, to refer to the object 80 type. 82 5. Overview 84 The RADIUS authentication protocol, described in [1], distinguishes 85 between the client function and the server function. In RADIUS authen- 86 tication, clients send Access-Requests, and servers reply with Access- 87 Accepts, Access-Rejects, and Access-Challenges. Typically NAS devices 88 implement the client function, and thus would be expected to implement 89 the RADIUS authentication client MIB, while RADIUS authentication 90 servers implement the server function, and thus would be expected to 91 implement the RADIUS authentication server MIB. 93 However, it is possible for a RADIUS authentication entity to perform 94 both client and server functions. For example, a RADIUS proxy may act 95 as a server to one or more RADIUS authentication clients, while simul- 96 taneously acting as an authentication client to one or more authenti- 97 cation servers. In such situations, it is expected that RADIUS enti- 98 ties combining client and server functionality will support both the 99 client and server MIBs. 101 5.1. Selected objects 102 This MIB module contains two scalars as well as a single table: 104 (1) the RADIUS Authentication Server Table contains one row for each 105 RADIUS authentication server that the client shares a secret with. 107 Each entry in the RADIUS Authentication Server Table includes thirteen 108 entries presenting a view of the activity of the RADIUS authentication 109 client. 111 6. Definitions 113 RADIUS-AUTH-CLIENT-MIB DEFINITIONS ::= BEGIN 115 IMPORTS 116 MODULE-IDENTITY, OBJECT-TYPE, 117 OBJECT-IDENTITY, experimental, 118 Counter32, Integer32, Gauge32, 119 IpAddress, TimeTicks FROM SNMPv2-SMI 120 DisplayString FROM SNMPv2-TC 121 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF; 123 radiusAuthClientMIB MODULE-IDENTITY 124 LAST-UPDATED "9802121659Z" 125 ORGANIZATION "IETF RADIUS Working Group." 126 CONTACT-INFO 127 " Bernard Aboba 128 Microsoft 129 One Microsoft Way 130 Redmond, WA 98052 131 US 133 Phone: +1 425 936 6605 134 EMail: bernarda@microsoft.com" 135 DESCRIPTION 136 "The MIB module for entities implementing the client side of 137 the Remote Access Dialin User Service (RADIUS) authentication 138 protocol." 139 ::= { radiusAuthentication 2 } 141 radius OBJECT-IDENTITY 142 STATUS current 143 DESCRIPTION 144 "The OID assigned to RADIUS MIB work by the IANA." 145 ::= { experimental 79 } 147 radiusAuthentication OBJECT IDENTIFIER ::= {radius 1} 149 radiusAuthClientMIBObjects OBJECT IDENTIFIER ::= { radiusAuthClientMIB 1 } 151 radiusAuthClient OBJECT IDENTIFIER ::= { radiusAuthClientMIBObjects 1 } 152 radiusAuthClientInvalidServerAddresses OBJECT-TYPE 153 SYNTAX Counter32 154 MAX-ACCESS read-only 155 STATUS current 156 DESCRIPTION 157 "The total number of RADIUS Access-Response packets 158 received from unknown addresses since client start-up." 159 ::= { radiusAuthClient 1 } 161 radiusAuthClientIdentifier OBJECT-TYPE 162 SYNTAX DisplayString 163 MAX-ACCESS read-only 164 STATUS current 165 DESCRIPTION 166 "The NAS-Identifier of the RADIUS authentication client. 167 This is not necessarily the same as sysName in MIB II." 168 ::= { radiusAuthClient 2 } 170 radiusAuthServerTable OBJECT-TYPE 171 SYNTAX SEQUENCE OF RadiusAuthServerEntry 172 MAX-ACCESS not-accessible 173 STATUS current 174 DESCRIPTION 175 "The (conceptual) table listing the RADIUS authentication 176 servers with which the client shares a secret." 177 ::= { radiusAuthClient 3 } 179 radiusAuthServerEntry OBJECT-TYPE 180 SYNTAX RadiusAuthServerEntry 181 MAX-ACCESS not-accessible 182 STATUS current 183 DESCRIPTION 184 "An entry (conceptual row) representing a RADIUS 185 authentication server with which the client shares a secret." 186 INDEX { radiusAuthServerIndex } 187 ::= { radiusAuthServerTable 1 } 189 RadiusAuthServerEntry ::= SEQUENCE { 190 radiusAuthServerIndex Integer32, 191 radiusAuthServerAddress IpAddress, 192 radiusAuthClientServerPortNumber Integer32, 193 radiusAuthClientRoundTripTime TimeTicks, 194 radiusAuthClientAccessRequests Counter32, 195 radiusAuthClientAccessRetransmissions Counter32, 196 radiusAuthClientAccessAccepts Counter32, 197 radiusAuthClientAccessRejects Counter32, 198 radiusAuthClientAccessChallenges Counter32, 199 radiusAuthClientMalformedAccessResponses Counter32, 200 radiusAuthClientBadAuthenticators Counter32, 201 radiusAuthClientPendingRequests Gauge32, 202 radiusAuthClientTimeouts Counter32, 203 radiusAuthClientUnknownType Counter32 204 } 205 radiusAuthServerIndex OBJECT-TYPE 206 SYNTAX Integer32 (0..MAX) 207 MAX-ACCESS not-accessible 208 STATUS current 209 DESCRIPTION 210 "A number uniquely identifying each RADIUS 211 Authentication server with which this client 212 communicates." 213 ::= { radiusAuthServerEntry 1 } 215 radiusAuthServerAddress OBJECT-TYPE 216 SYNTAX IpAddress 217 MAX-ACCESS read-only 218 STATUS current 219 DESCRIPTION 220 "The IP address of the RADIUS authentication server 221 referred to in this table entry." 222 ::= { radiusAuthServerEntry 2 } 224 radiusAuthClientServerPortNumber OBJECT-TYPE 225 SYNTAX Integer32 226 MAX-ACCESS read-only 227 STATUS current 228 DESCRIPTION 229 "The UDP port the client is using to send requests to 230 this server." 231 ::= { radiusAuthServerEntry 3 } 233 radiusAuthClientRoundTripTime OBJECT-TYPE 234 SYNTAX TimeTicks 235 MAX-ACCESS read-only 236 STATUS current 237 DESCRIPTION 238 "The time interval between the most recent 239 Access-Reply/Access-Challenge and the Access-Request that 240 matched it from this RADIUS authentication server." 241 ::= { radiusAuthServerEntry 4 } 243 -- Request/Response statistics 244 -- Ignoring Unknown Types, then 245 -- AccessRequests + AccesssRetransmissions = AccessAccepts + 246 -- AccessRejects + AccessChallenges + PendingRequests + Timeouts 248 radiusAuthClientAccessRequests OBJECT-TYPE 249 SYNTAX Counter32 250 MAX-ACCESS read-only 251 STATUS current 252 DESCRIPTION 253 "The total number of RADIUS Access-Request packets sent 254 to this server since client start-up. This does not 255 include retransmissions." 256 ::= { radiusAuthServerEntry 5 } 258 radiusAuthClientAccessRetransmissions OBJECT-TYPE 259 SYNTAX Counter32 260 MAX-ACCESS read-only 261 STATUS current 262 DESCRIPTION 263 "The total number of RADIUS Access-Request packets 264 retransmitted to this RADIUS authentication server 265 since client start-up." 266 ::= { radiusAuthServerEntry 6 } 268 radiusAuthClientAccessAccepts OBJECT-TYPE 269 SYNTAX Counter32 270 MAX-ACCESS read-only 271 STATUS current 272 DESCRIPTION 273 "The total number of RADIUS Access-Accept packets 274 received from this server since client start-up." 275 ::= { radiusAuthServerEntry 7 } 277 radiusAuthClientAccessRejects OBJECT-TYPE 278 SYNTAX Counter32 279 MAX-ACCESS read-only 280 STATUS current 281 DESCRIPTION 282 "The total number of RADIUS Access-Reject packets 283 received from this server since client start-up." 284 ::= { radiusAuthServerEntry 8 } 286 radiusAuthClientAccessChallenges OBJECT-TYPE 287 SYNTAX Counter32 288 MAX-ACCESS read-only 289 STATUS current 290 DESCRIPTION 291 "The total number of RADIUS Access-Challenge packets 292 received from this server since client start-up." 293 ::= { radiusAuthServerEntry 9 } 295 -- "Access-Response" includes an Access-Accept, Access-Challenge 296 -- or Access-Reject 298 radiusAuthClientMalformedAccessResponses OBJECT-TYPE 299 SYNTAX Counter32 300 MAX-ACCESS read-only 301 STATUS current 302 DESCRIPTION 303 "The total number of malformed RADIUS Access-Response 304 packets received from this server since client 305 start-up. Malformed packets include packets with 306 an invalid length. Bad authenticators or 307 Signature attributes are not 308 included as malformed access responses." 309 ::= { radiusAuthServerEntry 10 } 311 radiusAuthClientBadAuthenticators OBJECT-TYPE 312 SYNTAX Counter32 313 MAX-ACCESS read-only 314 STATUS current 315 DESCRIPTION 316 "The total number of RADIUS Access-Response packets 317 containing invalid authenticators or Signature 318 attributes received from this server since client 319 start-up." 320 ::= { radiusAuthServerEntry 11 } 322 radiusAuthClientPendingRequests OBJECT-TYPE 323 SYNTAX Gauge32 324 MAX-ACCESS read-only 325 STATUS current 326 DESCRIPTION 327 "The total number of RADIUS Access-Request packets 328 destined for this server that have not yet timed out 329 or received a response. This variable is incremented 330 when an Access-Request is sent and decremented due to 331 receipt of an Access-Reply or Access-Challenge, 332 a timeout or retransmission." 333 ::= { radiusAuthServerEntry 12 } 335 radiusAuthClientTimeouts OBJECT-TYPE 336 SYNTAX Counter32 337 MAX-ACCESS read-only 338 STATUS current 339 DESCRIPTION 340 "The total number of authentication timeouts to this server 341 since client startup. After a timeout the client may 342 retry to the same server, send to a different server, or 343 give up. A retry to the same server is counted as a 344 retransmit as well as a timeout. A send to a different 345 server is counted as a Request as well as a timeout." 346 ::= { radiusAuthServerEntry 13 } 348 radiusAuthClientUnknownType OBJECT-TYPE 349 SYNTAX Counter32 350 MAX-ACCESS read-only 351 STATUS current 352 DESCRIPTION 353 "The total number of RADIUS packets of unknown type which 354 were received from this server on the authentication port 355 since client start-up." 356 ::= { radiusAuthServerEntry 14 } 358 -- conformance information 360 radiusAuthClientMIBConformance 361 OBJECT IDENTIFIER ::= { radiusAuthClientMIB 2 } 362 radiusAuthClientMIBCompliances 363 OBJECT IDENTIFIER ::= { radiusAuthClientMIBConformance 1 } 364 radiusAuthClientMIBGroups 365 OBJECT IDENTIFIER ::= { radiusAuthClientMIBConformance 2 } 367 -- compliance statements 369 radiusAuthClientMIBCompliance MODULE-COMPLIANCE 370 STATUS current 371 DESCRIPTION 372 "The compliance statement for authentication clients 373 implementing the RADIUS Authentication Client MIB." 374 MODULE -- this module 375 MANDATORY-GROUPS { radiusAuthClientMIBGroup } 377 ::= { radiusAuthClientMIBCompliances 1 } 379 -- units of conformance 381 radiusAuthClientMIBGroup OBJECT-GROUP 382 OBJECTS { radiusAuthClientIdentifier, 383 radiusAuthClientInvalidServerAddresses, 384 radiusAuthServerAddress, 385 radiusAuthClientServerPortNumber, 386 radiusAuthClientRoundTripTime, 387 radiusAuthClientAccessRequests, 388 radiusAuthClientAccessRetransmissions, 389 radiusAuthClientAccessAccepts, 390 radiusAuthClientAccessRejects, 391 radiusAuthClientAccessChallenges, 392 radiusAuthClientMalformedAccessResponses, 393 radiusAuthClientBadAuthenticators, 394 radiusAuthClientPendingRequests, 395 radiusAuthClientTimeouts, 396 radiusAuthClientUnknownType 397 } 398 STATUS current 399 DESCRIPTION 400 "The basic collection of objects providing management of 401 RADIUS Authentication Clients." 402 ::= { radiusAuthClientMIBGroups 1 } 404 END 406 7. Security considerations 408 All MIB variables described in this document are read-only. 410 8. Acknowledgments 412 Thanks to Narendra Gidwani of Microsoft, Allan C. Rubens of MERIT, 413 Carl Rigney of Livingston and Peter Heitman of American Internet Cor- 414 poration for useful discussions of this problem space. 416 9. References 418 [1] C. Rigney, A. Rubens, W. Simpson, S. Willens. "Remote Authenti- 419 cation Dial In User Service (RADIUS)." RFC 2138, Livingston, Merit, 420 Daydreamer, April, 1997. 422 [2] C. Rigney. "RADIUS Authentication." RFC 2139, Livingston, April, 423 1997. 425 [3] C. Rigney, W. Willats. "RADIUS Extensions." draft-ietf-radius- 426 ext-00.txt, Livingston, January, 1997. 428 [4] "Information processing systems - Open Systems Interconnection - 429 Specification of Abstract Syntax Notation One (ASN.1)", International 430 Organization for Standardization, International Standard 8824, Decem- 431 ber 1987. 433 [5] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Introduc- 434 tion to Community-based SNMPv2", RFC 1901, SNMP Research, Inc., Cisco 435 Systems, Dover Beach Consulting, Inc., International Network Services, 436 January, 1996. 438 [6] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Structure 439 of Management Information for Version 2 of the Simple Network Manage- 440 ment Protocol (SNMPv2)", RFC 1902, SNMP Research, Inc., Cisco Systems, 441 Dover Beach Consulting, Inc., International Network Services, January, 442 1996. 444 [7] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Textual 445 Conventions for version 2 of the the Simple Network Management Proto- 446 col (SNMPv2)", RFC 1903, SNMP Research, Inc., Cisco Systems, Dover 447 Beach Consulting, Inc., International Network Services, January, 1996. 449 [8] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Confor- 450 mance Statements for version 2 of the the Simple Network Management 451 Protocol (SNMPv2)", RFC 1904, SNMP Research, Inc., Cisco Systems, 452 Dover Beach Consulting, Inc., International Network Services, January, 453 1996. 455 [9] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Protocol 456 Operations for Version 2 of the Simple Network Management Protocol 457 (SNMPv2)", RFC 1905, SNMP Research, Inc., Cisco Systems, Dover Beach 458 Consulting, Inc., International Network Services, January, 1996. 460 [10] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Transport 461 Mappings for Version 2 of the Simple Network Management Protocol 462 (SNMPv2)", RFC 1906, SNMP Research, Inc., Cisco Systems, Dover Beach 463 Consulting, Inc., International Network Services, January, 1996. 465 [11] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Manage- 466 ment Information Base for Version 2 of the Simple Network Management 467 Protocol (SNMPv2)", RFC 1907, SNMP Research, Inc., Cisco Systems, 468 Dover Beach Consulting, Inc., International Network Services, January, 469 1996. 471 [12] Case, J., McCloghrie, K., Rose, M., and S. Waldbusser, "Coexis- 472 tence between Version 1 and Version 2 of the Internet-standard Network 473 Management Framework", RFC 1908, SNMP Research, Inc., Cisco Systems, 474 Dover Beach Consulting, Inc., International Network Services, January, 475 1996. 477 [13] McCloghrie, K., "An Administrative Infrastructure for SNMPv2", 478 RFC 1909, Cisco Systems, February, 1996. 480 10. Authors' Addresses 482 Bernard Aboba 483 Microsoft Corporation 484 One Microsoft Way 485 Redmond, WA 98052 487 Phone: 425-936-6605 488 EMail: bernarda@microsoft.com 490 Glen Zorn 491 Microsoft Corporation 492 One Microsoft Way 493 Redmond, WA 98052 495 Phone: 425-703-1559 496 EMail: glennz@microsoft.com