idnits 2.17.1
draft-irtf-nmrg-snmp-tcp-07.txt:
Checking boilerplate required by RFC 5378 and the IETF Trust (see
https://trustee.ietf.org/license-info):
----------------------------------------------------------------------------
** Looks like you're using RFC 2026 boilerplate. This must be updated to
follow RFC 3978/3979, as updated by RFC 4748.
Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt:
----------------------------------------------------------------------------
== No 'Intended status' indicated for this document; assuming Proposed
Standard
Checking nits according to https://www.ietf.org/id-info/checklist :
----------------------------------------------------------------------------
** The document seems to lack an IANA Considerations section. (See Section
2.2 of https://www.ietf.org/id-info/checklist for how to handle the case
when there are no actions for IANA.)
** The document seems to lack separate sections for Informative/Normative
References. All references will be assumed normative when checking for
downward references.
** There is 1 instance of too long lines in the document, the longest one
being 1 character in excess of 72.
Miscellaneous warnings:
----------------------------------------------------------------------------
== The copyright year in the RFC 3978 Section 5.4 Copyright Line does not
match the current year
== Line 157 has weird spacing: '... octets cont...'
-- The document seems to lack a disclaimer for pre-RFC5378 work, but may
have content which was first submitted before 10 November 2008. If you
have contacted all the original authors and they are all willing to grant
the BCP78 rights to the IETF Trust, then this is fine, and you can ignore
this comment. If not, you may need to add the pre-RFC5378 disclaimer.
(See the Legal Provisions document at
https://trustee.ietf.org/license-info for more information.)
-- The document date (February 25, 2002) is 8094 days in the past. Is this
intentional?
Checking references for intended status: Proposed Standard
----------------------------------------------------------------------------
(See RFCs 3967 and 4897 for information about using normative references
to lower-maturity documents in RFCs)
** Obsolete normative reference: RFC 2571 (ref. '1') (Obsoleted by RFC 3411)
** Downref: Normative reference to an Informational RFC: RFC 1215 (ref. '4')
** Downref: Normative reference to an Historic RFC: RFC 1157 (ref. '8')
** Downref: Normative reference to an Historic RFC: RFC 1901 (ref. '9')
** Obsolete normative reference: RFC 1906 (ref. '10') (Obsoleted by RFC
3417)
** Obsolete normative reference: RFC 2572 (ref. '11') (Obsoleted by RFC
3412)
** Obsolete normative reference: RFC 2574 (ref. '12') (Obsoleted by RFC
3414)
** Obsolete normative reference: RFC 1905 (ref. '13') (Obsoleted by RFC
3416)
** Obsolete normative reference: RFC 2573 (ref. '14') (Obsoleted by RFC
3413)
** Obsolete normative reference: RFC 2575 (ref. '15') (Obsoleted by RFC
3415)
** Obsolete normative reference: RFC 2570 (ref. '16') (Obsoleted by RFC
3410)
** Downref: Normative reference to an Informational RFC: RFC 1270 (ref.
'18')
** Obsolete normative reference: RFC 793 (ref. '19') (Obsoleted by RFC
9293)
-- Possible downref: Non-RFC (?) normative reference: ref. '20'
-- Possible downref: Non-RFC (?) normative reference: ref. '21'
-- Possible downref: Non-RFC (?) normative reference: ref. '22'
-- Possible downref: Non-RFC (?) normative reference: ref. '23'
Summary: 17 errors (**), 0 flaws (~~), 3 warnings (==), 6 comments (--).
Run idnits with the --verbose option for more detailed information about
the items above.
--------------------------------------------------------------------------------
2 Network Working Group J. Schoenwaelder
3 Internet-Draft TU Braunschweig
4 Expires: August 26, 2002 February 25, 2002
6 SNMP over TCP Transport Mapping
7 draft-irtf-nmrg-snmp-tcp-07.txt
9 Status of this Memo
11 This document is an Internet-Draft and is in full conformance with
12 all provisions of Section 10 of RFC2026.
14 Internet-Drafts are working documents of the Internet Engineering
15 Task Force (IETF), its areas, and its working groups. Note that
16 other groups may also distribute working documents as Internet-
17 Drafts.
19 Internet-Drafts are draft documents valid for a maximum of six months
20 and may be updated, replaced, or obsoleted by other documents at any
21 time. It is inappropriate to use Internet-Drafts as reference
22 material or to cite them other than as "work in progress."
24 The list of current Internet-Drafts can be accessed at
25 http://www.ietf.org/ietf/1id-abstracts.txt.
27 The list of Internet-Draft Shadow Directories can be accessed at
28 http://www.ietf.org/shadow.html.
30 This Internet-Draft will expire on August 26, 2002.
32 Copyright Notice
34 Copyright (C) The Internet Society (2002). All Rights Reserved.
36 Abstract
38 This memo defines a transport mapping for using the Simple Network
39 Management Protocol (SNMP) over TCP. The transport mapping can be
40 used with any version of SNMP. This document extends the transport
41 mappings defined in RFC 1906.
43 Table of Contents
45 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
46 2. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 4
47 3. SNMP over TCP . . . . . . . . . . . . . . . . . . . . . . . . 5
48 3.1 Serialization . . . . . . . . . . . . . . . . . . . . . . . . 5
49 3.2 Well-Known Values . . . . . . . . . . . . . . . . . . . . . . 6
50 3.3 Connection Management . . . . . . . . . . . . . . . . . . . . 6
51 3.4 Reliable Transport versus Confirmed Operations . . . . . . . . 7
52 4. Security Considerations . . . . . . . . . . . . . . . . . . . 8
53 5. Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . 8
54 References . . . . . . . . . . . . . . . . . . . . . . . . . . 8
55 Author's Address . . . . . . . . . . . . . . . . . . . . . . . 10
56 A. Connection Establishment Alternatives . . . . . . . . . . . . 10
57 Full Copyright Statement . . . . . . . . . . . . . . . . . . . 13
59 1. Introduction
61 The SNMP Management Framework presently consists of five major
62 components:
64 o An overall architecture, described in RFC 2571 [1].
66 o Mechanisms for describing and naming objects and events for the
67 purpose of management. The first version of this Structure of
68 Management Information (SMI) is called SMIv1 and described in STD
69 16, RFC 1155 [2], STD 16, RFC 1212 [3] and RFC 1215 [4]. The
70 second version, called SMIv2, is described in STD 58, RFC 2578
71 [5], STD 58, RFC 2579 [6] and STD 58, RFC 2580 [7].
73 o Message protocols for transferring management information. The
74 first version of the SNMP message protocol is called SNMPv1 and
75 described in STD 15, RFC 1157 [8]. A second version of the SNMP
76 message protocol, which is not an Internet standards track
77 protocol, is called SNMPv2c and described in RFC 1901 [9] and RFC
78 1906 [10]. The third version of the message protocol is called
79 SNMPv3 and described in RFC 1906 [10], RFC 2572 [11] and RFC 2574
80 [12].
82 o Protocol operations for accessing management information. The
83 first set of protocol operations and associated PDU formats is
84 described in STD 15, RFC 1157 [8]. A second set of protocol
85 operations and associated PDU formats is described in RFC 1905
86 [13].
88 o A set of fundamental applications described in RFC 2573 [14] and
89 the view-based access control mechanism described in RFC 2575
90 [15].
92 A more detailed introduction to the current SNMP Management Framework
93 can be found in RFC 2570 [16].
95 Managed objects are accessed via a virtual information store, termed
96 the Management Information Base or MIB. Objects in the MIB are
97 defined using the mechanisms defined in the SMI.
99 This memo defines a transport mapping for using the Simple Network
100 Management Protocol (SNMP) over TCP. The transport mapping can be
101 used with any version of SNMP. This document extends the transport
102 mappings defined in RFC 1906 [10].
104 The SNMP over TCP transport mapping is an optional transport mapping.
105 SNMP protocol engines that implement the SNMP over TCP transport
106 mapping MUST also implement the SNMP over UDP transport mapping as
107 defined in RFC 1906 [10].
109 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
110 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
111 document are to be interpreted as described in RFC 2119 [17].
113 2. Definitions
115 IRTF-NMRG-SNMP-TCP-TM DEFINITIONS ::= BEGIN
117 IMPORTS
118 MODULE-IDENTITY, OBJECT-IDENTITY, experimental
119 FROM SNMPv2-SMI
120 TEXTUAL-CONVENTION
121 FROM SNMPv2-TC;
123 nmrgSnmpDomains MODULE-IDENTITY
124 LAST-UPDATED "200202250000Z"
125 ORGANIZATION "IRTF Network Management Research Group"
126 CONTACT-INFO
127 "Juergen Schoenwaelder
128 TU Braunschweig
129 Bueltenweg 74/75
130 38106 Braunschweig
131 Germany
133 Phone: +49 531 391-3283
134 Email: schoenw@ibr.cs.tu-bs.de"
135 DESCRIPTION
136 "This MIB module defines the SNMP over TCP transport mapping."
137 REVISION "200202250000Z"
138 DESCRIPTION
139 "Initial version, published as RFC XXXX."
140 ::= { experimental nmrg(91) 1 }
142 -- SNMP over TCP over IPv4
144 snmpTCPDomain OBJECT-IDENTITY
145 STATUS current
146 DESCRIPTION
147 "The SNMP over TCP over IPv4 transport domain. The
148 corresponding transport address is of type SnmpTCPAddress."
149 ::= { nmrgSnmpDomains 1 }
151 SnmpTCPAddress ::= TEXTUAL-CONVENTION
152 DISPLAY-HINT "1d.1d.1d.1d/2d"
153 STATUS current
154 DESCRIPTION
155 "Represents a TCP/IPv4 address:
157 octets contents encoding
158 1-4 IP-address network-byte order
159 5-6 TCP-port network-byte order
160 "
161 SYNTAX OCTET STRING (SIZE (6))
163 END
165 3. SNMP over TCP
167 SNMP over TCP is an experimental optional transport mapping. It is
168 primarily defined to support more efficient bulk transfer mechanisms
169 within the SNMP framework [20].
171 The originator of a request/response transaction chooses the
172 transport protocol for the entire transaction. The transport
173 protocol MUST NOT change during a transaction.
175 In general, originators of request/response transactions are free to
176 use the transport they assume is the best in a given situation.
177 However, since TCP has a larger footprint on resource usage than UDP,
178 engines using SNMP over TCP may choose to switch back to UDP by
179 refusing new TCP connections whenever necessary (e.g. too many open
180 TCP connections).
182 When selecting the transport, it is useful to consider how SNMP
183 interacts with TCP acknowledgements and timers. In particular,
184 infrequent SNMP interactions over TCP may lead to additional IP
185 packets carrying acknowledgements for SNMP responses if there is no
186 chance to piggyback them. Furthermore, it is recommended to
187 configure SNMP timers to fire later when using SNMP over TCP to avoid
188 application specific timeouts before the TCP timers have expired.
190 3.1 Serialization
192 Each instance of a message is serialized into a single BER-encoded
193 message, using the algorithm specified in Section 8 of RFC 1906 [10].
194 The BER-encoded message is then sent over a TCP connection. An SNMP
195 engine MUST NOT interleave SNMP messages within the TCP byte stream.
196 All the bytes of one SNMP message must be sent before any bytes of a
197 different SNMP message.
199 It is possible to exchange multiple SNMP request/response pairs over
200 a single (persistent) TCP connection. TCP connections are per
201 default full-duplex and data can travel in both directions at
202 different speeds. It is therefore possible to send multiple SNMP
203 messages to a remote SNMP engine before receiving responses from the
204 same SNMP engine. Note that an SNMP engine is not required to return
205 responses in the same order as it received the requests.
207 It is possible that the underlying TCP implementation delivers byte
208 sequences that do not coincide with SNMP message boundaries. A
209 receiving SNMP engine MUST therefore use the length field in the BER-
210 encoded SNMP message to separate multiple requests sent over a single
211 TCP connection.
213 3.2 Well-Known Values
215 It is RECOMMENDED that administrators configure their SNMP entities
216 containing command responders to listen on TCP port 161 for incoming
217 connections. It is also RECOMMENDED that SNMP entities containing
218 notification receivers be configured to listen on TCP port 162 for
219 connection requests.
221 When an SNMP entity uses the TCP transport mapping, it MUST be
222 capable of accepting messages that are at least 8192 octets in size.
223 Implementation of larger values is encouraged whenever possible.
225 3.3 Connection Management
227 The use of TCP connections introduces costs [18]. Connection
228 establishment and teardown cause additional network traffic.
229 Furthermore, maintaining open connections binds resources in the
230 network layer of the underlying operating system.
232 SNMP over TCP is intended to be used when the size of the transferred
233 data is large since TCP offers flow control and efficient
234 segmentation. The transport of large amounts of management data via
235 SNMP over UDP requires many request/response interactions with small-
236 sized SNMP over UDP messages, which causes latency to increase
237 excessively.
239 TCP connections are established on behalf of the SNMP applications
240 which initiate a transaction. In particular, command generator
241 applications are responsible for opening TCP connections to command
242 responder applications and notification originator applications are
243 responsible to initiate TCP connections to notification receiver
244 applications, which are selected as described in Section 3 of RFC
245 2573 [14]. If the TCP connection cannot be established, then the
246 transaction is aborted and reported to the application as a timeout
247 error condition. Alternative connection establishment procedures are
248 discussed in Appendix A but are not part of this specification.
250 All SNMP entities (whether in an agent role or manager role) can
251 close TCP connections at any point in time. This ensures that SNMP
252 entities can control their resource usage and shut down TCP
253 connections that are not used. Note that SNMP engines are not
254 required to process SNMP messages if the incoming half of the TCP
255 connection is closed while the outgoing half remains open.
257 The processing of any outstanding SNMP requests when both sides of
258 the TCP connection have been closed is implementation dependent. The
259 sending SNMP entity SHOULD therefore not make assumptions about the
260 processing of outstanding SNMP requests once a TCP connection is
261 closed. A timeout error condition SHOULD be signalled for confirmed
262 requests if the TCP connection is closed before a response has been
263 received.
265 3.4 Reliable Transport versus Confirmed Operations
267 The transport of SNMP messages over TCP results in a reliable
268 exchange of SNMP messages between SNMP engines. In particular, TCP
269 guarantees (in the absence of security attacks) that the delivered
270 data is not damaged, lost, duplicated, or delivered out of order
271 [19].
273 The SNMP protocol has been designed to support confirmed as well as
274 unconfirmed operations [1]. The inform-request protocol operation is
275 an example for a confirmed operation while the snmpV2-trap operation
276 is an example for an unconfirmed operation.
278 There is an important difference between an unconfirmed protocol
279 operation sent over a reliable transport and a confirmed protocol
280 operation. A reliable transport such as TCP only guarantees that
281 delivered data is not damaged, lost, duplicated, or delivered out of
282 order. It does not guarantee that the delivered data was actually
283 processed in any way by the application process. Furthermore, even a
284 reliable transport such as TCP cannot guarantee that data sent to a
285 remote system is eventually delivered on the remote system. Even a
286 graceful close of the TCP connection does not guarantee that the
287 receiving TCP engine has actually delivered all the data to an
288 application process.
290 With a confirmed SNMP operation, the receiving SNMP engine
291 acknowledges that the data was actually received. Depending on the
292 SNMP protocol operation, a confirmation may indicate that further
293 processing was done. For example, the response to an inform-request
294 protocol operation also indicates to the notification originator that
295 the notification passed the security model and that it was delivered
296 to the notification receiver application. Similarily, the response
297 to a set-request indicates that the data passed the transport, the
298 authentication mechanism and that the write request was actually
299 processed by the command responder.
301 A reliable transport is thus only a poor approximation for confirmed
302 operations. Applications that need confirmation of delivery or
303 processing are encouraged to use the confirmed operations, such as
304 the inform-request, rather than using unconfirmed operations, such as
305 snmpV2-trap, over a reliable transport.
307 4. Security Considerations
309 It is recommended that implementors consider the security features as
310 provided by the SNMPv3 framework in order to provide SNMP security.
311 Specifically, the use of the User-based Security Model RFC 2574 [12]
312 and the View-based Access Control Model RFC 2575 [15] is recommended.
314 It is then a customer/user responsibility to ensure that the SNMP
315 entity giving access to a MIB is properly configured to give access
316 to the objects only to those principals (users) that have legitimate
317 rights to indeed GET or SET (change) them.
319 The SNMP over TCP transport mapping does not have any impact on the
320 security mechanisms provided by SNMPv3. However, SNMP over TCP may
321 introduce new vulnerabilities to denial of service attacks (such as
322 TCP syn flooding) that do not exist in this form in other transport
323 mappings.
325 5. Acknowledgments
327 This document is the result of discussions within the Network
328 Management Research Group (NMRG) of the Internet Research Task
329 Force[21] (IRTF). Special thanks to Luca Deri, Jean-Philippe Martin-
330 Flatin, Aiko Pras, Ron Sprenkels, and Bert Wijnen for their comments
331 and suggestions.
333 Additional useful comments have been made by Mike Ayers, Jeff Case,
334 Mike Daniele, David Harrington, Lauren Heintz, Keith McCloghrie,
335 Olivier Miakinen, and Dave Shield.
337 Luca Deri, Wes Hardaker, Bert Helthuis, and Erik Schoenfelder helped
338 to create prototype implementations. The SNMP over TCP transport
339 mapping is currently supported by the NET-SNMP package[22] and the
340 Linux CMU SNMP package[23].
342 References
344 [1] Harrington, D., Presuhn, R. and B. Wijnen, "An Architecture for
345 Describing SNMP Management Frameworks", RFC 2571, April 1999.
347 [2] Rose, M. and K. McCloghrie, "Structure and Identification of
348 Management Information for TCP/IP-based Internets", STD 16, RFC
349 1155, May 1990.
351 [3] Rose, M. and K. McCloghrie, "Concise MIB Definitions", STD 16,
352 RFC 1212, March 1991.
354 [4] Rose, M., "A Convention for Defining Traps for use with the
355 SNMP", RFC 1215, March 1991.
357 [5] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
358 M. and S. Waldbusser, "Structure of Management Information
359 Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
361 [6] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
362 M. and S. Waldbusser, "Textual Conventions for SMIv2", STD 58,
363 RFC 2579, April 1999.
365 [7] McCloghrie, K., Perkins, D., Schoenwaelder, J., Case, J., Rose,
366 M. and S. Waldbusser, "Conformance Statements for SMIv2", STD
367 58, RFC 2580, April 1999.
369 [8] Case, J., Fedor, M., Schoffstall, M. and J. Davin, "A Simple
370 Network Management Protocol (SNMP)", STD 15, RFC 1157, May
371 1990.
373 [9] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser,
374 "Introduction to Community-based SNMPv2", RFC 1901, January
375 1996.
377 [10] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser,
378 "Transport Mappings for Version 2 of the Simple Network
379 Management Protocol (SNMPv2)", RFC 1906, January 1996.
381 [11] Case, J., Harrington, D., Presuhn, R. and B. Wijnen, "Message
382 Processing and Dispatching for the Simple Network Management
383 Protocol (SNMP)", RFC 2572, April 1999.
385 [12] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM)
386 for version 3 of the Simple Network Management Protocol
387 (SNMPv3)", RFC 2574, April 1999.
389 [13] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Protocol
390 Operations for Version 2 of the Simple Network Management
391 Protocol (SNMPv2)", RFC 1905, January 1996.
393 [14] Levi, D., Meyer, P. and B. Stewart, "SNMP Applications", RFC
394 2573, April 1999.
396 [15] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Access
397 Control Model (VACM) for the Simple Network Management Protocol
398 (SNMP)", RFC 2575, April 1999.
400 [16] Case, J., Mundy, R., Partain, D. and B. Stewart, "Introduction
401 to Version 3 of the Internet-standard Network Management
402 Framework", RFC 2570, April 1999.
404 [17] Bradner, S., "Key words for use in RFCs to Indicate Requirement
405 Levels", BCP 14, RFC 2119, March 1997.
407 [18] Kastenholz, F., "SNMP Communications Services", RFC 1270,
408 October 1991.
410 [19] Postel, J., "Transmission Control Protocol", STD 7, RFC 793,
411 September 1981.
413 [20] Sprenkels, R. and J. Martin-Flatin, "Bulk Transfers of MIB
414 Data", Simple Times 7(1), March 1999.
416 [21]
418 [22]
420 [23]
422 Author's Address
424 Juergen Schoenwaelder
425 TU Braunschweig
426 Bueltenweg 74/75
427 38106 Braunschweig
428 Germany
430 Phone: +49 531 391-3283
431 EMail: schoenw@ibr.cs.tu-bs.de
433 Appendix A. Connection Establishment Alternatives
435 This memo defines a simple connection establishment scheme where the
436 notification originator or command generator application is
437 responsible to establish TCP connections to notification receiver or
438 command responder applications. The purpose of this section is to
439 document variations or alternatives of this scheme which have been
440 discussed during the development of this specification. The
441 discussion below focuses on notification originator applications
442 since this is case where people seem to have diverging viewpoints.
444 The discussion below also assumes that the reader is familiar with
445 the SNMPv3 notification forwarding model as defined in RFC 2573 [14].
447 The variations that have been discussed are basically driven by the
448 idea to provide fallback mechanisms in cases where TCP connection
449 establishment from the notification originator to the notification
450 receiver fails. The approach specified in this memo simply drops
451 notifications if the TCP connection cannot be established. This
452 implies that notification originators which need reliable
453 notification delivery must implement a local notification log in
454 order to keep a history of notifications that could not be delivered.
456 Another option is to deliver notifications via UDP in case TCP
457 connection establishment fails. This might require to augment the
458 snmpTargetTable with columns that provide information about the
459 alternate UDP transport domain and address. In general, this
460 approach only helps to deliver notifications in cases where the
461 notification receiver is unable to accept more TCP connections. In
462 other fault scenarios (e.g. routing problems in the network), the
463 UDP packet would have no or only marginally better chances to reach
464 the notification receiver. This implies that notification
465 originators which need reliable notification delivery still need to
466 implement a local notification log in order to keep a history of
467 notifications in cases the UDP packets do not reach the destination.
469 A generalization of this approach leads to the idea of a sparse
470 augmentation of the snmpTargetTable which lists alternate fallback
471 transports endpoints of arbitrary transport domains. Multiple
472 fallbacks may be possible by using a tag list approach. This
473 provides a generic transport independent fallback mechanism which is
474 independent of the TCP transport mapping defined in this memo.
476 Another alternative is to make the notification originator
477 responsible to retry connection establishment. This could be
478 accomplished by augmenting the snmpTargetTable with additional
479 columns that specify retry counts and timeouts or by adapting the
480 existing snmpTargetAddrTimeout and snmpTargetAddrRetryCount columns
481 in the snmpTargetTable. But even this approach requires a local
482 notification log in order to handle situations where all retries have
483 failed.
485 A fundamentally different approach is to make the notification
486 receiver responsible to establish the TCP connection to the
487 notification originator. This approach has the advantage that the
488 notification originator does not necessarily need a list of pre-
489 configured notification receiver transport addresses. The current
490 notification forwarding model however relies on the snmpTargetTable
491 to identify notification targets. So the question comes up whether
492 (a) new entries are added to the snmpTargetTable when a connection is
493 established or whether (b) connections are only accepted if they
494 match pre-configured snmpTargetTable entries. Note that the target
495 selection logic relies on a tag list which can not be reasonably
496 populated when a connection is accepted. So only option (b) seems to
497 be compliant with the current notification forwarding logic. Another
498 issue to consider is the vulnerability to denial of service attacks.
499 A notification originator can be easily attacked by syn-flooding
500 attacks if it listens for incoming TCP connections. Finally, in
501 order to let notification originator and notification receiver
502 appplications coexist easily on a single system, it would be
503 necessary to assign new default port numbers on which notification
504 originators listen for incoming TCP connections.
506 Full Copyright Statement
508 Copyright (C) The Internet Society (2002). All Rights Reserved.
510 This document and translations of it may be copied and furnished to
511 others, and derivative works that comment on or otherwise explain it
512 or assist in its implementation may be prepared, copied, published
513 and distributed, in whole or in part, without restriction of any
514 kind, provided that the above copyright notice and this paragraph are
515 included on all such copies and derivative works. However, this
516 document itself may not be modified in any way, such as by removing
517 the copyright notice or references to the Internet Society or other
518 Internet organizations, except as needed for the purpose of
519 developing Internet standards in which case the procedures for
520 copyrights defined in the Internet Standards process must be
521 followed, or as required to translate it into languages other than
522 English.
524 The limited permissions granted above are perpetual and will not be
525 revoked by the Internet Society or its successors or assigns.
527 This document and the information contained herein is provided on an
528 "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
529 TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
530 BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
531 HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
532 MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
534 Acknowledgement
536 Funding for the RFC Editor function is currently provided by the
537 Internet Society.