7
Network Working Group P. Vixie
8
Request for Comments: 2845 ISC
9
Category: Standards Track O. Gudmundsson
10
Updates: 1035 NAI Labs
18
Secret Key Transaction Authentication for DNS (TSIG)
22
This document specifies an Internet standards track protocol for the
23
Internet community, and requests discussion and suggestions for
24
improvements. Please refer to the current edition of the "Internet
25
Official Protocol Standards" (STD 1) for the standardization state
26
and status of this protocol. Distribution of this memo is unlimited.
30
Copyright (C) The Internet Society (2000). All Rights Reserved.
34
This protocol allows for transaction level authentication using
35
shared secrets and one way hashing. It can be used to authenticate
36
dynamic updates as coming from an approved client, or to authenticate
37
responses as coming from an approved recursive name server.
39
No provision has been made here for distributing the shared secrets;
40
it is expected that a network administrator will statically configure
41
name servers and clients using some out of band mechanism such as
42
sneaker-net until a secure automated mechanism for key distribution
47
1.1. The Domain Name System (DNS) [RFC1034, RFC1035] is a replicated
48
hierarchical distributed database system that provides information
49
fundamental to Internet operations, such as name <=> address
50
translation and mail handling information. DNS has recently been
51
extended [RFC2535] to provide for data origin authentication, and
52
public key distribution, all based on public key cryptography and
53
public key based digital signatures. To be practical, this form of
58
Vixie, et al. Standards Track [Page 1]
60
RFC 2845 DNS TSIG May 2000
63
security generally requires extensive local caching of keys and
64
tracing of authentication through multiple keys and signatures to a
65
pre-trusted locally configured key.
67
1.2. One difficulty with the [RFC2535] scheme is that common DNS
68
implementations include simple "stub" resolvers which do not have
69
caches. Such resolvers typically rely on a caching DNS server on
70
another host. It is impractical for these stub resolvers to perform
71
general [RFC2535] authentication and they would naturally depend on
72
their caching DNS server to perform such services for them. To do so
73
securely requires secure communication of queries and responses.
74
[RFC2535] provides public key transaction signatures to support this,
75
but such signatures are very expensive computationally to generate.
76
In general, these require the same complex public key logic that is
77
impractical for stubs. This document specifies use of a message
78
authentication code (MAC), specifically HMAC-MD5 (a keyed hash
79
function), to provide an efficient means of point-to-point
80
authentication and integrity checking for transactions.
82
1.3. A second area where use of straight [RFC2535] public key based
83
mechanisms may be impractical is authenticating dynamic update
84
[RFC2136] requests. [RFC2535] provides for request signatures but
85
with [RFC2535] they, like transaction signatures, require
86
computationally expensive public key cryptography and complex
87
authentication logic. Secure Domain Name System Dynamic Update
88
([RFC2137]) describes how different keys are used in dynamically
89
updated zones. This document's secret key based MACs can be used to
90
authenticate DNS update requests as well as transaction responses,
91
providing a lightweight alternative to the protocol described by
94
1.4. A further use of this mechanism is to protect zone transfers.
95
In this case the data covered would be the whole zone transfer
96
including any glue records sent. The protocol described by [RFC2535]
97
does not protect glue records and unsigned records unless SIG(0)
98
(transaction signature) is used.
100
1.5. The authentication mechanism proposed in this document uses
101
shared secret keys to establish a trust relationship between two
102
entities. Such keys must be protected in a fashion similar to
103
private keys, lest a third party masquerade as one of the intended
104
parties (forge MACs). There is an urgent need to provide simple and
105
efficient authentication between clients and local servers and this
106
proposal addresses that need. This proposal is unsuitable for
107
general server to server authentication for servers which speak with
108
many other servers, since key management would become unwieldy with
114
Vixie, et al. Standards Track [Page 2]
116
RFC 2845 DNS TSIG May 2000
119
the number of shared keys going up quadratically. But it is suitable
120
for many resolvers on hosts that only talk to a few recursive
123
1.6. A server acting as an indirect caching resolver -- a "forwarder"
124
in common usage -- might use transaction-based authentication when
125
communicating with its small number of preconfigured "upstream"
126
servers. Other uses of DNS secret key authentication and possible
127
systems for automatic secret key distribution may be proposed in
128
separate future documents.
130
1.7. New Assigned Numbers
133
ERROR = 0..15 (a DNS RCODE)
138
1.8. The key words "MUST", "REQUIRED", "SHOULD", "RECOMMENDED", and
139
"MAY" in this document are to be interpreted as described in [RFC
146
To provide secret key authentication, we use a new RR type whose
147
mnemonic is TSIG and whose type code is 250. TSIG is a meta-RR and
148
MUST not be cached. TSIG RRs are used for authentication between DNS
149
entities that have established a shared secret key. TSIG RRs are
150
dynamically computed to cover a particular DNS transaction and are
151
not DNS RRs in the usual sense.
155
As the TSIG RRs are related to one DNS request/response, there is no
156
value in storing or retransmitting them, thus the TSIG RR is
157
discarded once it has been used to authenticate a DNS message. The
158
only message digest algorithm specified in this document is "HMAC-
159
MD5" (see [RFC1321], [RFC2104]). The "HMAC-MD5" algorithm is
160
mandatory to implement for interoperability. Other algorithms can be
161
specified at a later date. Names and definitions of new algorithms
162
MUST be registered with IANA. All multi-octet integers in the TSIG
163
record are sent in network byte order (see [RFC1035 2.3.2]).
170
Vixie, et al. Standards Track [Page 3]
172
RFC 2845 DNS TSIG May 2000
177
NAME The name of the key used in domain name syntax. The name
178
should reflect the names of the hosts and uniquely identify
179
the key among a set of keys these two hosts may share at any
180
given time. If hosts A.site.example and B.example.net share a
181
key, possibilities for the key name include
182
<id>.A.site.example, <id>.B.example.net, and
183
<id>.A.site.example.B.example.net. It should be possible for
184
more than one key to be in simultaneous use among a set of
185
interacting hosts. The name only needs to be meaningful to
186
the communicating hosts but a meaningful mnemonic name as
187
above is strongly recommended.
189
The name may be used as a local index to the key involved and
190
it is recommended that it be globally unique. Where a key is
191
just shared between two hosts, its name actually only need
192
only be meaningful to them but it is recommended that the key
193
name be mnemonic and incorporate the resolver and server host
196
TYPE TSIG (250: Transaction SIGnature)
206
Field Name Data Type Notes
207
--------------------------------------------------------------
208
Algorithm Name domain-name Name of the algorithm
209
in domain name syntax.
210
Time Signed u_int48_t seconds since 1-Jan-70 UTC.
211
Fudge u_int16_t seconds of error permitted
213
MAC Size u_int16_t number of octets in MAC.
214
MAC octet stream defined by Algorithm Name.
215
Original ID u_int16_t original message ID
216
Error u_int16_t expanded RCODE covering
218
Other Len u_int16_t length, in octets, of
220
Other Data octet stream empty unless Error == BADTIME
226
Vixie, et al. Standards Track [Page 4]
228
RFC 2845 DNS TSIG May 2000
246
-------------------------------------
247
Algorithm Name SAMPLE-ALG.EXAMPLE.
248
Time Signed 853804800
250
MAC Size as appropriate
252
Original ID as appropriate
257
3 - Protocol Operation
259
3.1. Effects of adding TSIG to outgoing message
261
Once the outgoing message has been constructed, the keyed message
262
digest operation can be performed. The resulting message digest will
263
then be stored in a TSIG which is appended to the additional data
264
section (the ARCOUNT is incremented to reflect this). If the TSIG
265
record cannot be added without causing the message to be truncated,
266
the server MUST alter the response so that a TSIG can be included.
267
This response consists of only the question and a TSIG record, and
268
has the TC bit set and RCODE 0 (NOERROR). The client SHOULD at this
269
point retry the request using TCP (per [RFC1035 4.2.2]).
271
3.2. TSIG processing on incoming messages
273
If an incoming message contains a TSIG record, it MUST be the last
274
record in the additional section. Multiple TSIG records are not
275
allowed. If a TSIG record is present in any other position, the
276
packet is dropped and a response with RCODE 1 (FORMERR) MUST be
277
returned. Upon receipt of a message with a correctly placed TSIG RR,
278
the TSIG RR is copied to a safe location, removed from the DNS
282
Vixie, et al. Standards Track [Page 5]
284
RFC 2845 DNS TSIG May 2000
287
Message, and decremented out of the DNS message header's ARCOUNT. At
288
this point the keyed message digest operation is performed. If the
289
algorithm name or key name is unknown to the recipient, or if the
290
message digests do not match, the whole DNS message MUST be
291
discarded. If the message is a query, a response with RCODE 9
292
(NOTAUTH) MUST be sent back to the originator with TSIG ERROR 17
293
(BADKEY) or TSIG ERROR 16 (BADSIG). If no key is available to sign
294
this message it MUST be sent unsigned (MAC size == 0 and empty MAC).
295
A message to the system operations log SHOULD be generated, to warn
296
the operations staff of a possible security incident in progress.
297
Care should be taken to ensure that logging of this type of event
298
does not open the system to a denial of service attack.
300
3.3. Time values used in TSIG calculations
302
The data digested includes the two timer values in the TSIG header in
303
order to defend against replay attacks. If this were not done, an
304
attacker could replay old messages but update the "Time Signed" and
305
"Fudge" fields to make the message look new. This data is named
306
"TSIG Timers", and for the purpose of digest calculation they are
307
invoked in their "on the wire" format, in the following order: first
308
Time Signed, then Fudge. For example:
310
Field Name Value Wire Format Meaning
311
----------------------------------------------------------------------
312
Time Signed 853804800 00 00 32 e4 07 00 Tue Jan 21 00:00:00 1997
313
Fudge 300 01 2C 5 minutes
315
3.4. TSIG Variables and Coverage
317
When generating or verifying the contents of a TSIG record, the
318
following data are digested, in network byte order or wire format, as
323
A whole and complete DNS message in wire format, before the TSIG RR
324
has been added to the additional data section and before the DNS
325
Message Header's ARCOUNT field has been incremented to contain the
326
TSIG RR. If the message ID differs from the original message ID, the
327
original message ID is substituted for the message ID. This could
328
happen when forwarding a dynamic update request, for example.
338
Vixie, et al. Standards Track [Page 6]
340
RFC 2845 DNS TSIG May 2000
343
3.4.2. TSIG Variables
345
Source Field Name Notes
346
-----------------------------------------------------------------------
347
TSIG RR NAME Key name, in canonical wire format
348
TSIG RR CLASS (Always ANY in the current specification)
349
TSIG RR TTL (Always 0 in the current specification)
350
TSIG RDATA Algorithm Name in canonical wire format
351
TSIG RDATA Time Signed in network byte order
352
TSIG RDATA Fudge in network byte order
353
TSIG RDATA Error in network byte order
354
TSIG RDATA Other Len in network byte order
355
TSIG RDATA Other Data exactly as transmitted
357
The RR RDLEN and RDATA MAC Length are not included in the hash since
358
they are not guaranteed to be knowable before the MAC is generated.
360
The Original ID field is not included in this section, as it has
361
already been substituted for the message ID in the DNS header and
364
For each label type, there must be a defined "Canonical wire format"
365
that specifies how to express a label in an unambiguous way. For
366
label type 00, this is defined in [RFC2535], for label type 01, this
367
is defined in [RFC2673]. The use of label types other than 00 and 01
368
is not defined for this specification.
372
When generating the MAC to be included in a response, the request MAC
373
must be included in the digest. The request's MAC is digested in
374
wire format, including the following fields:
376
Field Type Description
377
---------------------------------------------------
378
MAC Length u_int16_t in network byte order
379
MAC Data octet stream exactly as transmitted
383
Digested components are fed into the hashing function as a continuous
384
octet stream with no interfield padding.
394
Vixie, et al. Standards Track [Page 7]
396
RFC 2845 DNS TSIG May 2000
401
4.1. TSIG generation on requests
403
Client performs the message digest operation and appends a TSIG
404
record to the additional data section and transmits the request to
405
the server. The client MUST store the message digest from the
406
request while awaiting an answer. The digest components for a
409
DNS Message (request)
410
TSIG Variables (request)
412
Note that some older name servers will not accept requests with a
413
nonempty additional data section. Clients SHOULD only attempt signed
414
transactions with servers who are known to support TSIG and share
415
some secret key with the client -- so, this is not a problem in
420
When a server has generated a response to a signed request, it signs
421
the response using the same algorithm and key. The server MUST not
422
generate a signed response to an unsigned request. The digest
426
DNS Message (response)
427
TSIG Variables (response)
429
4.3. TSIG on TSIG Error returns
431
When a server detects an error relating to the key or MAC, the server
432
SHOULD send back an unsigned error message (MAC size == 0 and empty
433
MAC). If an error is detected relating to the TSIG validity period,
434
the server SHOULD send back a signed error message. The digest
437
Request MAC (if the request MAC validated)
438
DNS Message (response)
439
TSIG Variables (response)
441
The reason that the request is not included in this digest in some
442
cases is to make it possible for the client to verify the error. If
443
the error is not a TSIG error the response MUST be generated as
450
Vixie, et al. Standards Track [Page 8]
452
RFC 2845 DNS TSIG May 2000
455
4.4. TSIG on TCP connection
457
A DNS TCP session can include multiple DNS envelopes. This is, for
458
example, commonly used by zone transfer. Using TSIG on such a
459
connection can protect the connection from hijacking and provide data
460
integrity. The TSIG MUST be included on the first and last DNS
461
envelopes. It can be optionally placed on any intermediary
462
envelopes. It is expensive to include it on every envelopes, but it
463
MUST be placed on at least every 100'th envelope. The first envelope
464
is processed as a standard answer, and subsequent messages have the
465
following digest components:
467
Prior Digest (running)
468
DNS Messages (any unsigned messages since the last TSIG)
469
TSIG Timers (current message)
471
This allows the client to rapidly detect when the session has been
472
altered; at which point it can close the connection and retry. If a
473
client TSIG verification fails, the client MUST close the connection.
474
If the client does not receive TSIG records frequently enough (as
475
specified above) it SHOULD assume the connection has been hijacked
476
and it SHOULD close the connection. The client SHOULD treat this the
477
same way as they would any other interrupted transfer (although the
478
exact behavior is not specified).
480
4.5. Server TSIG checks
482
Upon receipt of a message, server will check if there is a TSIG RR.
483
If one exists, the server is REQUIRED to return a TSIG RR in the
484
response. The server MUST perform the following checks in the
485
following order, check KEY, check TIME values, check MAC.
487
4.5.1. KEY check and error handling
489
If a non-forwarding server does not recognize the key used by the
490
client, the server MUST generate an error response with RCODE 9
491
(NOTAUTH) and TSIG ERROR 17 (BADKEY). This response MUST be unsigned
492
as specified in [4.3]. The server SHOULD log the error.
494
4.5.2. TIME check and error handling
496
If the server time is outside the time interval specified by the
497
request (which is: Time Signed, plus/minus Fudge), the server MUST
498
generate an error response with RCODE 9 (NOTAUTH) and TSIG ERROR 18
499
(BADTIME). The server SHOULD also cache the most recent time signed
500
value in a message generated by a key, and SHOULD return BADTIME if a
501
message received later has an earlier time signed value. A response
502
indicating a BADTIME error MUST be signed by the same key as the
506
Vixie, et al. Standards Track [Page 9]
508
RFC 2845 DNS TSIG May 2000
511
request. It MUST include the client's current time in the time
512
signed field, the server's current time (a u_int48_t) in the other
513
data field, and 6 in the other data length field. This is done so
514
that the client can verify a message with a BADTIME error without the
515
verification failing due to another BADTIME error. The data signed
516
is specified in [4.3]. The server SHOULD log the error.
518
4.5.3. MAC check and error handling
520
If a TSIG fails to verify, the server MUST generate an error response
521
as specified in [4.3] with RCODE 9 (NOTAUTH) and TSIG ERROR 16
522
(BADSIG). This response MUST be unsigned as specified in [4.3]. The
523
server SHOULD log the error.
525
4.6. Client processing of answer
527
When a client receives a response from a server and expects to see a
528
TSIG, it first checks if the TSIG RR is present in the response.
529
Otherwise, the response is treated as having a format error and
530
discarded. The client then extracts the TSIG, adjusts the ARCOUNT,
531
and calculates the keyed digest in the same way as the server. If
532
the TSIG does not validate, that response MUST be discarded, unless
533
the RCODE is 9 (NOTAUTH), in which case the client SHOULD attempt to
534
verify the response as if it were a TSIG Error response, as specified
535
in [4.3]. A message containing an unsigned TSIG record or a TSIG
536
record which fails verification SHOULD not be considered an
537
acceptable response; the client SHOULD log an error and continue to
538
wait for a signed response until the request times out.
540
4.6.1. Key error handling
542
If an RCODE on a response is 9 (NOTAUTH), and the response TSIG
543
validates, and the TSIG key is different from the key used on the
544
request, then this is a KEY error. The client MAY retry the request
545
using the key specified by the server. This should never occur, as a
546
server MUST NOT sign a response with a different key than signed the
549
4.6.2. Time error handling
551
If the response RCODE is 9 (NOTAUTH) and the TSIG ERROR is 18
552
(BADTIME), or the current time does not fall in the range specified
553
in the TSIG record, then this is a TIME error. This is an indication
554
that the client and server clocks are not synchronized. In this case
555
the client SHOULD log the event. DNS resolvers MUST NOT adjust any
556
clocks in the client based on BADTIME errors, but the server's time
557
in the other data field SHOULD be logged.
562
Vixie, et al. Standards Track [Page 10]
564
RFC 2845 DNS TSIG May 2000
567
4.6.3. MAC error handling
569
If the response RCODE is 9 (NOTAUTH) and TSIG ERROR is 16 (BADSIG),
570
this is a MAC error, and client MAY retry the request with a new
571
request ID but it would be better to try a different shared key if
572
one is available. Client SHOULD keep track of how many MAC errors
573
are associated with each key. Clients SHOULD log this event.
575
4.7. Special considerations for forwarding servers
577
A server acting as a forwarding server of a DNS message SHOULD check
578
for the existence of a TSIG record. If the name on the TSIG is not
579
of a secret that the server shares with the originator the server
580
MUST forward the message unchanged including the TSIG. If the name
581
of the TSIG is of a key this server shares with the originator, it
582
MUST process the TSIG. If the TSIG passes all checks, the forwarding
583
server MUST, if possible, include a TSIG of his own, to the
584
destination or the next forwarder. If no transaction security is
585
available to the destination and the response has the AD flag (see
586
[RFC2535]), the forwarder MUST unset the AD flag before adding the
591
5.1. Secret keys are very sensitive information and all available
592
steps should be taken to protect them on every host on which they are
593
stored. Generally such hosts need to be physically protected. If
594
they are multi-user machines, great care should be taken that
595
unprivileged users have no access to keying material. Resolvers
596
often run unprivileged, which means all users of a host would be able
597
to see whatever configuration data is used by the resolver.
599
5.2. A name server usually runs privileged, which means its
600
configuration data need not be visible to all users of the host. For
601
this reason, a host that implements transaction-based authentication
602
should probably be configured with a "stub resolver" and a local
603
caching and forwarding name server. This presents a special problem
604
for [RFC2136] which otherwise depends on clients to communicate only
605
with a zone's authoritative name servers.
607
5.3. Use of strong random shared secrets is essential to the security
608
of TSIG. See [RFC1750] for a discussion of this issue. The secret
609
should be at least as long as the keyed message digest, i.e. 16 bytes
610
for HMAC-MD5 or 20 bytes for HMAC-SHA1.
618
Vixie, et al. Standards Track [Page 11]
620
RFC 2845 DNS TSIG May 2000
623
6 - Security Considerations
625
6.1. The approach specified here is computationally much less
626
expensive than the signatures specified in [RFC2535]. As long as the
627
shared secret key is not compromised, strong authentication is
628
provided for the last hop from a local name server to the user
631
6.2. Secret keys should be changed periodically. If the client host
632
has been compromised, the server should suspend the use of all
633
secrets known to that client. If possible, secrets should be stored
634
in encrypted form. Secrets should never be transmitted in the clear
635
over any network. This document does not address the issue on how to
636
distribute secrets. Secrets should never be shared by more than two
639
6.3. This mechanism does not authenticate source data, only its
640
transmission between two parties who share some secret. The original
641
source data can come from a compromised zone master or can be
642
corrupted during transit from an authentic zone master to some
643
"caching forwarder." However, if the server is faithfully performing
644
the full [RFC2535] security checks, then only security checked data
645
will be available to the client.
647
6.4. A fudge value that is too large may leave the server open to
648
replay attacks. A fudge value that is too small may cause failures
649
if machines are not time synchronized or there are unexpected network
650
delays. The recommended value in most situation is 300 seconds.
652
7 - IANA Considerations
654
IANA is expected to create and maintain a registry of algorithm names
655
to be used as "Algorithm Names" as defined in Section 2.3. The
656
initial value should be "HMAC-MD5.SIG-ALG.REG.INT". Algorithm names
657
are text strings encoded using the syntax of a domain name. There is
658
no structure required other than names for different algorithms must
659
be unique when compared as DNS names, i.e., comparison is case
660
insensitive. Note that the initial value mentioned above is not a
661
domain name, and therefore need not be a registered name within the
662
DNS. New algorithms are assigned using the IETF Consensus policy
663
defined in RFC 2434. The algorithm name HMAC-MD5.SIG-ALG.REG.INT
664
looks like a FQDN for historical reasons; future algorithm names are
665
expected to be simple (i.e., single-component) names.
674
Vixie, et al. Standards Track [Page 12]
676
RFC 2845 DNS TSIG May 2000
679
IANA is expected to create and maintain a registry of "TSIG Error
680
values" to be used for "Error" values as defined in section 2.3.
681
Initial values should be those defined in section 1.7. New TSIG
682
error codes for the TSIG error field are assigned using the IETF
683
Consensus policy defined in RFC 2434.
687
[RFC1034] Mockapetris, P., "Domain Names - Concepts and Facilities",
688
STD 13, RFC 1034, November 1987.
690
[RFC1035] Mockapetris, P., "Domain Names - Implementation and
691
Specification", STD 13, RFC 1034, November 1987.
693
[RFC1321] Rivest, R., "The MD5 Message-Digest Algorithm", RFC 1321,
696
[RFC1750] Eastlake, D., Crocker, S. and J. Schiller, "Randomness
697
Recommendations for Security", RFC 1750, December 1995.
699
[RFC2104] Krawczyk, H., Bellare, M. and R. Canetti, "HMAC-MD5:
700
Keyed-MD5 for Message Authentication", RFC 2104, February
703
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
704
Requirement Levels", BCP 14, RFC 2119, March 1997.
706
[RFC2136] Vixie, P., Thomson, S., Rekhter, Y. and J. Bound "Dynamic
707
Updates in the Domain Name System", RFC 2136, April 1997.
709
[RFC2137] Eastlake 3rd, D., "Secure Domain Name System Dynamic
710
Update", RFC 2137, April 1997.
712
[RFC2535] Eastlake, D., "Domain Name System Security Extensions",
713
RFC 2535, March 1999.
715
[RFC2673] Crawford, M., "Binary Labels in the Domain Name System",
716
RFC 2673, August 1999.
730
Vixie, et al. Standards Track [Page 13]
732
RFC 2845 DNS TSIG May 2000
735
9 - Authors' Addresses
738
Internet Software Consortium
740
Redwood City, CA 94063
742
Phone: +1 650 779 7001
748
3060 Washington Road, Route 97
751
Phone: +1 443 259 2389
752
EMail: ogud@tislabs.com
755
Donald E. Eastlake 3rd
760
Phone: +1 508 261 5434
761
EMail: dee3@torque.pothole.com
767
Redwood City, CA 94063
769
Phone: +1 650 779 6022
770
EMail: Brian.Wellington@nominum.com
786
Vixie, et al. Standards Track [Page 14]
788
RFC 2845 DNS TSIG May 2000
791
10 Full Copyright Statement
793
Copyright (C) The Internet Society (2000). All Rights Reserved.
795
This document and translations of it may be copied and furnished to
796
others, and derivative works that comment on or otherwise explain it
797
or assist in its implementation may be prepared, copied, published
798
and distributed, in whole or in part, without restriction of any
799
kind, provided that the above copyright notice and this paragraph are
800
included on all such copies and derivative works. However, this
801
document itself may not be modified in any way, such as by removing
802
the copyright notice or references to the Internet Society or other
803
Internet organizations, except as needed for the purpose of
804
developing Internet standards in which case the procedures for
805
copyrights defined in the Internet Standards process must be
806
followed, or as required to translate it into languages other than
809
The limited permissions granted above are perpetual and will not be
810
revoked by the Internet Society or its successors or assigns.
812
This document and the information contained herein is provided on an
813
"AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING
814
TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING
815
BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION
816
HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF
817
MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
821
Funding for the RFC Editor function is currently provided by the
842
Vixie, et al. Standards Track [Page 15]