7
Network Working Group P. Congdon
8
Request for Comments: 4675 M. Sanchez
9
Category: Standards Track Hewlett-Packard Company
15
RADIUS Attributes for Virtual LAN and Priority Support
19
This document specifies an Internet standards track protocol for the
20
Internet community, and requests discussion and suggestions for
21
improvements. Please refer to the current edition of the "Internet
22
Official Protocol Standards" (STD 1) for the standardization state
23
and status of this protocol. Distribution of this memo is unlimited.
27
Copyright (C) The Internet Society (2006).
31
This document proposes additional Remote Authentication Dial-In User
32
Service (RADIUS) attributes for dynamic Virtual LAN assignment and
33
prioritization, for use in provisioning of access to IEEE 802 local
34
area networks. These attributes are usable within either RADIUS or
58
Congdon, et al. Standards Track [Page 1]
60
RFC 4675 VLAN and Priority Attributes September 2006
65
1. Introduction ....................................................3
66
1.1. Terminology ................................................3
67
1.2. Requirements Language ......................................3
68
1.3. Attribute Interpretation ...................................3
69
2. Attributes ......................................................4
70
2.1. Egress-VLANID ..............................................4
71
2.2. Ingress-Filters ............................................6
72
2.3. Egress-VLAN-Name ...........................................7
73
2.4. User-Priority-Table ........................................8
74
3. Table of Attributes ............................................10
75
4. Diameter Considerations ........................................10
76
5. IANA Considerations ............................................11
77
6. Security Considerations ........................................11
78
7. References .....................................................12
79
7.1. Normative References ......................................12
80
7.2. Informative References ....................................13
81
8. Acknowledgements ...............................................13
114
Congdon, et al. Standards Track [Page 2]
116
RFC 4675 VLAN and Priority Attributes September 2006
121
This document describes Virtual LAN (VLAN) and re-prioritization
122
attributes that may prove useful for provisioning of access to IEEE
123
802 local area networks [IEEE-802] with the Remote Authentication
124
Dial-In User Service (RADIUS) or Diameter.
126
While [RFC3580] enables support for VLAN assignment based on the
127
tunnel attributes defined in [RFC2868], it does not provide support
128
for a more complete set of VLAN functionality as defined by
129
[IEEE-802.1Q]. The attributes defined in this document provide
130
support within RADIUS and Diameter analogous to the management
131
variables supported in [IEEE-802.1Q] and MIB objects defined in
132
[RFC4363]. In addition, this document enables support for a wider
133
range of [IEEE-802.1X] configurations.
137
This document uses the following terms:
139
Network Access Server (NAS)
140
A device that provides an access service for a user to a
141
network. Also known as a RADIUS client.
144
A RADIUS authentication server is an entity that provides an
145
authentication service to a NAS.
148
A RADIUS proxy acts as an authentication server to the NAS, and
149
a RADIUS client to the RADIUS server.
151
1.2. Requirements Language
153
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
154
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
155
document are to be interpreted as described in [RFC2119].
157
1.3. Attribute Interpretation
159
The attributes described in this document apply to a single instance
160
of a NAS port, or more specifically an IEEE 802.1Q bridge port.
161
[IEEE-802.1Q], [IEEE-802.1D], and [IEEE-802.1X] do not recognize
162
finer management granularity than "per port". In some cases, such as
163
with IEEE 802.11 wireless LANs, the concept of a "virtual port" is
164
used in place of the physical port. Such virtual ports are typically
165
based on security associations and scoped by station, or Media Access
166
Control (MAC) address.
170
Congdon, et al. Standards Track [Page 3]
172
RFC 4675 VLAN and Priority Attributes September 2006
175
The attributes defined in this document are applied on a per-user
176
basis and it is expected that there is a single user per port;
177
however, in some cases that port may be a "virtual port". If a NAS
178
implementation conforming to this document supports "virtual ports",
179
it may be possible to provision those "virtual ports" with unique
180
values of the attributes described in this document, allowing
181
multiple users sharing the same physical port to each have a unique
182
set of authorization parameters.
184
If a NAS conforming to this specification receives an Access-Accept
185
packet containing an attribute defined in this document that it
186
cannot apply, it MUST act as though it had received an Access-Reject.
187
[RFC3576] requires that a NAS receiving a Change of Authorization
188
Request (CoA-Request) reply with a CoA-NAK if the Request contains an
189
unsupported attribute. It is recommended that an Error-Cause
190
attribute with the value set to "Unsupported Attribute" (401) be
191
included in the CoA-NAK. As noted in [RFC3576], authorization
192
changes are atomic so that this situation does not result in session
193
termination and the preexisting configuration remains unchanged. As
194
a result, no accounting packets should be generated.
202
The Egress-VLANID attribute represents an allowed IEEE 802 Egress
203
VLANID for this port, indicating if the VLANID is allowed for
204
tagged or untagged frames as well as the VLANID.
206
As defined in [RFC3580], the VLAN assigned via tunnel attributes
207
applies both to the ingress VLANID for untagged packets (known as
208
the PVID) and the egress VLANID for untagged packets. In
209
contrast, the Egress-VLANID attribute configures only the egress
210
VLANID for either tagged or untagged packets. The Egress-VLANID
211
attribute MAY be included in the same RADIUS packet as [RFC3580]
212
tunnel attributes; however, the Egress-VLANID attribute is not
213
necessary if it is being used to configure the same untagged
214
VLANID included in tunnel attributes. To configure an untagged
215
VLAN for both ingress and egress, the tunnel attributes of
216
[RFC3580] MUST be used.
218
Multiple Egress-VLANID attributes MAY be included in Access-
219
Request, Access-Accept, CoA-Request, or Accounting-Request
220
packets; this attribute MUST NOT be sent within an Access-
221
Challenge, Access-Reject, Disconnect-Request, Disconnect-ACK,
226
Congdon, et al. Standards Track [Page 4]
228
RFC 4675 VLAN and Priority Attributes September 2006
231
Disconnect-NAK, CoA-ACK, or CoA-NAK. Each attribute adds the
232
specified VLAN to the list of allowed egress VLANs for the port.
234
The Egress-VLANID attribute is shown below. The fields are
235
transmitted from left to right:
238
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
239
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
240
| Type | Length | Value
241
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
243
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
255
The Value field is four octets. The format is described below:
258
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
259
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
260
| Tag Indic. | Pad | VLANID |
261
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
263
The Tag Indication field is one octet in length and indicates
264
whether the frames on the VLAN are tagged (0x31) or untagged
265
(0x32). The Pad field is 12 bits in length and MUST be 0 (zero).
266
The VLANID is 12 bits in length and contains the [IEEE-802.1Q]
282
Congdon, et al. Standards Track [Page 5]
284
RFC 4675 VLAN and Priority Attributes September 2006
291
The Ingress-Filters attribute corresponds to the Ingress Filter
292
per-port variable defined in [IEEE-802.1Q] clause 8.4.5. When the
293
attribute has the value "Enabled", the set of VLANs that are
294
allowed to ingress a port must match the set of VLANs that are
295
allowed to egress a port. Only a single Ingress-Filters attribute
296
MAY be sent within an Access-Request, Access-Accept, CoA-Request,
297
or Accounting-Request packet; this attribute MUST NOT be sent
298
within an Access-Challenge, Access-Reject, Disconnect-Request,
299
Disconnect-ACK, Disconnect-NAK, CoA-ACK, or CoA-NAK.
301
The Ingress-Filters attribute is shown below. The fields are
302
transmitted from left to right:
305
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
306
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
307
| Type | Length | Value
308
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
310
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
322
The Value field is four octets. Supported values include:
338
Congdon, et al. Standards Track [Page 6]
340
RFC 4675 VLAN and Priority Attributes September 2006
343
2.3. Egress-VLAN-Name
347
Clause 12.10.2.1.3 (a) in [IEEE-802.1Q] describes the
348
administratively assigned VLAN Name associated with a VLAN-ID
349
defined within an IEEE 802.1Q bridge. The Egress-VLAN-Name
350
attribute represents an allowed VLAN for this port. It is similar
351
to the Egress-VLANID attribute, except that the VLAN-ID itself is
352
not specified or known; rather, the VLAN name is used to identify
353
the VLAN within the system.
355
The tunnel attributes described in [RFC3580] and the Egress-VLAN-
356
Name attribute both can be used to configure the egress VLAN for
357
untagged packets. These attributes can be used concurrently and
358
MAY appear in the same RADIUS packet. When they do appear
359
concurrently, the list of allowed VLANs is the concatenation of
360
the Egress-VLAN-Name and the Tunnel-Private-Group-ID (81)
361
attributes. The Egress-VLAN-Name attribute does not alter the
362
ingress VLAN for untagged traffic on a port (also known as the
363
PVID). The tunnel attributes from [RFC3580] should be relied upon
364
instead to set the PVID.
366
The Egress-VLAN-Name attribute contains two parts; the first part
367
indicates if frames on the VLAN for this port are to be
368
represented in tagged or untagged format, the second part is the
371
Multiple Egress-VLAN-Name attributes MAY be included within an
372
Access-Request, Access-Accept, CoA-Request, or Accounting-Request
373
packet; this attribute MUST NOT be sent within an Access-
374
Challenge, Access-Reject, Disconnect-Request, Disconnect-ACK,
375
Disconnect-NAK, CoA-ACK, or CoA-NAK. Each attribute adds the
376
named VLAN to the list of allowed egress VLANs for the port. The
377
Egress-VLAN-Name attribute is shown below. The fields are
378
transmitted from left to right:
381
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
382
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
383
| Type | Length | Tag Indic. | String...
384
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
394
Congdon, et al. Standards Track [Page 7]
396
RFC 4675 VLAN and Priority Attributes September 2006
405
The Tag Indication field is one octet in length and indicates
406
whether the frames on the VLAN are tagged (0x31, ASCII '1') or
407
untagged (0x32, ASCII '2'). These values were chosen so as to
408
make them easier for users to enter.
412
The String field is at least one octet in length and contains the
413
VLAN Name as defined in [IEEE-802.1Q] clause 12.10.2.1.3 (a).
414
[RFC3629] UTF-8 encoded 10646 characters are RECOMMENDED, but a
415
robust implementation SHOULD support the field as undistinguished
418
2.4. User-Priority-Table
422
[IEEE-802.1D] clause 7.5.1 discusses how to regenerate (or re-map)
423
user priority on frames received at a port. This per-port
424
configuration enables a bridge to cause the priority of received
425
traffic at a port to be mapped to a particular priority.
426
[IEEE-802.1D] clause 6.3.9 describes the use of remapping:
428
The ability to signal user priority in IEEE 802 LANs allows
429
user priority to be carried with end-to-end significance across
430
a Bridged Local Area Network. This, coupled with a consistent
431
approach to the mapping of user priority to traffic classes and
432
of user priority to access_priority, allows consistent use of
433
priority information, according to the capabilities of the
434
Bridges and MACs in the transmission path...
436
Under normal circumstances, user priority is not modified in
437
transit through the relay function of a Bridge; however,
438
network management can control how user priority is propagated.
439
Table 7-1 provides the ability to map incoming user priority
440
values on a per-Port basis. By default, the regenerated user
441
priority is identical to the incoming user priority.
443
This attribute represents the IEEE 802 prioritization that will be
444
applied to frames arriving at this port. There are eight possible
445
user priorities, according to the [IEEE-802] standard.
446
[IEEE-802.1D] clause 14.6.2.3.3 specifies the regeneration table
450
Congdon, et al. Standards Track [Page 8]
452
RFC 4675 VLAN and Priority Attributes September 2006
455
as 8 values, each an integer in the range 0-7. The management
456
variables are described in clause 14.6.2.2.
458
A single User-Priority-Table attribute MAY be included in an
459
Access-Accept or CoA-Request packet; this attribute MUST NOT be
460
sent within an Access-Request, Access-Challenge, Access-Reject,
461
Disconnect-Request, Disconnect-ACK, Disconnect-NAK, CoA-ACK, CoA-
462
NAK or Accounting-Request. Since the regeneration table is only
463
maintained by a bridge conforming to [IEEE-802.1D], this attribute
464
should only be sent to a RADIUS client supporting that
467
The User-Priority-Table attribute is shown below. The fields are
468
transmitted from left to right:
471
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
472
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
473
| Type | Length | String
474
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
476
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
478
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
490
The String field is 8 octets in length and includes a table that
491
maps the incoming priority (if it is set -- the default is 0) into
492
one of eight regenerated priorities. The first octet maps to
493
incoming priority 0, the second octet to incoming priority 1, etc.
494
The values in each octet represent the regenerated priority of the
497
It is thus possible to either remap incoming priorities to more
498
appropriate values; to honor the incoming priorities; or to
499
override any incoming priorities, forcing them to all map to a
500
single chosen priority.
506
Congdon, et al. Standards Track [Page 9]
508
RFC 4675 VLAN and Priority Attributes September 2006
511
The [IEEE-802.1D] specification, Annex G, provides a useful
512
description of traffic type - traffic class mappings.
514
3. Table of Attributes
516
The following table provides a guide to which attributes may be found
517
in which kinds of packets, and in what quantity.
519
Access- Access- Access- Access- CoA- Acct-
520
Request Accept Reject Challenge Req Req # Attribute
521
0+ 0+ 0 0 0+ 0+ 56 Egress-VLANID
522
0-1 0-1 0 0 0-1 0-1 57 Ingress-Filters
523
0+ 0+ 0 0 0+ 0+ 58 Egress-VLAN-Name
524
0 0-1 0 0 0-1 0 59 User-Priority-Table
526
The following table defines the meaning of the above table entries.
528
0 This attribute MUST NOT be present in the packet.
529
0+ Zero or more instances of this attribute MAY be
530
present in the packet.
531
0-1 Zero or one instance of this attribute MAY be
532
present in the packet.
534
4. Diameter Considerations
536
When used in Diameter, the attributes defined in this specification
537
can be used as Diameter attribute-value pair (AVPs) from the Code
538
space 1-255 (RADIUS attribute compatibility space). No additional
539
Diameter Code values are therefore allocated. The data types and
540
flag rules for the attributes are as follows:
542
+---------------------+
544
|----+-----+----+-----|----+
546
Attribute Name Value Type |MUST| MAY | NOT| NOT|Encr|
547
-------------------------------|----+-----+----+-----|----|
548
Egress-VLANID OctetString| M | P | | V | Y |
549
Ingress-Filters Enumerated | M | P | | V | Y |
550
Egress-VLAN-Name UTF8String | M | P | | V | Y |
551
User-Priority-Table OctetString| M | P | | V | Y |
552
-------------------------------|----+-----+----+-----|----|
554
The attributes in this specification have no special translation
555
requirements for Diameter to RADIUS or RADIUS to Diameter gateways;
556
they are copied as is, except for changes relating to headers,
557
alignment, and padding. See also [RFC3588] Section 4.1 and [RFC4005]
562
Congdon, et al. Standards Track [Page 10]
564
RFC 4675 VLAN and Priority Attributes September 2006
567
What this specification says about the applicability of the
568
attributes for RADIUS Access-Request packets applies in Diameter to
569
AA-Request [RFC4005] or Diameter-EAP-Request [RFC4072]. What is said
570
about Access-Challenge applies in Diameter to AA-Answer [RFC4005] or
571
Diameter-EAP-Answer [RFC4072] with Result-Code AVP set to
572
DIAMETER_MULTI_ROUND_AUTH.
574
What is said about Access-Accept applies in Diameter to AA-Answer or
575
Diameter-EAP-Answer messages that indicate success. Similarly, what
576
is said about RADIUS Access-Reject packets applies in Diameter to
577
AA-Answer or Diameter-EAP-Answer messages that indicate failure.
579
What is said about COA-Request applies in Diameter to Re-Auth-Request
582
What is said about Accounting-Request applies to Diameter
583
Accounting-Request [RFC4005] as well.
585
5. IANA Considerations
587
This specification does not create any new registries.
589
This document uses the RADIUS [RFC2865] namespace; see
590
<http://www.iana.org/assignments/radius-types>. Allocation of four
591
updates for the section "RADIUS Attribute Types" has been made by the
592
IANA. The RADIUS attributes are:
596
58 - Egress-VLAN-Name
597
59 - User-Priority-Table
599
6. Security Considerations
601
This specification describes the use of RADIUS and Diameter for
602
purposes of authentication, authorization, and accounting in IEEE 802
603
local area networks. RADIUS threats and security issues for this
604
application are described in [RFC3579] and [RFC3580]; security issues
605
encountered in roaming are described in [RFC2607]. For Diameter, the
606
security issues relating to this application are described in
607
[RFC4005] and [RFC4072].
609
This document specifies new attributes that can be included in
610
existing RADIUS packets, which are protected as described in
611
[RFC3579] and [RFC3576]. In Diameter, the attributes are protected
612
as specified in [RFC3588]. See those documents for a more detailed
618
Congdon, et al. Standards Track [Page 11]
620
RFC 4675 VLAN and Priority Attributes September 2006
623
The security mechanisms supported in RADIUS and Diameter are focused
624
on preventing an attacker from spoofing packets or modifying packets
625
in transit. They do not prevent an authorized RADIUS/Diameter server
626
or proxy from inserting attributes with malicious intent.
628
VLAN attributes sent by a RADIUS/Diameter server or proxy may enable
629
access to unauthorized VLANs. These vulnerabilities can be limited
630
by performing authorization checks at the NAS. For example, a NAS
631
can be configured to accept only certain VLANIDs from a given
632
RADIUS/Diameter server/proxy.
634
Similarly, an attacker gaining control of a RADIUS/Diameter server or
635
proxy can modify the user priority table, causing either degradation
636
of quality of service (by downgrading user priority of frames
637
arriving at a port), or denial of service (by raising the level of
638
priority of traffic at multiple ports of a device, oversubscribing
639
the switch or link capabilities).
643
7.1. Normative References
645
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
646
Requirement Levels", BCP 14, RFC 2119, March 1997.
648
[RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson,
649
"Remote Authentication Dial In User Service (RADIUS)",
652
[RFC3588] Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and
653
J. Arkko, "Diameter Base Protocol", RFC 3588, September
656
[RFC3629] Yergeau, F., "UTF-8, a transformation format of ISO
657
10646", STD 63, RFC 3629, November 2003.
659
[RFC4363] Levi, D. and D. Harrington, "Definitions of Managed
660
Objects for Bridges with Traffic Classes, Multicast
661
Filtering, and Virtual LAN Extensions", RFC 4363,
664
[IEEE-802] IEEE Standards for Local and Metropolitan Area
665
Networks: Overview and Architecture, ANSI/IEEE Std
668
[IEEE-802.1D] IEEE Standards for Local and Metropolitan Area
669
Networks: Media Access Control (MAC) Bridges, IEEE Std
670
802.1D-2004, June 2004.
674
Congdon, et al. Standards Track [Page 12]
676
RFC 4675 VLAN and Priority Attributes September 2006
679
[IEEE-802.1Q] IEEE Standards for Local and Metropolitan Area
680
Networks: Draft Standard for Virtual Bridged Local Area
681
Networks, P802.1Q-2003, January 2003.
683
7.2. Informative References
685
[IEEE-802.1X] IEEE Standards for Local and Metropolitan Area
686
Networks: Port based Network Access Control, IEEE Std
687
802.1X-2004, December 2004.
689
[RFC2607] Aboba, B. and J. Vollbrecht, "Proxy Chaining and Policy
690
Implementation in Roaming", RFC 2607, June 1999.
692
[RFC2868] Zorn, G., Leifer, D., Rubens, A., Shriver, J.,
693
Holdrege, M., and I. Goyret, "RADIUS Attributes for
694
Tunnel Protocol Support", RFC 2868, June 2000.
696
[RFC3576] Chiba, M., Dommety, G., Eklund, M., Mitton, D., and B.
697
Aboba, "Dynamic Authorization Extensions to Remote
698
Authentication Dial In User Service (RADIUS)", RFC
701
[RFC3579] Aboba, B. and P. Calhoun, "RADIUS (Remote
702
Authentication Dial In User Service) Support For
703
Extensible Authentication Protocol (EAP)", RFC 3579,
706
[RFC3580] Congdon, P., Aboba, B., Smith, A., Zorn, G., and J.
707
Roese, "IEEE 802.1X Remote Authentication Dial In User
708
Service (RADIUS) Usage Guidelines", RFC 3580, September
711
[RFC4005] Calhoun, P., Zorn, G., Spence, D., and D. Mitton,
712
"Diameter Network Access Server Application", RFC 4005,
715
[RFC4072] Eronen, P., Hiller, T., and G. Zorn, "Diameter
716
Extensible Authentication Protocol (EAP) Application",
717
RFC 4072, August 2005.
721
The authors would like to acknowledge Joseph Salowey of Cisco, David
722
Nelson of Enterasys, Chuck Black of Hewlett-Packard, and Ashwin
723
Palekar of Microsoft.
730
Congdon, et al. Standards Track [Page 13]
732
RFC 4675 VLAN and Priority Attributes September 2006
738
Hewlett-Packard Company
739
HP ProCurve Networking
740
8000 Foothills Blvd, M/S 5662
743
Phone: +1 916 785 5753
745
EMail: paul.congdon@hp.com
749
Hewlett-Packard Company
750
HP ProCurve Networking
751
8000 Foothills Blvd, M/S 5559
754
Phone: +1 916 785 1910
756
EMail: mauricio.sanchez@hp.com
760
Microsoft Corporation
764
Phone: +1 425 706 6605
766
EMail: bernarda@microsoft.com
786
Congdon, et al. Standards Track [Page 14]
788
RFC 4675 VLAN and Priority Attributes September 2006
791
Full Copyright Statement
793
Copyright (C) The Internet Society (2006).
795
This document is subject to the rights, licenses and restrictions
796
contained in BCP 78, and except as set forth therein, the authors
797
retain all their rights.
799
This document and the information contained herein are provided on an
800
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
801
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
802
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
803
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
804
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
805
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
807
Intellectual Property
809
The IETF takes no position regarding the validity or scope of any
810
Intellectual Property Rights or other rights that might be claimed to
811
pertain to the implementation or use of the technology described in
812
this document or the extent to which any license under such rights
813
might or might not be available; nor does it represent that it has
814
made any independent effort to identify any such rights. Information
815
on the procedures with respect to rights in RFC documents can be
816
found in BCP 78 and BCP 79.
818
Copies of IPR disclosures made to the IETF Secretariat and any
819
assurances of licenses to be made available, or the result of an
820
attempt made to obtain a general license or permission for the use of
821
such proprietary rights by implementers or users of this
822
specification can be obtained from the IETF on-line IPR repository at
823
http://www.ietf.org/ipr.
825
The IETF invites any interested party to bring to its attention any
826
copyrights, patents or patent applications, or other proprietary
827
rights that may cover technology that may be required to implement
828
this standard. Please address the information to the IETF at
833
Funding for the RFC Editor function is provided by the IETF
834
Administrative Support Activity (IASA).
842
Congdon, et al. Standards Track [Page 15]