Mobileip Working Group Youngsong Mun
Internet-Draft Miyoung Kim
Expires: June, 2007 Soongsil University
Jaehoon Nah
Seungwon Sohn
ETRI
December, 2006
Local Authentication Scheme Based on AAA Architecture
in IEEE 802.16e BWA
draft-mun-mobileip-bwa-aaa-00.txt
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on June 2007.
Copyright Notice
Copyright (C) The Internet Society (2006).
Abstract
Mobile IP has been recently getting popularity with some interesting
transformation in order to be more suitable for use by existing and
emerging wireless technology, such as IEEE 802.16e Broadband
Wireless Access(BWA) One of the fundamental features to make Mobile
M. Kim, et al. Expires June, 2007 [Page 1]
�
Internet-Draft Local Authentication Scheme July 2006
IP available in commercial world is secure access with it.
In this draft, we propose a novel scheme to locally authenticate
and authorize inter-domain roaming users for efficient way in IEEE
802.16e BWA based on authentication, authorization and
accout-ing(AAA) infrastructure. We present the detailed operations
to establish local security association(SA) for authentication and
performance evaluation by con-sidering the traffic and mobility
properties of a roaming user as well as the dis-tance between the
mobile node(MN) and its home AAA server. Proposed scheme outperforms
exiting method with respect to authentication cost and ser-vice
latency.
Table of Contents
1. Introduction....................................................3
2. Terminology.....................................................4
3. Authentication Overview on AAA Infrastructure...................5
4. IEEE 802.16e Handover...........................................9
4.1. IEEE 802.16e Fast Handover in Predictive Mode
5. AAA-based Authentication Provision.............................11
5.1 Authentication Extension Flow
6. Conclusions....................................................11
7. References.....................................................12
8. Authors' Addresses.............................................13
M. Kim, et al. Expires June, 2007 [Page 2]
�
Internet-Draft Local Authentication Scheme July 2006
1. Introduction
Mobile IP enables a MN to move freely from one point of connection
to Internet to another point without disruption of pre-established
end-to-end transport connection, e.g. TCP. When a MN enters a visited
domain, it obtains a temporary IP address named Care-of Address(CoA)
and registers it with home agent(HA), a special router in its home
domain. The correspondent node (CN) communicating with the MN can
send packets to the MNs home address. The MNs home domain captures
the packets sent to ti and forwards them to its temporary address[1].
The one of the main problem is from lacking of security service.
The MN should be authenticated to verify the right of its
ccessibility if it is regal user by pre-defined contractions
between ISPs[2].
IEEE 802.16 wireless MN called ĄŽWorldwide Interoperability for
Microware Ac-cess(WiMAX)ĄŻ has been standardized as a promising
solution of a fixed broadband wireless access system and it
provides network access from building through external antennas
communicating with central base stations[3,4]. Due to its feature
covering broad areas without expensive installation cost, it may
offer ubiquitous broadband access[3]. Additionally, IEEE 802.16e
called ĄŽWireless Broadband(WiBro)ĄŻ is a stan-dard in progressing
for BWA in order to support mobility with offering up to 2Mbps at
60km/h, which is expected to fill the gap between fixed wired or
wireless networks and mobility systems.
[5] describes the various deployment scenarios to provide migration
path toward 4G. WiFi is already in laptop, cell phones and PDAs.
One of the first uses of 802.16 will be backhaul for WiFi hotspots
forming a micro cell. With WiMAX, hotspots will be extended as so
called ĄŽhotzoneĄŻ for user of WiFi applications. Next, the WiMAX
main base station(BS) with wired backhaul at the center of cluster
of WiMAX mesh base stations forms a macro cell providing coverage
for the surrounding region. Fi-nally, deployment of mobile
WiMAX(WiBro) is suggested to get the complete 4G with full mobility.
To offer mobility, the wireless service must be as pervasive as cell
phone service. The solution is to create small cells instead of
trying to cover large areas with a single antenna.
The main challenges reported from IETF mobile ip WG are security and
quality of service(QoS)[6]. Both are important in providing reliable
communications because of the unprotected and bursty open medium.
To provide security services in wireless networks, authentication
to identify the MN and negotiate credentials such as encryp-tion
keys and algorithms for secure communication [7,8,9].
M. Kim, et al. Expires June, 2007 [Page 3]
�
Internet-Draft Local Authentication Scheme July 2006
The security research has taken into 802.16e and Mobile IP with
different aspect of approach without the rela-tionship between them.
As a complementary protocol leveraging the 802.16e and Mobile IP,
FIMP becomes a candidate to start and complete the layer3 handover
and binding update by using results of its successful deployment
scenarios.
In this draft, we propose service architecture to support fast and
secure global roaming service across multiple service domains.
Using this scheme, a mobile user can be served with continuous
communication service when it is belonging to different domain.
Mobile user only needs to carry single identification to receive
the same ser-vice on any service network that minimizes the handoff
latency in AAA-enabled roam-ing service specifically to support
real-time applications.
This draft is organized as follows. In Section 2, we summarize the
operations of AAA-enabled mobile IP architecture and discuss the
performance issue raised in the support of fast handoff in secure
global roaming service. In Section 3, we present the AAA-enabled
roaming service integrated with fast handoff scheme over IEEE 802.16e
BWA. The proposed model is aligned with IETF Mobile IP [1,10,11] and
AAA frameworks. In Section 4, we describe the goals and design of
authentication scheme for the case of mobility patterns, e.g. traffic
and movement probability in which the optimized operations are
introduced with considering the security issues [2]. In Sec-tion
5 and 6, performance enhancement scheme and cost evaluation of our
proposal are described in respect to existing schemes, mobile ip and
fast handover in IEEE 802.16e. Finally, the conclusion is given in
Section 7.
M. Kim, et al. Expires June, 2007 [Page 4]
�
Internet-Draft Local Authentication Scheme July 2006
2. Terminology
This document borrows all of the terminology from Mobile IPv6 [1] and
AAA for Mobile MIPv6 [3].
Attendant: AAA entity which is the local AAA system entry point
and the local address provider/registry. Term from [8].
AAA client: attendant.
AAA home server (AAAH): AAA server of the home network.
AAA local server (AAAL): AAA server of the local network.
AVP (Attribute Value Pair): AAA (element of) payload.
Binding: home address/care-of address association for a mobile
node on a mobility aware IPv6 node.
Care-of address (Co@): temporary address used by a mobile node.
The care-of address is allocated or registered by a local
entity which is assumed for simplicity in this document
to be the same than the attendant.
Home address (H@): fixed address used by a mobile node.
The home address belongs to the home network and is in
general well known by the mobile node even if the
protocol described here supports home address allocation.
Home agent (HA): router on the home network which forwards
traffic at the destination of the home address to the
mobile node.
Mobile Node (MN): node using mobile IPv6 mechanisms.
Correspondent Node (CN)
A IPv6 host communicating with MN.
Network Access Identifier (NAI): [5] mobile user identifier
which is compatible with user_FQDN identities of IKE.
We assume NAI can be used to identify any entity involved
here even if some of them are nodes and not users.
Security Association (SA): a security connection which affords
security services to some traffic between peers.
This notion is shared between IPsec, ISAKMP and AAA
over different forms.
M. Kim, et al. Expires June, 2007 [Page 5]
�
Internet-Draft Local Authentication Scheme July 2006
Access Router (AR)
The MN's default router.
Handover
A process of terminating existing connectivity and
obtaining new IP connectivity.
Router Solicitation for Proxy Advertisement (RtSolPr)
A message from the MN to the PAR requesting information
for a potential handover.
Proxy Router Advertisement (PrRtAdv)
A message from the PAR to the MN that provides
information about neighboring links facilitating
expedited movement detection. The message also acts as a
trigger for network-initiated handover.
3. Authentication Overview on AAA Infrastructure
In order to deliver the authentication messages between networks,
many authentica-tion architectures are proposed for different
types of mobile networks. This draft adopts the Diameter-based
AAA architecture which is proposed by IETF for Mobile IP networks.
AAA infrastructure is composed of local AAA servers(AAAv), home AAA
serv-ers(AAAh), and proxy AAA servers(AAAp). An AAAv is an AAA server
that serves for the visiting MNs in a network domain for AAA
operations. An AAAh is an AAA server in the home network of MN.
AAAp relays the AAA messages between differ-ent AAA servers with
secure manner. Figure 1 shows the hierarchical deployment
architecture to provide a MN with secure authentication.
Taking into account that, IRTF defined a framework providing a
suitable support for these concepts known as AAA. Note that current
service providers have noticed about the importance of AAA
infrastructures to control their resources. In fact, the vast
majority of them have deployed these infrastructures for years
successfully. How-ever, these infrastructures are based on protocols
as RADIUS and TACACS+ that are considered as antiquated as they were
designed to support a specific kind of user and access technology,
e.g. dialup PPP user with fixed connection.
M. Kim, et al. Expires June, 2007 [Page 6]
�
Internet-Draft Local Authentication Scheme July 2006
Diameter is a lightweight, peer-based AAA protocol designed to offer
a scalable foundation for introducing a new policy and AAA service
over existing(PPP) and emerging(roaming, Mobile IP) network
technologies. Diameter employs many of the same mechanism as RADIUS,
including UDP transport, encoded attribute and value pairs(AVP) and
proxy server support. Also it attempts to correct limitations
inherent in RADIUS. Diameter supports a much larger AVP length and
incorporates a reliable, window-based transport. It realizes the full
authentication with less transaction of messages which is important
in roaming environment.[12]
To consider the efficiency and security with different mobility and
traffic patterns, we propose a local authentication scheme with SA
delegation, which can be imple-mented based on AAA (Diameter)
architecture.
M. Kim, et al. Expires June, 2007 [Page 7]
�
Internet-Draft Local Authentication Scheme July 2006
4. IEEE 802.16e Handover
Basically, the 3 steps are performed in completing Fast Handover
procedure, Background Activity,Handover Preparation and Handover
Execution. Serving BS(Base-station) advertises its presence to
MN in the first step where the MN scans the Serving BS by
referencing the information advertised from it. In the next step,
the handover preparation is initiated by MN or Serving BS as shown
in the figure x. After completing the steps, MN is reconnected to
Target BS and joins the 802.16e Network. After switching the link,
the MN synchronizes with the target BS and performs the 802.16e
network entry procedure. The MN may exchange the RNG-REQ/RSP,
SBC-REQ/RSP, PKM-REQ/RSP, REG-REQ/RSP messages with the target BS.
However, the messages exchanged between MN and Serving BS should
be authen-ticated prior to execute the handover steps since the BST
attacks can be installed be-tween them where an attacker mimics the
MN to Serving BS and vice versa. As ap-proved in Mobile IP, Diameter
protocol is appropriate for securing the messages.
Handover procedures over 802.16e are defined for both predictive mode
and reac-tive mode. Note that there is no need of IP mobility when
the target BS is under same subnet. Therefore FBU is sent
conditionally depending on whether the target BS is under different
subnet or not[4,7].
4.1. IEEE 802.16e Fast Handover in Predictive Mode
In this mode, Serving BS(PAR) advertises MOB_NBR_ADV message
periodically to announce its presence to the nodes in its
coverage. If the MN discovers the new neighbor BSs specified
in this message, it performs scanning for them. Then the MN tries
to resolve the new neighborĄŻs BSID to the associated AR by exchange
the RtSolPr and PrRtAdv messages with the PAR. In this time, the MN
initiates handover by sending MOB_MSHO_REQ to the Serving BS and
receives MOB_BSHO_RSP as the response from the PAR. Also, the Serving
BS can initiate handover by sending MOB_BSHO_REQ to the MN. Upon
receiving the MOB_BSHO_RSP or MOB_BSHO_REQ from the Serving BS,
layer2 notifies upper layer of the time the link goes down by
predefined trigger. This triggering initiates the layer3 fast
handover procedure where the MN exchanges FBU and FBack with the PAR.
The PAR estab-lishes the tunnel with NAR by exchanging HI/Hack
M. Kim, et al. Expires June, 2007 [Page 8]
�
Internet-Draft Local Authentication Scheme July 2006
messages[4] before sending FBack to the MN. During this procedure,
NAR verifies if NCoA is available or not. If FBack arrives before the
handover, MN sends MOB_HO_IND to complete the hand-over procedure as
defined in predictive mode. MN smoothly performs handover to the
target BS.
MN BS(PAR) BS#1(NAR) BS#2(NAR)
|| | | |
|| MOB_NBR_ADV(NB#,{NB_INFO}| | |
||<------------------------ | | |
|| MOB_SCN_RSP | | |
||------------------------->| | |
|| MOB_SCN_REQ | | |
||<-------------------------| | |
|| | | |
|| SCANNING | | |
|| | | |
|| RtSolPr | | |
||------------------------->| | |
|| PrRtAdv | | |
||<-------------------------| | |
|| Handover Preparation | | |
|| | | |
|| MOB_MNHO_REQ | | |
||------------------------->| | |
|| MOB_BSHO)RSP | | |
||<-------------------------| | |
|| FBU | HI | |
||------------------------->|------------------>| |
|| FBACK | HACK | |
||<-------------------------|<------------------| |
|| |--> Packets | |
|| MOB_MNHO_INO |------------------>| |
||------------------------->| | |
|| | | |
|| 802.16e Network Re-try | |
|| FNA | | |
||--------------------------------------------->| |
|| | STOP_FORWARDING | |
|| |<------------------| |
|| Packets | | |
||<-------------------------|-------------------||
|| | | |
Fig. 1. Fast handover message flow over 802.16e in predictive mode operation
M. Kim, et al. Expires June, 2007 [Page 9]
�
Internet-Draft Local Authentication Scheme July 2006
When the network entry is finished, the MN triggers the status to
layer2 to enable the link and issues FNA to the NAR. On receiving
the FNA from the MN, the NAR delivers the buffered packets to the
MN. After finishing this procedure, the layer2 of the MN informs
the upper layer that the status of the link about to transit to
active from down and the MN issues FNA embedding FBU to the NAR.
Upon receiving FNA, the NAR verifies the availability of the
requesting NCoA and forwards the inner FBU to the PAR. If the NAR
detects the NCoA is already in use, it discards the FBU and reply
with Router Advertisement with NAACK option to the MN. Otherwise,
it delivers the packets destined to NCoA to the MN.
M. Kim, et al. Expires June, 2007 [Page 10]
�
Internet-Draft Local Authentication Scheme July 2006
5 AAA-based Authentication Provision
MN starts FMIPv6 operation by sending FBU to PAR and finishes by
sending FNA to NAR after handover, after scanning the ARs.
5.1 Authentication Extension Flow
After scanning the APs, MN starts FMIPv6 operation by sending FBU to
PAR and finishes by sending FNA to NAR after handover.
MN BS(PAR) BS#1(NAR) HA
|| | | |
|| MOB_NBR_ADV(NB#,{NB_INFO}| | |
||<------------------------ | | |
|| MOB_SCN_RSP | | |
||------------------------->| | |
|| MOB_SCN_REQ | | |
||<-------------------------| | |
|| | | |
|| SCANNING | | |
|| | | |
|| RtSolPr | | |
||------------------------->| | |
|| PrRtAdv | | AAA(n) | AAA(n)
||<-------------------------| | | | |
|| Handover Preparation | | | | |
|| | | | | |
|| MOB_MNHO_REQ | | | | |
||------------------------->| | | | |
|| MOB_BSHO)RSP | | | | |
||<-------------------------| | | | |
|| FBU | HI | | | |
||------------------------->|------------------>| | | |
|| FBACK | HACK | | | |
||<-------------------------|<------------------| | | |
|| Authentication_req | | | | |
||------------------------->|------------------>| | | |
|| |--> Packets | | | |
|| MOB_MNHO_INO |------------------>| | | |
||------------------------->| | | | |
|| | | | | |
|| 802.16e Network Re-try | | | |
|| FNA | | | | |
||--------------------------------------------->| | | |
|| | STOP_FORWARDING | | | |
|| |<------------------| | | |
|| Packets | | | | |
||<-------------------------|-------------------| | | |
M. Kim, et al. Expires June, 2007 [Page 11]
�
Internet-Draft Local Authentication Scheme July 2006
Fig. 2. Proposed message flow enabling the layer-2,3 and home
registration progress to reduce the binding registration time
after completing predictive mode of FMIP operation over 802.16e
This scenario enables to obtain the FMIPv6 information to move by
scanning and joining before the handover is finished. This draft
proposes to eliminate the unessen-tial time after handover by
completing binding update at the same time with handover by
including the binding update into handover procedure to enhance
the performance and to reduce the possibility of DAD fails occurring
from moving to the NAR area with pre-configured NCoA by embedding the
duplication-free NCoA in the response message, HAck , when the NCoA
is sent to PAR within the FBU where in turn the message is forwarded
to NAR carried by HI. The EAPoL frame contains the security material,
address of HA, nonce to prevent the replay attack, secret value,
authenticator and home address.
6. Security Considerations
In this draft, AAA infrastrucure are secured by IPsec and TLS.
Hence, it is assumed that messages exchanging in AAA infrastructure
are secured. However, obviously a deep security review is needed.
7. Conclusions
Mobile IP is expected to support global roaming as it is built on IP
protocol inde-pendent with lower layer protocol. However, the design
rationale was to provide global roaming covering the wide range of
service by defining the movement detec-tion, IP configuration,
binding update and authentication that is not adequate for real-time
application moving across the multiple service areas. So, more
sophisticated mobility support of Mobile IP is required for next
wireless solutions, e.g. IEEE 802.16e, demanding the real-time
multimedia service.
In this draft, we present the enhanced handover scheme to reduce
the packet loss or latency by inter-working with layer-2,layer-3
handoff and home registration. Also, by deploying the AAA
authentication service into handover procedure, we can
accom-plish to generate local SA during the layer-2 and FMIP
handover. In addition, we can avoid the possibility of duplicated
address (nCoA) by defining the additional role of re-generating the
duplication-free nCoA in NAR. As the result, total processing time
including binding registration can be reduced as expected which
enables the real-time service with minimum latency or loss.
M. Kim, et al. Expires June, 2007 [Page 12]
�
Internet-Draft Local Authentication Scheme July 2006
he proposed scheme shows cost reduction each for Diameter and FMIP
about 35% and 27% respectively by comparing the cost ratio of
proposed scheme.
8. References
[1] D. Johnson, C. Perkins, J. Arkko, "Mobility Support in IPv6",
RFC3775, June 2004.
[2] Perkins, C.," Mobile IP and security issue: an overview," Internet
Technologies and Services, 1999. Proceedings. First IEEE/Popov
Workshop on, 1999 Pages:131 - 148.
[3] Lee DH, Kyamakya K and Umondi JP," Fast Handover Algorithm for
IEEE 802.16e Broad-band Wireless Access System," Wireless Pervasive
Computing, 2006 1st International Sym-posium on (2006), pp. 1-6.
[4] Chow, J. and Garcia, G. "Macro- and micro-mobility handoffs in
Mobile IP based MBWA networks," Global Telecommunications
Conference, 2004. GLOBECOM '04. IEEE Volume 6, 29 Nov.-3 Dec.
2004 Page(s):3921 - 3925 Vol.6
[5] K.R. Santhi and G. Senthil Kumararn, "Migration to 4G: Mobile
IP based Solutions", Pro-ceedings of the Advanced International
Conference on Telecommunications and Interna-tional Conference on
Internet and Web Applications and Services (AICT/ICIW), 2006.
[6] R. Jain, T. Raleigh, C. Graff and M. Bereschinsky, "Mobile Internet
Access and QoS Guar-antees using Mobile IP and RSVP with Location
Registers," in Proc. ICC'98 Conf., pp. 1690-1695, June 1998.
[7] Reen-Cheng Ric and Han-Chieh,".Mobile IPv6 and AAA Architecture
Based on WLAN," .Proceedings of the 2004 International Symposium
on Applications and the Inter-net Workshops(SAINTW'04),January 2004.
[8] Cappiello M, Floris A and Veltri L.,"Mobility amongst heterogeneous
networks with AAA support," In Proceedings of the IEEE
International Conference on Communications, ICC 2002, Vol. 4, 28
April-2 May 2002; 2064-2069.
[9] Yeali Sun, Yu-Chun Pan and Meng Chang Chen, "Fast and Secure
Universal Roaming Service for Mobile Internet," IEEE Globecom,
2005.
[10] Rajeev Koodli, Charles E. Perkins, "Fast Handovers and Context
Transfers in Mobile Net-works," ACM Computer Communication Review,
Vol. 31, No. 5, October, 2001.
M. Kim, et al. Expires June, 2007 [Page 13]
�
Internet-Draft Local Authentication Scheme July 2006
[11] R. Koodli et al, "Fast Handovers for Mobile IPv6," RFC4-68, July 2005.
[12] Rafael Marin Lopez, Gregorio Martinez Perez and Antonio F.
Gomez Skarmeta," Deploy-ment of AAA Infrastructures in IPv6
Networks," Proceedings of the 2005 Symposium on Applications and
the Internet Workshops (SAINT 2005 Workshops) - Volume 00,
Pages: 26 - 29, June, 2005.
[13] Wei Liang andWenye Wang, "A Local Authentication Control Scheme
Based on AAA Architecture in Wireless Networks,"," in Proc. of the
60th IEEE Vehicular Technology Con-ference (VTC04 Fall),
Los Angeles, September 2004.
9. Authors' Addresses
Miyoung Kim
Information and Media Technology Institute Research,
Soongsil University, #1-1 SangDo-5 Dong, DongJak-Gu,
Seoul, 156-743
Korea
Phone: +82-2-812-0689
Fax: +82-2-822-2236
E-mail: mizero31@sunny.soongsil.ac.kr
Youngsong Mun, Professor
Department of Computing, Soongsil University,
#1-1 SangDo-5 Dong, DongJak-Gu,
Seoul, 156-743
Korea
Phone: +82-2-820-0676
Fax: +82-2-822-2236
E-mail: mun@computing.ssu.ac.kr
Jaehoon Nah
Network Security Department, ETRI
#161 Gajeong-Dong Yuseong-Gu Daejeon,
seoul, 305-350
KOREA
Phone: +82-42-860-6749
Fax: +82-42-860-5611
E-mail: jhnah@etri.re.kr
Seungwon Sohn
Network Security Department, ETRI
#161 Gajeong-Dong Yuseong-Gu Daejeon,
seoul, 305-350
KOREA
Phone: +82-42-860-5072
Fax: +82-42-860-5611
E-mail: swsohn@etri.re.kr
M. Kim, et al. Expires June, 2007 [Page 14]
�
Internet-Draft Local Authentication Scheme July 2006
Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the IETF's procedures with respect to rights in IETF Documents can
be found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
The IETF has been notified of intellectual property rights claimed in
regard to some or all of the specification contained in this
document. For more information consult the online list of claimed
rights.
M. Kim, et al. Expires June, 2007 [Page 15]
�
Internet-Draft Local Authentication Scheme July 2006
Disclaimer of Validity
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement
Copyright (C) The Internet Society (2006). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
M. Kim, et al. Expires June, 2007 [Page 16]