[要約] RFC 4673は、RADIUSダイナミック認証サーバMIBに関する標準仕様です。このRFCの目的は、RADIUSサーバのダイナミック認証に関連する情報を管理するためのMIBオブジェクトを定義することです。
Network Working Group S. De Cnodder Request for Comments: 4673 Alcatel Category: Informational N. Jonnala M. Chiba Cisco Systems, Inc. September 2006
RADIUS Dynamic Authorization Server MIB
RADIUS Dynamic Authorization Server MIB
Status of This Memo
本文書の位置付け
This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.
このメモは、インターネットコミュニティに情報を提供します。いかなる種類のインターネット標準を指定しません。このメモの配布は無制限です。
Copyright Notice
著作権表示
Copyright (C) The Internet Society (2006).
Copyright(c)The Internet Society(2006)。
Abstract
概要
This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. In particular, it describes the Remote Authentication Dial-In User Service (RADIUS) (RFC 2865) Dynamic Authorization Server (DAS) functions that support the dynamic authorization extensions as defined in RFC 3576.
このメモは、インターネットコミュニティのネットワーク管理プロトコルで使用するための管理情報ベース(MIB)の一部を定義します。特に、RFC 3576で定義されている動的承認拡張機能をサポートする動的認証サーバー(DAS)関数のリモート認証ダイヤルインユーザーサービス(RADIUS)(RFC 2865)機能について説明します。
Table of Contents
目次
1. Introduction ....................................................2 1.1. Requirements Notation ......................................2 1.2. Terminology ................................................2 2. The Internet-Standard Management Framework ......................2 3. Overview ........................................................3 4. RADIUS Dynamic Authorization Server MIB Definitions .............5 5. Security Considerations ........................................20 6. IANA Considerations ............................................21 7. Acknowledgements ...............................................21 8. References .....................................................21 8.1. Normative References ......................................21 8.2. Informative References ....................................22
This memo defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community. It is becoming increasingly important to support Dynamic Authorization extensions on the network access server (NAS) devices to handle the Disconnect and Change-of-Authorization (CoA) messages as described in [RFC3576]. As a result, the effective management of RADIUS Dynamic Authorization entities is of considerable importance. This RADIUS Dynamic Authorization Server (DAS) MIB complements the managed objects used for managing RADIUS authentication and accounting clients as described in [RFC4668] and [RFC4670], respectively.
このメモは、インターネットコミュニティのネットワーク管理プロトコルで使用するための管理情報ベース(MIB)の一部を定義します。[RFC3576]に記載されているように、切断と承認の変更(COA)メッセージを処理するために、ネットワークアクセスサーバー(NAS)デバイスの動的な認証拡張機能をサポートすることがますます重要になっています。その結果、半径の動的認証エンティティの効果的な管理はかなり重要です。このRADIUS Dynamic Authorization Server(DAS)MIBは、それぞれ[RFC4668]および[RFC4670]で説明されているように、RADIUS認証と会計クライアントの管理に使用される管理オブジェクトを補完します。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
「必須」、「そうしない」、「必須」、「shall」、「shall "、" ingle "、" should "、" not "、" becommended "、" bay "、および「optional」は、[RFC2119]に記載されているように解釈される。
Dynamic Authorization Server (DAS)
動的認証サーバー(DAS)
The component that resides on the NAS that processes the Disconnect and Change-of-Authorization (CoA) Request packets [RFC3576] sent by the Dynamic Authorization Client.
Dynamic Authorizationクライアントによって送信された切断と承認の変更(COA)要求パケット[RFC3576]を処理するNASに存在するコンポーネント。
Dynamic Authorization Client (DAC)
ダイナミック認証クライアント(DAC)
The component that sends Disconnect and CoA-Request packets to the Dynamic Authorization Server. Although this component often resides on the RADIUS server, it is also possible for it to be located on a separate host, such as a Rating Engine.
切断パケットとCoA-Requestパケットを動的認証サーバーに送信するコンポーネント。このコンポーネントはしばしばRADIUSサーバーに存在しますが、評価エンジンなどの別のホストに配置することも可能です。
Dynamic Authorization Server Port
動的認証サーバーポート
The UDP port on which the Dynamic Authorization Server listens for the Disconnect and CoA requests sent by the Dynamic Authorization Client.
Dynamic Authorizationクライアントから送信された切断およびCOAリクエストの動的認証サーバーが耳を傾けるUDPポート。
For a detailed overview of the documents that describe the current Internet-Standard Management Framework, please refer to section 7 of [RFC3410].
現在のインターネット標準管理フレームワークを説明するドキュメントの詳細な概要については、[RFC3410]のセクション7を参照してください。
Managed objects are accessed via a virtual information store, termed the Management Information Base, or MIB. MIB objects are generally accessed through the Simple Network Management Protocol (SNMP). Objects in the MIB are defined using the mechanisms defined in the Structure of Management Information (SMI). This memo specifies a MIB module that is compliant to the SMIv2, which is described in STD 58, RFC 2578 [RFC2578], STD 58, RFC 2579 [RFC2579], and STD 58, RFC 2580 [RFC2580].
管理されたオブジェクトは、管理情報ベース、またはMIBと呼ばれる仮想情報ストアを介してアクセスされます。MIBオブジェクトは通常、単純なネットワーク管理プロトコル(SNMP)からアクセスされます。MIBのオブジェクトは、管理情報の構造(SMI)で定義されたメカニズムを使用して定義されます。このメモは、STD 58、RFC 2578 [RFC2578]、STD 58、RFC 2579 [RFC2579]、およびSTD 58、RFC 2580 [RFC2580]に記載されているSMIV2に準拠したMIBモジュールを指定します。
"Dynamic Authorization Extensions to RADIUS" [RFC3576] defines the operation of Disconnect-Request, Disconnect-ACK, Disconnect-NAK, CoA-Request, CoA-ACK, and CoA-NAK packets. Typically, NAS devices implement the DAS function, and thus would be expected to implement the RADIUS Dynamic Authorization Server MIB, whereas DACs implement the client function and thus would be expected to implement the RADIUS Dynamic Authorization Client MIB.
「Dynamic Authorization Extensions to RADIUS」[RFC3576]は、切断、切断、切断、COA-Request、COA-ACK、およびCOA-NAKパケットの操作を定義します。通常、NASデバイスはDAS関数を実装するため、DACSがクライアント機能を実装するのに対し、RADIUS動的認証サーバーMIBを実装するため、RADIUS動的認証クライアントMIBを実装することが期待されます。
However, it is possible for a RADIUS Dynamic Authorization entity to perform both client and server functions. For example, a RADIUS proxy may act as a DAS to one or more DACs while simultaneously acting as a DAC to one or more DASs. In such situations, it is expected that RADIUS entities combining client and server functionality will support both the client and server MIBs.
ただし、RADIUSの動的認証エンティティがクライアント機能とサーバー機能の両方を実行することが可能です。たとえば、RADIUSプロキシは、1つ以上のDACのDASとして機能し、同時にDACとして1つ以上のDASSとして機能します。このような状況では、クライアントとサーバーの機能を組み合わせたRADIUSエンティティがクライアントとサーバーMIBの両方をサポートすることが期待されています。
This memo describes the MIB for Dynamic Authorization Servers and relates to the following documents as follows:
このメモは、動的認証サーバーのMIBについて説明し、次のドキュメントに関連しています。
[RFC4668] describes the MIB for a RADIUS Auth Client MIB.
[RFC4668]は、半径認証クライアントMIBのMIBを説明しています。
[RFC4669] describes the MIB for a RADIUS Auth Server MIB.
[RFC4669]は、RADIUS AUTH SERVER MIBのMIBを説明しています。
[RFC4670] describes the MIB for a RADIUS Acct Client MIB.
[RFC4670]は、半径ACCTクライアントMIBのMIBを説明しています。
[RFC4671] describes the MIB for a RADIUS Acct Server MIB.
[RFC4671]は、半径ACCTサーバーMIBのMIBを説明しています。
[RFC4672] describes the MIB for a RADIUS Dynamic Auth Client.
[RFC4672]は、半径動的認証クライアントのMIBを説明しています。
A NAS typically implements the MIBs for a RADIUS Authentication Client, a RADIUS accounting client, and a RADIUS Dynamic Authorization Server. However, any one MIB can be implemented without implementing any of the other MIBs; i.e., the MIBs have no dependencies on each other. A typical case would be for a device to implement the MIBs RADIUS authentication server, RADIUS accounting server, and RADIUS Dynamic Authorization Client. A RADIUS proxy might implement any, all, or a subset of the MIBs listed above and the MIB as defined in this document.
NASは通常、RADIUS認証クライアント、RADIUSアカウンティングクライアント、およびRADIUS動的認証サーバーのMIBSを実装します。ただし、他のMIBを実装せずに1つのMIBを実装できます。つまり、MIBSには互いに依存関係がありません。典型的なケースは、デバイスがMIBS RADIUS認証サーバー、RADIUSアカウンティングサーバー、RADIUS動的認証クライアントを実装することです。RADIUSプロキシは、上記のMIBSのサブセット、およびこのドキュメントで定義されているMIBのサブセットを実装する場合があります。
+---------------+ +---------------+ User 1----| | Disconnect-Request | | | Dynamic | CoA-Request | Dynamic | User 2----| Authorization |<---------------------| Authorization | | Server |--------------------->| Client | User 3----| (DAS) | Disconnect-Ack | (DAC) | | | Disconnect-NAK | | +---------------+ CoA-Ack/CoA-NAK +---------------+
Figure 1. Mapping of clients and servers
図1.クライアントとサーバーのマッピング
This MIB module for the Dynamic Authorization Server contains the following:
動的認証サーバーのこのMIBモジュールには、以下が含まれています。
1. Three scalar objects.
1. 3つのスカラーオブジェクト。
2. One Dynamic Authorization Client Table. This table contains one row for each DAC with which the DAS shares a secret.
2. 1つの動的認証クライアントテーブル。このテーブルには、DASが秘密を共有する各DACの1つの行が含まれています。
RADIUS-DYNAUTH-SERVER-MIB DEFINITIONS ::= BEGIN
IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Counter32, Integer32, mib-2, TimeTicks FROM SNMPv2-SMI -- [RFC2578] SnmpAdminString FROM SNMP-FRAMEWORK-MIB -- [RFC3411] InetAddressType, InetAddress FROM INET-ADDRESS-MIB -- [RFC4001] MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF; -- [RFC2580]
radiusDynAuthServerMIB MODULE-IDENTITY LAST-UPDATED "200608290000Z" -- 29 August 2006 ORGANIZATION "IETF RADEXT Working Group" CONTACT-INFO " Stefaan De Cnodder Alcatel Francis Wellesplein 1 B-2018 Antwerp Belgium
Radiusdynauthservermibモジュールのアイデンティティ最終処分「200608290000Z " - 2006年8月29日組織「IETF Radextワーキンググループ」ワーキンググループ" Contact-info "Stefaan de Cnodder Francis Wellesplein 1 B-2018 Antwerp Belgium
Phone: +32 3 240 85 15 EMail: stefaan.de_cnodder@alcatel.be
Nagi Reddy Jonnala Cisco Systems, Inc. Divyasree Chambers, B Wing, O'Shaugnessy Road, Bangalore-560027, India.
Nagi Reddy Jonnala Cisco Systems、Inc。Divyasree Chambers、B Wing、O'Shaugnessy Road、Bangalore-560027、インド。
Phone: +91 94487 60828 EMail: njonnala@cisco.com
Murtaza Chiba Cisco Systems, Inc. 170 West Tasman Dr. San Jose CA, 95134
Murtaza Chiba Cisco Systems、Inc。170 West Tasman Dr. San Jose CA、95134
Phone: +1 408 525 7198 EMail: mchiba@cisco.com " DESCRIPTION "The MIB module for entities implementing the server side of the Dynamic Authorization Extensions to the Remote Authentication Dial-In User Service (RADIUS) protocol. Copyright (C) The Internet Society (2006).
電話:1 408 525 7198メール:mchiba@cisco.com "説明"ダイナミック認証拡張機能のサーバー側をリモート認証ダイヤルインユーザーサービス(RADIUS)プロトコルに実装するエンティティのMIBモジュール。Copyright(c)The Internet Society(2006)。
Initial version as published in RFC 4673; for full legal notices see the RFC itself."
RFC 4673で公開されている初期バージョン。完全な法的通知については、RFC自体を参照してください。」
REVISION "200608290000Z" -- 29 August 2006 DESCRIPTION "Initial version as published in RFC 4673." ::= { mib-2 146 }
radiusDynAuthServerMIBObjects OBJECT IDENTIFIER ::= { radiusDynAuthServerMIB 1 }
radiusDynAuthServerScalars OBJECT IDENTIFIER ::= { radiusDynAuthServerMIBObjects 1 }
radiusDynAuthServerDisconInvalidClientAddresses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of Disconnect-Request packets received from unknown addresses. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." ::= { radiusDynAuthServerScalars 1 }
radiusDynAuthServerCoAInvalidClientAddresses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of CoA-Request packets received from unknown addresses. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." ::= { radiusDynAuthServerScalars 2 }
radiusDynAuthServerIdentifier OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-only STATUS current DESCRIPTION "The NAS-Identifier of the RADIUS Dynamic Authorization Server. This is not necessarily the same as sysName in MIB II." REFERENCE "RFC 2865, Section 5.32, NAS-Identifier." ::= { radiusDynAuthServerScalars 3 }
radiusDynAuthClientTable OBJECT-TYPE SYNTAX SEQUENCE OF RadiusDynAuthClientEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The (conceptual) table listing the RADIUS Dynamic Authorization Clients with which the server shares a secret." ::= { radiusDynAuthServerMIBObjects 2 }
radiusDynAuthClientEntry OBJECT-TYPE SYNTAX RadiusDynAuthClientEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) representing one Dynamic Authorization Client with which the server shares a secret." INDEX { radiusDynAuthClientIndex } ::= { radiusDynAuthClientTable 1 }
RadiusDynAuthClientEntry ::= SEQUENCE { radiusDynAuthClientIndex Integer32, radiusDynAuthClientAddressType InetAddressType, radiusDynAuthClientAddress InetAddress, radiusDynAuthServDisconRequests Counter32, radiusDynAuthServDisconAuthOnlyRequests Counter32, radiusDynAuthServDupDisconRequests Counter32, radiusDynAuthServDisconAcks Counter32, radiusDynAuthServDisconNaks Counter32, radiusDynAuthServDisconNakAuthOnlyRequests Counter32, radiusDynAuthServDisconNakSessNoContext Counter32, radiusDynAuthServDisconUserSessRemoved Counter32, radiusDynAuthServMalformedDisconRequests Counter32, radiusDynAuthServDisconBadAuthenticators Counter32, radiusDynAuthServDisconPacketsDropped Counter32, radiusDynAuthServCoARequests Counter32, radiusDynAuthServCoAAuthOnlyRequests Counter32, radiusDynAuthServDupCoARequests Counter32, radiusDynAuthServCoAAcks Counter32, radiusDynAuthServCoANaks Counter32, radiusDynAuthServCoANakAuthOnlyRequests Counter32, radiusDynAuthServCoANakSessNoContext Counter32, radiusDynAuthServCoAUserSessChanged Counter32, radiusDynAuthServMalformedCoARequests Counter32, radiusDynAuthServCoABadAuthenticators Counter32, radiusDynAuthServCoAPacketsDropped Counter32, radiusDynAuthServUnknownTypes Counter32, radiusDynAuthServerCounterDiscontinuity TimeTicks }
radiusDynAuthClientIndex OBJECT-TYPE SYNTAX Integer32 (1..2147483647) MAX-ACCESS not-accessible STATUS current DESCRIPTION "A number uniquely identifying each RADIUS Dynamic Authorization Client with which this Dynamic Authorization Server communicates. This number is allocated by the agent implementing this MIB module and is unique in this context." ::= { radiusDynAuthClientEntry 1 }
radiusDynAuthClientAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "The type of IP address of the RADIUS Dynamic Authorization Client referred to in this table entry." ::= { radiusDynAuthClientEntry 2 }
radiusDynAuthClientAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The IP address value of the RADIUS Dynamic Authorization Client referred to in this table entry, using the version neutral IP address format. The type of this address is determined by the value of the radiusDynAuthClientAddressType object." ::= { radiusDynAuthClientEntry 3 }
radiusDynAuthServDisconRequests OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Disconnect-Requests received from this Dynamic Authorization Client. This also includes the RADIUS Disconnect-Requests that have a Service-Type attribute with value 'Authorize Only'. This counter may experience a discontinuity when the DAS module (re)starts as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.1, Disconnect Messages (DM)." ::= { radiusDynAuthClientEntry 4 }
radiusDynAuthServDisconAuthOnlyRequests OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Disconnect-Requests that include a Service-Type attribute with value 'Authorize Only' received from this Dynamic Authorization Client. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.1, Disconnect Messages (DM)." ::= { radiusDynAuthClientEntry 5 }
radiusDynAuthServDupDisconRequests OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of duplicate RADIUS Disconnect-Request packets received from this Dynamic Authorization Client. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.1, Disconnect Messages (DM)." ::= { radiusDynAuthClientEntry 6 }
radiusDynAuthServDisconAcks OBJECT-TYPE SYNTAX Counter32 UNITS "replies" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Disconnect-ACK packets sent to this Dynamic Authorization Client. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity."
Radiusdynauthservdisconacksオブジェクトタイプの構文Counter32ユニット "Replies" max-access read-only status current current current "この動的な承認クライアントに送信された半径切断パケットの数。radiusdynauthservercounterdiscontinuityの値によって示されるように。」
REFERENCE "RFC 3576, Section 2.1, Disconnect Messages (DM)." ::= { radiusDynAuthClientEntry 7 }
radiusDynAuthServDisconNaks OBJECT-TYPE SYNTAX Counter32 UNITS "replies" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Disconnect-NAK packets sent to this Dynamic Authorization Client. This includes the RADIUS Disconnect-NAK packets sent with a Service-Type attribute with value 'Authorize Only' and the RADIUS Disconnect-NAK packets sent because no session context was found. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.1, Disconnect Messages (DM)." ::= { radiusDynAuthClientEntry 8 }
radiusDynAuthServDisconNakAuthOnlyRequests OBJECT-TYPE SYNTAX Counter32 UNITS "replies" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Disconnect-NAK packets that include a Service-Type attribute with value 'Authorize Only' sent to this Dynamic Authorization Client. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.1, Disconnect Messages (DM)." ::= { radiusDynAuthClientEntry 9 }
radiusDynAuthServDisconNakSessNoContext OBJECT-TYPE SYNTAX Counter32 UNITS "replies" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Disconnect-NAK packets sent to this Dynamic Authorization Client because no session context was found. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.1, Disconnect Messages (DM)." ::= { radiusDynAuthClientEntry 10 }
radiusDynAuthServDisconUserSessRemoved OBJECT-TYPE SYNTAX Counter32 UNITS "sessions" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of user sessions removed for the Disconnect-Requests received from this Dynamic Authorization Client. Depending on site- specific policies, a single Disconnect request can remove multiple user sessions. In cases where this Dynamic Authorization Server has no knowledge of the number of user sessions that are affected by a single request, each such Disconnect-Request will count as a single affected user session only. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.1, Disconnect Messages (DM)." ::= { radiusDynAuthClientEntry 11 }
radiusDynAuthServMalformedDisconRequests OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of malformed RADIUS Disconnect-Request packets received from this Dynamic Authorization Client. Bad authenticators and unknown types are not included as malformed Disconnect-Requests. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.1, Disconnect Messages (DM), and Section 2.3, Packet Format." ::= { radiusDynAuthClientEntry 12 }
radiusDynAuthServDisconBadAuthenticators OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Disconnect-Request packets that contained an invalid Authenticator field received from this Dynamic Authorization Client. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.1, Disconnect Messages (DM), and Section 2.3, Packet Format." ::= { radiusDynAuthClientEntry 13 }
radiusDynAuthServDisconPacketsDropped OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of incoming Disconnect-Requests from this Dynamic Authorization Client silently discarded by the server application for some reason other than malformed, bad authenticators, or unknown types. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.1, Disconnect Messages (DM), and Section 2.3, Packet Format." ::= { radiusDynAuthClientEntry 14 }
radiusDynAuthServCoARequests OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS CoA-requests received from this Dynamic Authorization Client. This also includes the CoA requests that have a Service-Type attribute with value 'Authorize Only'. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity."
RADIUSIUSNAUTHSERVCOAREQUESTSオブジェクトタイプの構文カウンター32ユニット「リクエスト「MAX-ACCESS読み取り専用ステータス現在の説明」「この動的な認証クライアントから受け取ったRADIUS COA-Requestsの数。これには、価値のあるサービスタイプの属性を持つCOA要求も含まれます」承認のみを認めます。このカウンターは、Radiusdynauthservercounterdisonituityの値によって示されるように、DASモジュール(RE)が開始されると不連続性が発生する場合があります。」
REFERENCE "RFC 3576, Section 2.2, Change-of-Authorization Messages (CoA)." ::= { radiusDynAuthClientEntry 15 }
radiusDynAuthServCoAAuthOnlyRequests OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS CoA-requests that include a Service-Type attribute with value 'Authorize Only' received from this Dynamic Authorization Client. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.2, Change-of-Authorization Messages (CoA)." ::= { radiusDynAuthClientEntry 16 }
radiusDynAuthServDupCoARequests OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of duplicate RADIUS CoA-Request packets received from this Dynamic Authorization Client. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.2, Change-of-Authorization Messages (CoA)." ::= { radiusDynAuthClientEntry 17 }
radiusDynAuthServCoAAcks OBJECT-TYPE SYNTAX Counter32 UNITS "replies" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS CoA-ACK packets sent to this Dynamic Authorization Client. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.2, Change-of-Authorization Messages (CoA)." ::= { radiusDynAuthClientEntry 18 }
radiusDynAuthServCoANaks OBJECT-TYPE SYNTAX Counter32 UNITS "replies" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS CoA-NAK packets sent to this Dynamic Authorization Client. This includes the RADIUS CoA-NAK packets sent with a Service-Type attribute with value 'Authorize Only' and the RADIUS CoA-NAK packets sent because no session context was found. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.2, Change-of-Authorization Messages (CoA)." ::= { radiusDynAuthClientEntry 19 }
radiusDynAuthServCoANakAuthOnlyRequests OBJECT-TYPE SYNTAX Counter32 UNITS "replies" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS CoA-NAK packets that include a Service-Type attribute with value 'Authorize Only' sent to this Dynamic Authorization Client. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.2, Change-of-Authorization Messages (CoA)." ::= { radiusDynAuthClientEntry 20 }
radiusDynAuthServCoANakSessNoContext OBJECT-TYPE SYNTAX Counter32 UNITS "replies" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS CoA-NAK packets sent to this Dynamic Authorization Client because no session context was found. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.2, Change-of-Authorization Messages (CoA)." ::= { radiusDynAuthClientEntry 21 }
radiusDynAuthServCoAUserSessChanged OBJECT-TYPE SYNTAX Counter32 UNITS "sessions" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of user sessions authorization changed for the CoA-Requests received from this Dynamic Authorization Client. Depending on site- specific policies, a single CoA request can change multiple user sessions' authorization. In cases where this Dynamic Authorization Server has no knowledge of the number of user sessions that are affected by a single request, each such CoA-Request will count as a single affected user session only. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.2, Change-of-Authorization Messages (CoA)." ::= { radiusDynAuthClientEntry 22 }
radiusDynAuthServMalformedCoARequests OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of malformed RADIUS CoA-Request packets received from this Dynamic Authorization Client. Bad authenticators and unknown types are not included as malformed CoA-Requests. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE
radiusdynauthservmalformedcoarequestsオブジェクトタイプの構文Counter32ユニット "Max-Access読み取り専用ステータス現在の説明"この動的な認証クライアントから受け取った奇形の半径CoA-Requestパケットの数。悪い認証器と未知のタイプは、不正なCoa-Requestsに含まれていません。このカウンターは、radiusnauthservercountiondiscontinuityの値によって示されるように、DASモジュールが開始されると、不連続性が発生する場合があります。」参照
"RFC 3576, Section 2.2, Change-of-Authorization Messages (CoA), and Section 2.3, Packet Format." ::= { radiusDynAuthClientEntry 23 }
radiusDynAuthServCoABadAuthenticators OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS CoA-Request packets that contained an invalid Authenticator field received from this Dynamic Authorization Client. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.2, Change-of-Authorization Messages (CoA), and Section 2.3, Packet Format." ::= { radiusDynAuthClientEntry 24 }
radiusDynAuthServCoAPacketsDropped OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of incoming CoA packets from this Dynamic Authorization Client silently discarded by the server application for some reason other than malformed, bad authenticators, or unknown types. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.2, Change-of-Authorization Messages (CoA), and Section 2.3, Packet Format." ::= { radiusDynAuthClientEntry 25 }
radiusDynAuthServUnknownTypes OBJECT-TYPE SYNTAX Counter32 UNITS "requests" MAX-ACCESS read-only STATUS current DESCRIPTION "The number of incoming packets of unknown types that were received on the Dynamic Authorization port. This counter may experience a discontinuity when the DAS module (re)starts, as indicated by the value of radiusDynAuthServerCounterDiscontinuity." REFERENCE "RFC 3576, Section 2.3, Packet Format." ::= { radiusDynAuthClientEntry 26 }
radiusDynAuthServerCounterDiscontinuity OBJECT-TYPE SYNTAX TimeTicks UNITS "hundredths of a second" MAX-ACCESS read-only STATUS current DESCRIPTION "The time (in hundredths of a second) since the last counter discontinuity. A discontinuity may be the result of a reinitialization of the DAS module within the managed entity." ::= { radiusDynAuthClientEntry 27 }
-- conformance information
- 適合情報
radiusDynAuthServerMIBConformance OBJECT IDENTIFIER ::= { radiusDynAuthServerMIB 2 } radiusDynAuthServerMIBCompliances OBJECT IDENTIFIER ::= { radiusDynAuthServerMIBConformance 1 } radiusDynAuthServerMIBGroups OBJECT IDENTIFIER ::= { radiusDynAuthServerMIBConformance 2 }
-- compliance statements
- コンプライアンスステートメント
radiusAuthServerMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities implementing the RADIUS Dynamic Authorization Server. Implementation of this module is for entities that support IPv4 and/or IPv6." MODULE -- this module MANDATORY-GROUPS { radiusDynAuthServerMIBGroup }
OBJECT radiusDynAuthClientAddressType SYNTAX InetAddressType { ipv4(1), ipv6(2) } DESCRIPTION "An implementation is only required to support IPv4 and globally unique IPv6 addresses."
OBJECT radiusDynAuthClientAddress SYNTAX InetAddress (SIZE(4|16)) DESCRIPTION "An implementation is only required to support IPv4 and globally unique IPv6 addresses."
GROUP radiusDynAuthServerAuthOnlyGroup DESCRIPTION "Only required for Dynamic Authorization Clients that are supporting Service-Type attributes with value 'Authorize-Only'."
グループRadiusdynauthserverauthnlygroupの説明「Value「Authorizeのみ」を持つサービスタイプの属性をサポートしている動的認証クライアントにのみ必要です。」
GROUP radiusDynAuthServerNoSessGroup DESCRIPTION "This group is not required if the Dynamic Authorization Server cannot easily determine whether a session exists (e.g., in case of a RADIUS proxy)."
グループRADIUSIUSNAUTHSERVERNOSESSGROUPの説明「動的認証サーバーがセッションが存在するかどうかを簡単に判断できない場合(たとえば、RADIUSプロキシの場合)、このグループは必要ありません。」
::= { radiusDynAuthServerMIBCompliances 1 }
-- units of conformance
- 適合ユニット
radiusDynAuthServerMIBGroup OBJECT-GROUP OBJECTS { radiusDynAuthServerDisconInvalidClientAddresses, radiusDynAuthServerCoAInvalidClientAddresses, radiusDynAuthServerIdentifier, radiusDynAuthClientAddressType, radiusDynAuthClientAddress, radiusDynAuthServDisconRequests, radiusDynAuthServDupDisconRequests, radiusDynAuthServDisconAcks, radiusDynAuthServDisconNaks, radiusDynAuthServDisconUserSessRemoved, radiusDynAuthServMalformedDisconRequests, radiusDynAuthServDisconBadAuthenticators, radiusDynAuthServDisconPacketsDropped, radiusDynAuthServCoARequests, radiusDynAuthServDupCoARequests, radiusDynAuthServCoAAcks, radiusDynAuthServCoANaks, radiusDynAuthServCoAUserSessChanged, radiusDynAuthServMalformedCoARequests, radiusDynAuthServCoABadAuthenticators, radiusDynAuthServCoAPacketsDropped, radiusDynAuthServUnknownTypes, radiusDynAuthServerCounterDiscontinuity } STATUS current DESCRIPTION "The collection of objects providing management of a RADIUS Dynamic Authorization Server." ::= { radiusDynAuthServerMIBGroups 1 }
radiusDynAuthServerAuthOnlyGroup OBJECT-GROUP OBJECTS { radiusDynAuthServDisconAuthOnlyRequests, radiusDynAuthServDisconNakAuthOnlyRequests, radiusDynAuthServCoAAuthOnlyRequests, radiusDynAuthServCoANakAuthOnlyRequests } STATUS current DESCRIPTION "The collection of objects supporting the RADIUS messages including Service-Type attribute with value 'Authorize Only'." ::= { radiusDynAuthServerMIBGroups 2 }
radiusDynAuthServerNoSessGroup OBJECT-GROUP OBJECTS { radiusDynAuthServDisconNakSessNoContext, radiusDynAuthServCoANakSessNoContext } STATUS current DESCRIPTION "The collection of objects supporting the RADIUS messages that are referring to non-existing sessions." ::= { radiusDynAuthServerMIBGroups 3 }
END5. Security Considerations
終了5。セキュリティ上の考慮事項
There are no management objects defined in this MIB module that have a MAX-ACCESS clause of read-write and/or read-create. So, if this MIB module is implemented correctly, then there is no risk that an intruder can alter or create any management objects of this MIB module via direct SNMP SET operations.
このMIBモジュールには、読み取りワイトおよび/またはread-Createの最大アクセス句を持つ管理オブジェクトはありません。したがって、このMIBモジュールが正しく実装されている場合、侵入者が直接SNMPセット操作を介してこのMIBモジュールの管理オブジェクトを変更または作成できるリスクはありません。
Some of the readable objects in this MIB module (i.e., objects with a MAX-ACCESS other than not-accessible) may be considered sensitive or vulnerable in some network environments. It is thus important to control even GET and/or NOTIFY access to these objects and possibly to even encrypt the values of these objects when sending them over the network via SNMP. These are the tables and objects and their sensitivity/vulnerability:
このMIBモジュールの読み取り可能なオブジェクトのいくつか(つまり、アクセスできないこと以外に最大アクセスを備えたオブジェクト)は、一部のネットワーク環境で敏感または脆弱と見なされる場合があります。したがって、これらのオブジェクトへのアクセスを取得および/または通知することさえ制御し、SNMPを介してネットワーク上に送信するときにこれらのオブジェクトの値を暗号化することも重要です。これらはテーブルとオブジェクトであり、その感度/脆弱性です。
radiusDynAuthClientAddress and radiusDynAuthClientAddressType
radiusdynauthclientAddressおよびradiusnynauthclientddresstype
These can be used to determine the address of the DAC with which the DAS is communicating. This information could be useful in mounting an attack on the DAC.
これらは、DASが通信しているDACのアドレスを決定するために使用できます。この情報は、DACへの攻撃の取り付けに役立つ可能性があります。
radiusDynAuthServerIdentifier
radiusdynauthserveridentifier
This can be used to determine the Identifier of the DAS. This information could be useful in impersonating the DAS.
これは、DASの識別子を決定するために使用できます。この情報は、DASになりすましに役立つ可能性があります。
SNMP versions prior to SNMPv3 did not include adequate security. Even if the network itself is secure (for example by using IPsec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB module.
SNMPV3以前のSNMPバージョンには、適切なセキュリティは含まれていませんでした。ネットワーク自体が(たとえばIPSECを使用して)安全である場合でも、それでもセキュアネットワークで誰がアクセスして取得/セット(読み取り/変更/作成/削除/削除)を制御することはできません。MIBモジュール。
It is RECOMMENDED that implementers consider the security features as provided by the SNMPv3 framework (see [RFC3410], section 8), including full support for the SNMPv3 cryptographic mechanisms (for authentication and privacy).
実装者は、SNMPV3暗号化メカニズム(認証とプライバシー用)の完全なサポートを含む、SNMPV3フレームワーク([RFC3410]、セクション8を参照)で提供されるセキュリティ機能を考慮することをお勧めします。
Further, deployment of SNMP versions prior to SNMPv3 is NOT RECOMMENDED. Instead, it is RECOMMENDED to deploy SNMPv3 and to enable cryptographic security. It is then a customer/operator responsibility to ensure that the SNMP entity giving access to an instance of this MIB module is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them.
さらに、SNMPV3より前のSNMPバージョンの展開は推奨されません。代わりに、SNMPV3を展開し、暗号化セキュリティを有効にすることをお勧めします。その場合、このMIBモジュールのインスタンスへのアクセスを提供するSNMPエンティティが、実際に取得または設定する正当な権利を持つプリンシパル(ユーザー)にのみオブジェクトにアクセスできるように適切に構成されていることを保証するのは、顧客/オペレーターの責任です(変更を変更します(変更)/作成/削除)それら。
The IANA has assigned OID number 146 under mib-2.
IANAは、MIB-2の下でOID番号146を割り当てました。
The authors would like to acknowledge the following people for their comments on this document: Bernard Aboba, Alan DeKok, David Nelson, Anjaneyulu Pata, Dan Romascanu, Juergen Schoenwaelder, Greg Weber, Bert Wijnen, and Glen Zorn.
著者は、この文書に関するコメントについて、以下の人々を認めたいと考えています:バーナード・アボバ、アラン・デコク、デビッド・ネルソン、アンジャニュール・パタ、ダン・ロマスカヌ、ジュエルゲン・シェーンワールダー、グレッグ・ウェーバー、バート・ウィーネン、グレン・ゾーン。
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119] Bradner、S。、「要件レベルを示すためにRFCで使用するためのキーワード」、BCP 14、RFC 2119、1997年3月。
[RFC2578] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Structure of Management Information Version 2 (SMIv2)", STD 58, RFC 2578, April 1999.
[RFC2578] McCloghrie、K.、Perkins、D。、およびJ. Schoenwaelder、「管理情報の構造バージョン2(SMIV2)」、STD 58、RFC 2578、1999年4月。
[RFC2579] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999.
[RFC2579] McCloghrie、K.、Perkins、D。、およびJ. Schoenwaelder、「SMIV2のテキストコンベンション」、STD 58、RFC 2579、1999年4月。
[RFC2580] McCloghrie, K., Perkins, D., and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999.
[RFC2580] McCloghrie、K.、Perkins、D。、およびJ. Schoenwaelder、「SMIV2の適合ステートメント」、STD 58、RFC 2580、1999年4月。
[RFC3411] Harrington, D., Presuhn, R., and B. Wijnen, "An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks", STD 62, RFC 3411, December 2002.
[RFC3411] Harrington、D.、Presuhn、R。、およびB. Wijnen、「単純なネットワーク管理プロトコル(SNMP)管理フレームワークを説明するためのアーキテクチャ」、STD 62、RFC 3411、2002年12月。
[RFC3576] Chiba, M., Dommety, G., Eklund, M., Mitton, D., and B. Aboba, "Dynamic Authorization Extensions to Remote Authentication Dial In User Service (RADIUS)", RFC 3576, July 2003.
[RFC3576] Chiba、M.、Dommety、G.、Eklund、M.、Mitton、D.、およびB. Aboba、「リモート認証のダイヤルインユーザーサービス(RADIUS)への動的認証拡張」、RFC 3576、2003年7月。
[RFC4001] Daniele, M., Haberman, B., Routhier, S., and J. Schoenwaelder, "Textual Conventions for Internet Network Addresses", RFC 4001, February 2005.
[RFC4001] Daniele、M.、Haberman、B.、Routhier、S。、およびJ. Schoenwaelder、「インターネットネットワークアドレスのテキストコンベンション」、RFC 4001、2005年2月。
[RFC2865] Rigney, C., Willens, S., Rubens, A., and W. Simpson, "Remote Authentication Dial In User Service (RADIUS)", RFC 2865, June 2000.
[RFC2865] Rigney、C.、Willens、S.、Rubens、A。、およびW. Simpson、「リモート認証ダイヤルインユーザーサービス(RADIUS)」、RFC 2865、2000年6月。
[RFC3410] Case, J., Mundy, R., Partain, D., and B. Stewart, "Introduction and Applicability Statements for Internet-Standard Management Framework", RFC 3410, December 2002.
[RFC3410] Case、J.、Mundy、R.、Partain、D。、およびB. Stewart、「インターネット標準管理フレームワークの紹介と適用声明」、RFC 3410、2002年12月。
[RFC4668] Nelson, D., "RADIUS Authentication Client MIB for IPv6", RFC 4668, August 2006.
[RFC4668]ネルソン、D。、「RADIUS認証クライアントMIB for IPv6」、RFC 4668、2006年8月。
[RFC4669] Nelson, D., "RADIUS Authentication Server MIB for IPv6", RFC 4669, August 2006.
[RFC4669]ネルソン、D。、「IPv6のRADIUS認証サーバーMIB」、RFC 4669、2006年8月。
[RFC4670] Nelson, D., "RADIUS Accounting Client MIB for IPv6", RFC 4670, August 2006.
[RFC4670]ネルソン、D。、「IPv6のRADIUSアカウンティングクライアントMIB」、RFC 4670、2006年8月。
[RFC4671] Nelson, D., "RADIUS Accounting Server MIB for IPv6", RFC 4671, August 2006.
[RFC4671]ネルソン、D。、「IPv6のRadiusアカウンティングサーバーMIB」、RFC 4671、2006年8月。
[RFC4672] De Cnodder, S., Jonnala, N., and M. Chiba, "RADIUS Dynamic Authorization Client MIB", RFC 4672, September 2006.
[RFC4672] de Cnodder、S.、Jonnala、N。、およびM. Chiba、「Radius Dynamic Authorization Client MIB」、RFC 4672、2006年9月。
Authors' Addresses
著者のアドレス
Stefaan De Cnodder Alcatel Francis Wellesplein 1 B-2018 Antwerp Belgium
ステファン・デ・コノッダー・アルカテル・フランシス・ウェルズプレイン1 B-2018アントワープ・ベルギー
Phone: +32 3 240 85 15 EMail: stefaan.de_cnodder@alcatel.be
Nagi Reddy Jonnala Cisco Systems, Inc. Divyasree Chambers, B Wing, O'Shaugnessy Road Bangalore-560027, India
Nagi Reddy Jonnala Cisco Systems、Inc。Divyasree Chambers、B Wing、O'Shaugnessy Road Bangalore-560027、インド
Phone: +91 94487 60828 EMail: njonnala@cisco.com
Murtaza Chiba Cisco Systems, Inc. 170 West Tasman Dr. San Jose CA, 95134
Murtaza Chiba Cisco Systems、Inc。170 West Tasman Dr. San Jose CA、95134
Phone: +1 408 525 7198 EMail: mchiba@cisco.com
Full Copyright Statement
完全な著作権声明
Copyright (C) The Internet Society (2006).
Copyright(c)The Internet Society(2006)。
This document is subject to the rights, licenses and restrictions contained in BCP 78, and except as set forth therein, the authors retain all their rights.
この文書は、BCP 78に含まれる権利、ライセンス、および制限の対象となり、そこに記載されている場合を除き、著者はすべての権利を保持しています。
This document and the information contained herein are provided on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
このドキュメントとここに含まれる情報は、「現状のまま」に基づいて提供されています。また、貢献者、彼/彼女が代表する組織(もしあれば)が後援する組織、インターネット協会とインターネット工学タスクフォースは、すべての保証、明示的または明示的、またはすべての保証を否認します。本書の情報の使用が、商品性または特定の目的に対する適合性の権利または黙示的な保証を侵害しないという保証を含むがこれらに限定されないことを含む。
Intellectual Property
知的財産
The IETF takes no position regarding the validity or scope of any Intellectual Property Rights or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; nor does it represent that it has made any independent effort to identify any such rights. Information on the procedures with respect to rights in RFC documents can be found in BCP 78 and BCP 79.
IETFは、知的財産権またはその他の権利の有効性または範囲に関して、この文書に記載されている技術の実装または使用、またはそのような権利に基づくライセンスがどの程度であるかについての使用に関連すると主張する可能性があるという立場はありません。利用可能になります。また、そのような権利を特定するために独立した努力をしたことも表明していません。RFCドキュメントの権利に関する手順に関する情報は、BCP 78およびBCP 79に記載されています。
Copies of IPR disclosures made to the IETF Secretariat and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementers or users of this specification can be obtained from the IETF on-line IPR repository at http://www.ietf.org/ipr.
IETF事務局に行われたIPR開示のコピーと、利用可能にするライセンスの保証、またはこの仕様の実装者またはユーザーによるそのような独自の権利の使用のための一般的なライセンスまたは許可を取得しようとする試みの結果を取得できます。http://www.ietf.org/iprのIETFオンラインIPRリポジトリから。
The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights that may cover technology that may be required to implement this standard. Please address the information to the IETF at ietf-ipr@ietf.org.
IETFは、関心のある当事者に、著作権、特許、または特許出願、またはこの基準を実装するために必要な技術をカバーする可能性のあるその他の独自の権利を注意深く招待するよう招待しています。ietf-ipr@ietf.orgのIETFへの情報をお問い合わせください。
Acknowledgement
謝辞
Funding for the RFC Editor function is provided by the IETF Administrative Support Activity (IASA).
RFCエディター機能の資金は、IETF管理サポートアクティビティ(IASA)によって提供されます。