--- 1/draft-ietf-grow-embed-addr-03.txt 2006-02-04 23:24:03.000000000 +0100 +++ 2/draft-ietf-grow-embed-addr-04.txt 2006-02-04 23:24:03.000000000 +0100 @@ -1,127 +1,136 @@ Global Routing Operations D. Plonka Internet-Draft University of Wisconsin -Expires: December 7, 2004 June 8, 2004 +Expires: April 22, 2005 October 22, 2004 Embedding Globally Routable Internet Addresses Considered Harmful - draft-ietf-grow-embed-addr-03 + draft-ietf-grow-embed-addr-04 Status of this Memo - This document is an Internet-Draft and is in full conformance with - all provisions of Section 10 of RFC2026. + This document is an Internet-Draft and is subject to all provisions + of section 3 of RFC 3667. By submitting this Internet-Draft, each + author represents that any applicable patent or other IPR claims of + which he or she is aware have been or will be disclosed, and any of + which he or she become aware will be disclosed, in accordance with + RFC 3668. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet-Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt. The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. - This Internet-Draft will expire on December 7, 2004. + This Internet-Draft will expire on April 22, 2005. Copyright Notice - Copyright (C) The Internet Society (2004). All Rights Reserved. + Copyright (C) The Internet Society (2004). Abstract This document means to clarify best current practices in the Internet community. Internet hosts should not contain globally routable Internet Protocol addresses embedded within firmware or elsewhere as part of their default configuration such that it influences run-time behavior. +Table of Contents + + 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 + 2. Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 + 3. Recommendations . . . . . . . . . . . . . . . . . . . . . . . 5 + 3.1 Disable Unused Features . . . . . . . . . . . . . . . . . 6 + 3.2 Provide User Interface for IP Features . . . . . . . . . . 6 + 3.3 Use Domain Names as Service Identifiers . . . . . . . . . 6 + 3.4 Use Special-Purpose, Reserved IP Addresses When + Available . . . . . . . . . . . . . . . . . . . . . . . . 7 + 3.5 Discover and Utilize Local Services . . . . . . . . . . . 7 + 3.6 Avoid Mentioning the IP Addresses of Services . . . . . . 8 + 4. Security Considerations . . . . . . . . . . . . . . . . . . . 8 + 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 8 + 6. Conclusion . . . . . . . . . . . . . . . . . . . . . . . . . . 8 + 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 9 + 8. References . . . . . . . . . . . . . . . . . . . . . . . . . . 9 + 8.1 Normative References . . . . . . . . . . . . . . . . . . . . 9 + 8.2 Informative References . . . . . . . . . . . . . . . . . . . 9 + Author's Address . . . . . . . . . . . . . . . . . . . . . . . 10 + A. Background . . . . . . . . . . . . . . . . . . . . . . . . . . 10 + Intellectual Property and Copyright Statements . . . . . . . . 11 + Revision History RFC-EDITOR: PLEASE REMOVE REVISION HISTORY BEFORE PUBLICATION. The - following is the revision history of this document + following is the recent revision history of this document $Log: draft-ietf-grow-embed-addr.xml,v $ - Revision 1.17 2004/06/08 20:27:02 plonka - minor edits - - renamed from "-02" to "-03" - - Revision 1.16 2004/06/08 20:15:03 plonka - minor edits, fixed some typos - - Revision 1.15 2004/06/08 14:16:45 plonka - revised conclusion based on input from Geoff Huston - - added netgear-sntp technical report to list of informative references - - Revision 1.14 2004/06/07 18:16:27 plonka - split references into normative and informative sections - - Revision 1.13 2004/06/07 16:32:10 plonka - Set category to BCP. - - Rewrote/resized abstract and introduction as suggested by Pekka Savola. - - Improved section about using DNS names, re; hard-coding caveats, as - suggested by Pekka Savola. + Revision 1.19 2004/10/22 16:08:17 plonka + edits based on initial IESG evaluation for BCP: - Encouraged use of IPv4 documentation/example prefix 192.0.2.0/24 rather - than private addresses, as noted by Pekka Savola. + * fixed a typo reported by Spencer Dawkins - Mentioned IPv6 2001:DB8::/32 documentation prefix, as noted by Tom Petch. + * reworded the introduction as suggested by Ted Hardie to make it clear that + the document is about service identifiers used by the device, not the host + IP address it uses as a client of those services - Added note for RFC-editor requesting that revision history be removed. + * improved recommendation to use DNS names based on comments by Harald + Alvestrand, Steve Bellovin, and Pekka Savola - Reworded various portions. + * under Security Considerations, strengthened the opposition to ad hoc remote + control mechanisms by mentioned that they should be able to be disabled, + based on comment by Russ Housley - Renamed from "-00" to "-01" and updated date. + * used the term "mobility" rather than "portability" and "networks" + rather than "internets" based on comment by Thomas Narten. - Revision 1.12 2003/12/05 15:51:23 plonka - typo fixes and updates from Michael Patton + Revision 1.18 2004/10/21 20:24:35 plonka + changed from full RFC2026 to RFC3667 compliance - Revision 1.11 2003/12/02 22:28:04 plonka - renamed from draft-plonka-embed-addr to draft-ietf-grow-embed-addr + used compact as suggested by Pekka Savola - integrated suggestions from Paul Barford - reordered references to match the text + added table of contents and sortrefs - added quote from RFC2101 re: use of IPv4 addresses as identifiers - as mentioned by Brian Carpenter + added headings and subsections for specific recommendations - Revision 1.10 2003/11/03 17:06:54 plonka - added background information in appendix + added example of how domain names might be used, based on suggestion by + Pekka Savola - Revision 1.9 2003/11/03 16:39:30 plonka - various updates based on input from Mike O'Connor: - - indicated that DNS server(s) should be configurable - - clarified DNS round-robin behavior - - clarified "unsolicited traffic" by saying "IP traffic" + added reference to RFC3849 now that it's available (re: IPv6 documentation + prefix) - added revision history and appendix A + other minor edits Figure 1 1. Introduction - Vendors of consumer electronics and network gear have produced and - sold hundreds of thousands of Internet hosts with globally routable - Internet Protocol addresses embedded within their products' firmware. - These products are now in operation world-wide and primarily include, - but are not necessarily limited to, low-cost routers and middleboxes - for personal or residential use. + Vendors of consumer electronics and network gear have unfortunately + chosen to embed, or "hard-code", globally routable Internet Protocol + addresses within their products' firmware. These products use these + embedded IP addresses as service identifiers and direct service + requests (unsolicited Internet traffic) to them. One recent example + was the embedding of the globally routable IP address of a Network + Time Protocol server in the firmware of hundreds of thousands of + Internet hosts that are now in operation world-wide. The hosts are + primarily, but are not necessarily limited to, low-cost routers and + middleboxes for personal or residential use. This "hard-coding" of globally routable IP addresses as identifiers within the host's firmware presents significant problems to the operation of the Internet and to the management of its address space. Ostensibly, this practice arose as an attempt to simplify configuration of IP hosts by preloading them with IP addresses as service identifiers. Products that rely on such embedded IP addresses initially may appear convenient to both the product's designer and its operator or user, but this dubious benefit comes at @@ -130,53 +139,57 @@ This document denounces the practice of embedding references to unique, globally routable IP addresses in Internet hosts, describes some of the resulting problems, and considers selected alternatives. It also reminds the Internet community of the ephemeral nature of unique, globally routable IP addresses and that the assignment and use of IP addresses as identifiers is temporary and therefore should not be used in fixed configurations. 2. Problems - In a number cases, the embedding of IP addresses has caused Internet - products to rely on a single central Internet service. This can - result in a service outage when the aggregate workload overwhelms - that service. When fixed addresses are embedded in an - ever-increasing number of client IP hosts, this practice runs - directly counter to the design intent of hierarchically deployed - services that would otherwise be robust solutions. + In a number cases, the embedding of IP addresses in products has + caused an increasing number of Internet hosts to rely on a single + central Internet service. This can result in a service outage when + the aggregate workload overwhelms that service. When fixed addresses + are embedded in an ever-increasing number of client IP hosts, this + practice runs directly counter to the design intent of hierarchically + deployed services that would otherwise be robust solutions. The reliability, scalability, and performance of many Internet services require that the pool of users not directly access a service by IP address. Instead they typically rely on a level of indirection - provided by the Domain Name System, RFC 2219 [6]. DNS permits the - service operator to reconfigure the resources for maintenance and to - load-balance without the participation of the users. For instance, - one common load-balancing technique employs multiple DNS records with - the same name that are then rotated in a round-robin fashion in the - set of answers returned by many DNS server implementations. Upon - receiving such a response to a query, resolvers typically will try - the answers in order, until one succeeds, thus enabling the operator - to distribute the user request load across a set of servers with - discrete IP addresses that generally remain unknown to the user. + provided by the Domain Name System, RFC 2219 [6]. When appropriately + utilized, DNS permits the service operator to reconfigure the + resources for maintenance and to load-balance without the + participation of the users and without necessitating configuration + changes in the client hosts. For instance, one common load-balancing + technique employs multiple DNS records with the same name that are + then rotated in a round-robin fashion in the set of answers returned + by many DNS server implementations. Upon receiving such a response + to a query, resolvers typically will try the answers in order, until + one succeeds, thus enabling the operator to distribute the user + request load across a set of servers with discrete IP addresses that + generally remain unknown to the user. Embedding globally unique IP addresses taints the IP address blocks - in which they reside, lessening the usefulness and portability of - those IP address blocks and increasing the cost of operation. - Unsolicited traffic may continue to be delivered to the embedded - address well after the IP address or block has been reassigned and no - longer hosts the service for which that traffic was intended. Circa - 1997, the authors of RFC 2101 [5] made this observation: + in which they reside, lessening the usefulness and mobility of those + IP address blocks and increasing the cost of operation. Unsolicited + traffic may continue to be delivered to the embedded address well + after the IP address or block has been reassigned and no longer hosts + the service for which that traffic was intended. Circa 1997, the + authors of RFC 2101 [7] made this observation: + Due to dynamic address allocation and increasingly frequent network renumbering, temporal uniqueness of IPv4 addresses is no longer globally guaranteed, which puts their use as identifiers into severe question. + When IP addresses are used as service identifiers in the configuration of many Internet hosts, the IP address blocks become encumbered by their historical use. This may interfere with the ability of the Internet Assigned Numbers Authority (IANA) and the Internet Registry (IR) hierarchy to usefully reallocate IP address blocks. Likewise, to facilitate IP address reuse, RFC 2050 [1], encourages Internet Service Providers (ISPs) to treat address assignments as "loans". Because consumers are not necessarily experienced in the operation of @@ -183,106 +196,160 @@ Internet hosts, they are not able to be relied upon to fix problems if and when they arise. As such, a significant responsibility lies with the manufacturer or vendor of the Internet host to avoid embedding IP addresses in ways which cause the aforementioned problems. 3. Recommendations Internet host and router designers, including network product manufacturers, should not assume that their products will be deployed - and used in only a single global Internet that they happen to observe - today. A myriad of private or future internets in which these - products will be used may not allow those hosts to establish - end-to-end communications with arbitrary hosts on the global - Internet. Since the product failure modes resulting from unknown - future states cannot be fully explored, one should avoid assumptions - regarding the longevity of our current Internet. + and used in only the single global Internet that they happen to + observe today. A myriad of private or future internetworks in which + these products will be used may not allow those hosts to establish + communications with arbitrary hosts on the global Internet. Since + the product failure modes resulting from unknown future states cannot + be fully explored, one should avoid assumptions regarding the + longevity of our current Internet. + + The following recommendations are presented as best practice today: + +3.1 Disable Unused Features Vendors should, by default, disable unnecessary features in their products. This is especially true of features that generate - unsolicited IP traffic. In this way these hosts will be conservative - regarding the unsolicited Internet traffic they produce. For - instance, one of the most common uses of embedded IP addresses has - been the hard-coding of addresses of well know public Simple Network - Time Protocol (SNTP RFC 2030 [7]) servers, even though only a small - fraction of the users benefits from these products even having some - notion of the current date and time. + unsolicited Internet traffic. In this way these hosts will be + conservative regarding the unsolicited Internet traffic they produce. + For instance, one of the most common uses of embedded IP addresses + has been the hard-coding of addresses of well known public Simple + Network Time Protocol (SNTP RFC 2030 [8]) servers, even though only a + small fraction of the users benefits from these products even having + some notion of the current date and time. + +3.2 Provide User Interface for IP Features Vendors should provide an operator interface for every feature that - generates unsolicited IP traffic. A prime example of this is that - the Domain Name System resolver should have an interface enabling the - operator to either explicitly set the servers of his choosing or to - enable the use of a standard automated configuration protocol such as - DHCP, defined by RFC 2132 [8]. Within the operator interface, these - features should originally be disabled so that one consequence of - subsequently enabling these features is that the operator becomes - aware that the feature exists. This will mean that it is more likely - that the product's owner or operator can participate in problem - determination and mitigation when problems arise. + generates unsolicited Internet traffic. A prime example of this is + that the Domain Name System resolver should have an interface + enabling the operator to either explicitly set the servers of his + choosing or to enable the use of a standard automated configuration + protocol such as DHCP, defined by RFC 2132 [9]. Within the operator + interface, these features should originally be disabled so that one + consequence of subsequently enabling these features is that the + operator becomes aware that the feature exists. This will mean that + it is more likely that the product's owner or operator can + participate in problem determination and mitigation when problems + arise. + + RFC 2606 [2] defines the IANA-reserved "example.com", "example.net", + and "example.org" domains for use in example configurations and + documentation. These are candidate examples to be used in user + interface documentation. + +3.3 Use Domain Names as Service Identifiers Internet hosts should use the Domain Name System to determine the IP addresses associated with the Internet services they require. - However, simply hard-coding DNS names rather than IP addresses is not - a panacea. Entries in the domain name space are also ephemeral and - can change owners for various reasons including acquisitions and - litigation. A given vendor ought not assume that anyone will retain - control of a given zone indefinitely. RFC 2606 [2] defines the - IANA-reserved "example.com", "example.net", and "example.org" domains - for use in example configurations and documentation. + + When using domain names as service identifiers in the configurations + of deployed Internet hosts, designers and vendors are encouraged to + introduce service names either within a domain which they control or + have entered into an agreement with its operator to utilize (such as + for public services provided by the Internet community). This is + commonly done by simply introducing a service-specific prefix to the + domain name. + + For instance, a vendor named "Example, Inc." with the domain + "example.com" might configure its product to find its SNTP server by + the name "sntp-server.config.example.com" or even by a product and + version-specific name such as + "sntp-server.v1.widget.config.example.com". Here, the + "config.example.com" namespace is dedicated to that vendor's product + configuration, with sub-domains introduced as deemed necessary. Such + special-purpose domain names enable ongoing maintenance and + reconfiguration of the services for their client hosts and can aid in + the ongoing measurement of service usage throughout the product's + lifetime. + + An alternative to inventing vendor-specific domain naming conventions + for a product's service identifiers is to utilize SVR resource + records (RR), defined by RFC 2782 [10]. SRV records are a generic + type of RR which uses a service-specific prefix in combination with a + base domain name. For example, an SVR-cognizant SNTP client might + discover Example, Inc.'s suggested NTP server by performing an + SVR-type query to lookup for "_ntp._udp.example.com". + + However, note that simply hard-coding DNS name service identifiers + rather than IP addresses is not a panacea. Entries in the domain + name space are also ephemeral and can change owners for various + reasons including acquisitions and litigation. As such, developers + and vendors should explore a product's potential failure modes + resulting from the loss of administrative control of a given domain + for whatever reason. + +3.4 Use Special-Purpose, Reserved IP Addresses When Available Default configurations, documentation, and example configurations for Internet hosts should use Internet addresses that reside within special blocks that have been reserved for these purposes, rather than unique, globally routable IP addresses. For IPv4, RFC 3330 [3] states that the 192.0.2.0/24 block has been assigned for use in documentation and example code. The IPv6 global unicast address prefix 2001:DB8::/32 has been similarly reserved for documentation - purposes. Private Internet Addresses, as defined by RFC 1918 [4], - should not be used for such purposes. + purposes RFC 3849 [4]. Private Internet Addresses, as defined by RFC + 1918 [5], should not be used for such purposes. + +3.5 Discover and Utilize Local Services Service providers and enterprise network operators should advertise - the identities of suitable local services, such as NTP. For - instance, the DHCP protocol, as defined by RFC 2132 [8], enables one - to configure a server to answer queries for service identitifiers to - clients that ask for them. When local services including NTP are - available but not pervasively advertised using such common protocols, - designers are more likely deploy ad hoc initialization mechanisms - that unnecessarily rely on central services. + the identities of suitable local services, such as NTP. Very often + these services exist, but the advertisement and automated + configuration of their use is missing. For instance, the DHCP + protocol, as defined by RFC 2132 [9], enables one to configure a + server to answer queries for service identitifiers to clients that + ask for them. When local services including NTP are available but + not pervasively advertised using such common protocols, designers are + more likely deploy ad hoc initialization mechanisms that + unnecessarily rely on central services. + +3.6 Avoid Mentioning the IP Addresses of Services Operators that provide public services on the global Internet, such - as the NTP community, should deprecate the explicit advertisement of - the IP addresses of public services. These addresses are ephemeral. - As such, their widespread citation in public service indexes - interferes with the ability to reconfigure the service as necessary - to address unexpected, increased traffic. + as those in the NTP community, should deprecate the explicit + advertisement of the IP addresses of public services. These + addresses are ephemeral. As such, their widespread citation in + public service indexes interferes with the ability to reconfigure the + service as necessary to address unexpected, increased traffic and the + aforementioned problems. 4. Security Considerations Embedding or "hard-coding" IP addresses within a host's configuration often means that a host-based trust model is being employed, and that the Internet host with the given address is trusted in some way. Due - to the ephemeral roles of routable IP addresses, the practice of - embedding them within products' firmware or default configurations - presents a security risk in that unknown parties may inadvertently be - trusted. + to the ephemeral roles of globally routable IP addresses, the + practice of embedding them within products' firmware or default + configurations presents a security risk in that unknown parties may + inadvertently be trusted. Internet host designers may be tempted to implement some sort of remote control mechanism within a product, by which its Internet host configuration can be changed without reliance on, interaction with, or even the knowledge of its operator or user. This raises security - issues of its own. If such a scheme is implemented, this should be - fully disclosed to the customer, operator, and user so that an - informed decision can be made, perhaps in accordance with local + issues of its own. If such a scheme is implemented, its presence + should be fully disclosed to the customer, operator, and user so that + an informed decision can be made, perhaps in accordance with local security or privacy policy. Furthermore, the significant possibility of malicious parties exploiting such a remote control mechanism may completely negate any potential benefit of the remote control scheme. + As such, remote control mechanisms should be disabled by default to + be subsequently enabled and disabled by the user. 5. IANA Considerations This document creates no new requirements on IANA namespaces. 6. Conclusion When large numbers of homogenous Internet hosts are deployed, it is particularly important that both their designers and other members of the Internet community diligently assess host implementation quality @@ -309,38 +376,44 @@ [1] Hubbard, K., "INTERNET REGISTRY IP ALLOCATION GUIDELINES", RFC 2050, BCP 12, November 1996. [2] Eastlake, D., "Reserved Top Level DNS Names", RFC 2606, BCP 32, June 1999. [3] Internet Assigned Numbers Authority, "Special-Use IPv4 Addresses", RFC 3330, September 2002. - [4] Rekhter, Y., "Address Allocation for Private Internets", RFC + [4] Huston, G., "IPv6 Address Prefix Reserved for Documentation", + RFC 3849, July 2004. + + [5] Rekhter, Y., "Address Allocation for Private Internets", RFC 1918, BCP 5, February 1996. 8.2 Informative References - [5] Carpenter, B., "IPv4 Address Behaviour Today", RFC 2101, - February 1997. - [6] Hamilton, M., "Use of DNS Aliases for Network Services", RFC 2219, BCP 17, October 1997. - [7] Mills, D., "Simple Network Time Protocol (SNTP) Version 4 for + [7] Carpenter, B., "IPv4 Address Behaviour Today", RFC 2101, + February 1997. + + [8] Mills, D., "Simple Network Time Protocol (SNTP) Version 4 for IPv4, IPv6 and OSI", RFC 2030, October 1996. - [8] Alexander, S., "DHCP Options and BOOTP Vendor Extensions", RFC + [9] Alexander, S., "DHCP Options and BOOTP Vendor Extensions", RFC 2132, March 1997. - [9] Plonka, D., "Flawed Routers Flood University of Wisconsin + [10] Gulbrandsen, A., "A DNS RR for specifying the location of + services (DNS SRV)", RFC 2782, February 2000. + + [11] Plonka, D., "Flawed Routers Flood University of Wisconsin Internet Time Server", August 2003, . Author's Address David Plonka University of Wisconsin - Madison EMail: plonka AT doit DOT wisc DOT edu URI: http://net.doit.wisc.edu/~plonka/ @@ -363,66 +436,56 @@ significant operational problems. These flawed routers are widely deployed throughout the global Internet and are likely to remain in use for years to come. As such, the University of Wisconsin with the cooperation of NetGear will build a new anycast time service which aims to mitigate the damage caused by the misbehavior of these flawed routers. A technical report regarding the details of this situation is available on the world wide web: Flawed Routers Flood University of - Wisconsin Internet Time Server [9]. + Wisconsin Internet Time Server [11]. Intellectual Property Statement The IETF takes no position regarding the validity or scope of any - intellectual property or other rights that might be claimed to + Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights - might or might not be available; neither does it represent that it - has made any effort to identify any such rights. Information on the - IETF's procedures with respect to rights in standards-track and - standards-related documentation can be found in BCP-11. Copies of - claims of rights made available for publication and any assurances of - licenses to be made available, or the result of an attempt made to - obtain a general license or permission for the use of such - proprietary rights by implementors or users of this specification can - be obtained from the IETF Secretariat. + might or might not be available; nor does it represent that it has + made any independent effort to identify any such rights. Information + on the procedures with respect to rights in RFC documents can be + found in BCP 78 and BCP 79. + + Copies of IPR disclosures made to the IETF Secretariat and any + assurances of licenses to be made available, or the result of an + attempt made to obtain a general license or permission for the use of + such proprietary rights by implementers or users of this + specification can be obtained from the IETF on-line IPR repository at + http://www.ietf.org/ipr. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary - rights which may cover technology that may be required to practice - this standard. Please address the information to the IETF Executive - Director. - -Full Copyright Statement + rights that may cover technology that may be required to implement + this standard. Please address the information to the IETF at + ietf-ipr@ietf.org. - Copyright (C) The Internet Society (2004). All Rights Reserved. +Disclaimer of Validity - This document and translations of it may be copied and furnished to - others, and derivative works that comment on or otherwise explain it - or assist in its implementation may be prepared, copied, published - and distributed, in whole or in part, without restriction of any - kind, provided that the above copyright notice and this paragraph are - included on all such copies and derivative works. However, this - document itself may not be modified in any way, such as by removing - the copyright notice or references to the Internet Society or other - Internet organizations, except as needed for the purpose of - developing Internet standards in which case the procedures for - copyrights defined in the Internet Standards process must be - followed, or as required to translate it into languages other than - English. + This document and the information contained herein are provided on an + "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS + OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET + ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, + INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE + INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED + WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. - The limited permissions granted above are perpetual and will not be - revoked by the Internet Society or its successors or assignees. +Copyright Statement - This document and the information contained herein is provided on an - "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING - TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING - BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION - HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF - MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. + Copyright (C) The Internet Society (2004). This document is subject + to the rights, licenses and restrictions contained in BCP 78, and + except as set forth therein, the authors retain all their rights. Acknowledgment Funding for the RFC Editor function is currently provided by the Internet Society.