Internet DRAFT - draft-merrells-use-cases
draft-merrells-use-cases
Network Working Group J. Merrells
Internet-Draft Sxip Identity
Expires: November 2, 2006 May 2006
Digital Identity Exchange - Use Cases
draft-merrells-use-cases-02.txt
Status of this Memo
By submitting this Internet-Draft, each author represents that any
applicable patent or other IPR claims of which he or she is aware
have been or will be disclosed, and any of which he or she becomes
aware will be disclosed, in accordance with Section 6 of BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt.
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html.
This Internet-Draft will expire on November 2, 2006.
Copyright Notice
Copyright (C) The Internet Society (2006).
Abstract
This document describes the motivating use cases for DIX, the Digital
Identity Exchange protocol.
Merrells Expires November 2, 2006 [Page 1]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
Table of Contents
1. Requirements notation . . . . . . . . . . . . . . . . . . . . 4
2. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 5
3. Goals . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
4. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 7
5. Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
6. Browser Based Use Cases . . . . . . . . . . . . . . . . . . . 9
6.1. B1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
6.2. B2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
6.3. B3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
6.4. B4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
6.5. B5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9
6.6. B6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
6.7. B7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
6.8. B8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
6.9. B9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
6.10. B10 . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
6.11. B11 . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
6.12. B12 . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
6.13. B13 . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
6.14. B14 . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
6.15. B15 . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
6.16. B16 . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
6.17. B17 . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
6.18. B18 . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
6.19. B19 . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
6.20. B20 . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
6.21. B22 . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
6.22. B23 . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
7. Assertion Use Cases . . . . . . . . . . . . . . . . . . . . . 14
7.1. A1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
7.2. A2 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
7.3. A3 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
7.4. A4 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
7.5. A5 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
7.6. A6 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
7.7. A7 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
7.8. A8 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
7.9. A9 . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
7.10. A10 . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
7.11. A11 . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
7.12. A12 . . . . . . . . . . . . . . . . . . . . . . . . . . . 15
7.13. A13 . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
7.14. A14 . . . . . . . . . . . . . . . . . . . . . . . . . . . 16
8. Non Browser Based Use Cases . . . . . . . . . . . . . . . . . 17
8.1. NB1 - REST . . . . . . . . . . . . . . . . . . . . . . . . 17
8.2. NB2 . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Merrells Expires November 2, 2006 [Page 2]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
8.3. NB3 - WebDAV . . . . . . . . . . . . . . . . . . . . . . . 17
8.4. NB4 - AtomPub . . . . . . . . . . . . . . . . . . . . . . 17
8.5. NB5 - XCAP and SIMPLE . . . . . . . . . . . . . . . . . . 17
8.6. NB6 - CalDAV . . . . . . . . . . . . . . . . . . . . . . . 18
8.7. NB7 - IMAP/POP3 and CalDAV . . . . . . . . . . . . . . . . 18
8.8. NB8 - RSS, Web, and CalDAV . . . . . . . . . . . . . . . . 18
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 19
10. Security Considerations . . . . . . . . . . . . . . . . . . . 20
11. References . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 21
Intellectual Property and Copyright Statements . . . . . . . . . . 22
Merrells Expires November 2, 2006 [Page 3]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
1. Requirements notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119].
Merrells Expires November 2, 2006 [Page 4]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
2. Introduction
The use cases below describe various scenarios for the Digital
Identity Exchnage (DIX) protocol [dmd1].
Merrells Expires November 2, 2006 [Page 5]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
3. Goals
The goals of the protocol are:
Identity Information Exchange:
The primary goal of any DIX protocol is to automate the exchange
of Identity Information over the Internet.
Ease of Adoption:
Any DIX protocol must provide the lowest possible barriers to
adoption to ensure wide-spread usage of the protocol.
Internet Scale:
Any DIX protocol must provide an Internet scale solution to
identity information exchange.
Privacy:
Any DIX protocol must ensure that all aspects of user privacy can
be maintained.
Merrells Expires November 2, 2006 [Page 6]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
4. Definitions
The following terms and their definitions are drawn from the lexicon
of 'The Identity gang', a community of thought leaders in the user-
centric digital identity space. [identitygang].
Digital Identity - The transmission of digital representation of a
set of Claims made by one Party about itself or another Digital
Subject, to one or more other Parties.
Identity Agent - An agent acting on behalf of the user.
Identifier - An identifying attribute for a set of attributes.
Identity Data / Identity Information - A set of attributes.
Merrells Expires November 2, 2006 [Page 7]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
5. Overview
[TODO - JM - Insert some introductory text that describes user-
centric digital identity.]
Merrells Expires November 2, 2006 [Page 8]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
6. Browser Based Use Cases
Some use cases are dependent upon others, so should be perused in
order. Beth is our protagonist throughout; a typical Internet user,
but she's a bit of a geek. Her friend Adam also appears. A less
sophisticated Internet user and a bit of a dubious character. These
use cases motivate a HTTP binding for a DIX protocol.
6.1. B1
Beth receives an email from a friend introducing her to a new
website, geeknews.com, a techie news site. She wishes to sign up so
that she can read some articles. She sees an IN button, which she
clicks. Her identity agent displays a screen informing her that
geeknews.com is requesting some data, her first name. She enters
'Beth' at the prompt, provides consent and the data is sent to the
site.
6.2. B2
Beth browses to geekdate.com, she clicks an IN button. Her identity
agent informs her that geekdate.com is requesting some data, her
first name. Her agent already has this data. She provides consent
and the data is sent to the site.
6.3. B3
Beth decides to create a profile at geekdate.com. She sees an IN
button, which she clicks. Her identity agent displays a screen
informing her that geekdate.com is requesting some data, an
identifier. She provides consent and the identifier and identifier
verification data is sent to the site. Geekdate.com uses the
verification data to verify that Beth owns the identifier her agent
provided.
6.4. B4
Beth decides to create a new profile at geekdate.com. She sees an IN
button, which she clicks. Her identity agent displays a screen
informing her that geekdate.com is requesting some data, an
Identifier. She instructs her identity agent to create an identifier
specific to her relationship with geekdate.com. She provides consent
and the data is sent to the site.
6.5. B5
Beth decides to flesh out her profile at geekdate.com. Geekdate.com
displays a registration form. One field requests a URL of a photo of
Merrells Expires November 2, 2006 [Page 9]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
her. Beside it is a SAVE button. She enters the URL and clicks the
button. Her identity agent displays a screen informing her that this
data item can be stored. She decides that she wants to be able to
provide that data to other sites. She provides consent and the data
is stored by her agent.
6.6. B6
Geeknews.com offers Beth the option to build up a readership
preferences profile over time, the benefit being that the site will
tailor its content to her interests. She decides to take up the
offer, she sees an IN button, which she clicks. Her identity agent
informs her that geeknews.com is requesting some data, an Identifier.
She selects an existing identifier, which she chooses to use for a
subset of the sites she has a relationship with. She provides
consent and the data is sent to the site.
6.7. B7
Beth wants to have multiple identifiers, for different aspects of
herself, her personas. She wants to have a 'home' persona for
identity data that she releases to her personal sites, such as
geeknews.com. She wants to have a separate 'work' persona for
identity data that she releases to work-related sites, such as
helpdesk.com. She wants some of her identity data to be the same for
her different personas, and other data to be different.
6.8. B8
[Assumptions: Beth has visited geeknews and geekdate before and has
informed her identity agent that she consents to a relationship with
them.] Beth starts her day with a strong coffee and a perusal of
geeknews.com. She starts her computer and authenticates herself to
the operating system. By that authentication mechanism she has also
authenticated herself to her identity agent, as her vendor of that
system has hooked it into the operating system's authentication
system. She browses to geeknews.com and clicks the IN button and is
directly shown the content, no further clicks. She then browses to
geekdate.com, she clicks the IN button and is directly presented with
her profile no further clicks.
6.9. B9
Beth's identity agent prompts her to provide a 'spoken name'. Using
the multimedia capabilities of her computer she records her spoken
name; an mp3 of her saying 'Beth'. She later browses to
voicebox.com, which runs a voicemail service, she opts to create an
account and the site requests some properties, amongst which is a
Merrells Expires November 2, 2006 [Page 10]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
request for her spoken name. She provides consent and the data is
sent to the site.
6.10. B10
Beth purchases a book from an online store, as she's checking out the
store makes her an offer: 10% off for completion of a demographic
survey. She's tempted, but how many data fields are there? One
hundred! Too many to be worth the effort. But it happens to be
commonly requested data, which her identity agent has already
gathered during previous exchanges with other sites. So, she
completes the remaining fields, provides consent and all the data is
sent to the site.
6.11. B11
Beth has invested significant effort in building up a persona and
reputation around a specific identifier, her 'home' identifier. But,
she has become dissatisfied with her identity agent and so decides to
switch vendors. She establishes a new agent and migrates her
identity data from the old one to the new one. She then changes the
delegation of authority for her identifier from her old identity
agent to her new identity agent for authentication and provision of
identity data.
6.12. B12
Whilst in town Beth stops off at an Internet Cafe to check her email.
She goes to her webmail account, which requires that she identity
herself. Her Identity Agent prompts her for consent and provides her
identifier so that she can gain access to her email.
6.13. B13
Beth visits a website to purchase some books. The site requests some
identity information, her shipping address. Her Identity Agent warns
her that satisfying the request would contravene her established
privacy policy. The website wishes to pass her address to affiliated
companies so that they may send her valuable promotional offers, but
Beth has a privacy policy that not allow unsolicited mail to be sent
to her shipping address.
6.14. B14
Beth moves house, so she changes the home address information stored
by her Identity Agent. Her Identity Agent offers to notify all
relying parties to whom she has previously provided her home address.
Merrells Expires November 2, 2006 [Page 11]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
6.15. B15
Beth leaves work and goes to the bus stop. Whilst waiting for the
next bus home she uses her smart phone to browse geeknews.com. Her
Identity Agent provides her with the same ease of browsing that she
experiences on her work and home computers.
6.16. B16
Beth is ending her day at work. She leaves work and waits for the
next bus home. Her friend calls and invites her to the movies. She
uses her phone to browse to the movies.com to find out what's
playing. The site requests her current location, which she consents
to release via her Identity Agent.
6.17. B17
Beth signs up with a financial services site, BigPicture.com, which
provides an aggregate view of her finances. To provide its service
BigPicture.com requires access to her existing bank accounts. Beth
wishes to securely provide agency rights to BigPicture.com, so she
acquires the appropriate access tokens from her existing bank account
providers and stores them with her Identity Agent. She then presents
the access tokens to BigPicture.com so that it can access her account
data.
6.18. B18
Beth goes to an auction side, ibay.com. Her Identity Agent shows a
signed graphic of ibay.com for releasing data. Beth knows that she's
dealing with ibay.com, and not an impostor.
6.19. B19
Adam decides to create a profile at geekdate.com. geekdate.com
requests an Identifier. He instructs his identity agent to create an
identifier specific to his relationship with geekdate.com.
6.20. B20
Adam heavily frequents two gambling sites, casino.com and
betting.com. He uses the same identifier across both sites as he
wants them to know he is the same person.
6.21. B22
Beth has many computing devices in her life, running different
operating systems and different application software. She makes her
Merrells Expires November 2, 2006 [Page 12]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
own choices about her own computing environment, but she has little
choice when the software is bundled by the device manufacturer or at
work where she is subject to her employer's policies. As a
consequence she has multiple identity agents managing her 'work'
persona; both on her office computer and her work mobile phone.
6.22. B23
Adam's computing environment is somewhat simpler, with both his
'gambling' and 'church' personas managed by his identity agent on his
home computer.
Merrells Expires November 2, 2006 [Page 13]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
7. Assertion Use Cases
These use cases motivate the need for third-party attested attribute
value assertions, referred to in the following as 'claims'.
7.1. A1
Beth is a frequent traveler on Galactic Air, whose site offers a
claim of membership for use at affiliate sites. She acquires a
membership claim, which her Identity Agent stores for her.
7.2. A2
Beth visits a Galactic Air affiliate site that provides discounted
travel insurance for frequent travelers. She presents her Galactic
Air membership claim from her Identity Agent and receives a discount.
7.3. A3
Beth visits a rental cars site. She opts out of the offered drivers
insurance as she is covered by her travel insurance. To complete the
booking the site requests a claim that she has valid insurance. Her
identity agent is unable to satisfy the request so provides a list of
suggested sources. Beth picks her insurance provider and her
identity agent acquires the required claim and with her consent
presents it to the rental car site.
7.4. A4
A couple of months later Beth books another trip. The travel site
requests her claim of Galactic Air membership. Her identity agent
finds that the claim has expired, so refreshes it by requesting an
updated claim from galacticair.com.
7.5. A5
When she visits onlinebank.com, she clicks IN. Her Identity Agent is
informed by the online back that a strong authentication mechanism is
required, and is provided with a list of acceptable mechanisms,
including two-factor authentication. Beth�s Identity Agent
authenticates Beth using a two-factor device. The data that is sent
to the online bank includes a claim from the vendor of the two-factor
device, confirming that Beth was authenticated with a two-factor
device.
7.6. A6
Adam uses a service to acquire a verified email claim. With it he
Merrells Expires November 2, 2006 [Page 14]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
can prove that he owns his email address, Adam@example.com, without
having to go through a verification process.
7.7. A7
Beth gives her friend, Adam@example.com, access to her photos. Adam
receives an email from Beth inviting him to view her photos. He goes
to the site, which requests a verified email claim. He presents his
claim and gains access to the photos Beth has published for him.
7.8. A8
Adam visits a site that requires that he prove he is over 21. He
provides the site with a claim that he is over 21, issues by the
government of his country of residence, gov.ca. The claim contains
no other information about Adam and the site is unable to use the
claim to discover more information about Adam.
7.9. A9
Adam returns to the same site. He must again prove that he is over
21. He provides a claim, but the site cannot tell that it is Adam
that has returned again to the site.
7.10. A10
Beth provides a claim from galacticair.com to many different
websites. She wants all of the sites to know that she is the same
person providing the claim, so she can receive a free flight at the
end of the year.
7.11. A11
Beth's employer has partnered with a local university to provide it's
staff with access to online courses. She signs up for some modules
at the university admissions website acquiring an enrollment claim.
She then browses to the computer science school website to sign up
for an advanced programming course. The site requests claims that
she is an employee, that she has previously completed some basic
introductory modules, and that she has been enrolled.
7.12. A12
Beth is shopping online for a new laptop computer. She visits an
online site that caters to recently graduated professionals. She
selects a machine and investigates the lease options available. To
work out the monthly payment the site requests some claims: A claim
that she's an alumni of a university, so that the site can include an
Merrells Expires November 2, 2006 [Page 15]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
appropriately branded tote bag. A claim that she's a member of
Galactic Air, so that she can be credited with airmiles for her
purchase. And, a claim from a credit scoring agency that she has a
'good' credit rating.
7.13. A13
Beth is at home checking her work email, she has an email from a
colleague assigning a customer support issue to her. The company
help desk system is provided by helpdesk.com, an on-demand
application provider. She clicks through a link in the email to the
page that describes the issue. Helpdesk.com requests a claim that
Beth is an employee of 'Nano Software Inc', which she provides from
her Identity Agent, and she gains access to the page.
7.14. A14
Beth is shopping online at a site for a college text book. The site
offers a discount to students, so requests an appropriate claim.
With Beth's consent her Identity Agent acquires an enrollment claim
from her university. The university issues the claim, but signs it
as a parent authority, which represents all universities in the
region. The Identity Agent, with Beth's consent, presents the claim
to the site, which can now verify that Beth is a student, but can not
determine which university she is a student of.
Merrells Expires November 2, 2006 [Page 16]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
8. Non Browser Based Use Cases
These use cases motivate alternative protocol bindings for a DIX
protocol.
8.1. NB1 - REST
Beth wants to use QOPO.com for printing her pictures that are stored
in flackr. She visits QOPO.com and her identity agent is instructed
to acquire a token from flackr. Her Identity Agent retrieves the
token from flackr and presents it to QOPO.com. QOPO.com passes the
token over the REST based web service that flackr provides to
retrieve her photos for printing.
8.2. NB2
Beth is a big fan of Rocky Gervas and listens to his podcast
fanatically. The Rocky Gervas show recently started charging a small
fee for the podcast. Her media player polls the podcast
periodically. When polled the site requests a claim from Beth's
Identity Agent asserting that Beth has paid for the podcast. Beth's
Identity Agent retrieves the claim presents it to the site and the
latest episode of The Rocky Gervas show is downloaded.
8.3. NB3 - WebDAV
At work Beth uses her website editing software (a WebDAV client) to
publish some company confidential content to their extranet. Beth is
collaborating with Charles at another company, who requires access to
the content. Beth configures the extranet to allow Charles access.
Charles uses his website editing software (also a WebDAV client) to
fetch the content. The extranet site requests identity information,
which his client presents from his Identity agent, and he is able to
edit the content.
8.4. NB4 - AtomPub
Beth uses a blogging client (AtomPub) to both post content to her
blog and to add comments on other people's blog postings. Her client
uses her identity agent to associate identifying information (her
blog url and favicon) with her comments.
8.5. NB5 - XCAP and SIMPLE
Beth uses her instant messaging client (a SIMPLE client) to
communicate with her friends. She uses her client to update her
profile information (via XCAP), adding a new friend. Her client
didn't need to authenticate to her XCAP server, as she had already
Merrells Expires November 2, 2006 [Page 17]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
authenticated herself to her identity agent.
8.6. NB6 - CalDAV
Beth needs to arrange a conference call with Charles. She uses her
calendaring software (a CalDAV client) to publish her free-busy time
to Charles. Charles uses his calendaring software (also a CalDAV
client) to fetch Beth's free-busy time. Beth's calendar publisher
requests some identity information of Charle's client. It's provided
from his identity agent and he is able to book a time for the call.
8.7. NB7 - IMAP/POP3 and CalDAV
At work Beth uses both calendaring (CalDAV) and email
(IMAP,POP3,SMTP) clients to manage her time and messages. Her
identity agent authenticates her as owning the identifier that both
clients use to identify her. In this way she need only authenticate
once to her identity agent instead of twice, once to each client.
8.8. NB8 - RSS, Web, and CalDAV
Beth works in a distributed workgroup collaborating with colleagues,
individual contractors, and employees of partner companies. The
calendaring information she has access to is available via CalDAV,
RSS, and HTTP/HTML. Each of her software clients uses her identity
agent to ensure she need only authenticate once, instead of once per
client.
Merrells Expires November 2, 2006 [Page 18]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
9. Acknowledgements
The editor acknowledges the use case contributions made by Dick
Hardt, Robert Yates, Lisa Dusseault, and Laurie Rae.
And also the comments provided by Jeffrey Altman, Cat Okita, and Jim
Sermershiem.
Merrells Expires November 2, 2006 [Page 19]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
10. Security Considerations
None.
11. References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[dmd1] Merrells, J., "draft-merrells-dix-01.txt", March 2006.
[identitygang]
The Identity Gang, "http://identitygang.org/Lexicon",
March 2006.
Merrells Expires November 2, 2006 [Page 20]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
Author's Address
John Merrells
Sxip Identity
798 Beatty Street
Vancouver, BC V6B 2M1
Canada
Email: merrells@sxip.com
URI: http://sxip.com/
Merrells Expires November 2, 2006 [Page 21]
�
Internet-Draft Digital Identity Exchange - Use Cases May 2006
Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at
ietf-ipr@ietf.org.
Disclaimer of Validity
This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Copyright Statement
Copyright (C) The Internet Society (2006). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Acknowledgment
Funding for the RFC Editor function is currently provided by the
Internet Society.
Merrells Expires November 2, 2006 [Page 22]
�
