Internet Engineering Task Force H. Cruickshank
Internet Draft University of Surrey, UK
draft-cruickshank-ipdvb-sec-05.txt P. Pillai
Expires: January 13, 2009 University of Bradford, UK
S. Iyengar
Logica, UK
Category: Internet draft July 14, 2008
Security Extension for Unidirectional Lightweight Encapsulation
Protocol
draft-cruickshank-ipdvb-sec-05.txt
Status of this Draft
By submitting this Internet-Draft, each author represents that
any applicable patent or other IPR claims of which he or she is
aware have been or will be disclosed, and any of which he or she
becomes aware will be disclosed, in accordance with Section 6 of
BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF), its areas, and its working groups. Note that
other groups may also distribute working documents as Internet-
Drafts.
Internet-Drafts are draft documents valid for a maximum of six
months and may be updated, replaced, or obsoleted by other
documents at any time. It is inappropriate to use Internet-
Drafts as reference material or to cite them other than as "work
in progress."
The list of current Internet-Drafts can be accessed at
http://www.ietf.org/ietf/1id-abstracts.txt
The list of Internet-Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html
This Internet-Draft will expire on January 13, 2009.
Abstract
This document describes the header extension for Unidirectional
Encapsulation Protocol (ULE) that secures the IP traffic
transported using ULE to provide security features like data
confidentiality, data integrity, data origin authentication and
mechanisms to prevent replay attacks. The format of the header
extension and processing at the Receiver and Transmitter are
Cruickshank et.al. Expires January 13, 2009 [Page 1]
�
Internet-Draft Security Extension for ULE July 2008
described in detail.
Table of Contents
1. Introduction................................................2
2. Requirements notation.......................................3
3. Abbreviations used in the document..........................3
4. ULE Security Extension......................................4
4.1. Security Services......................................4
4.2. Secure ULE SNDU Format.................................6
4.3. Transmitter Processing.................................9
4.4. Receiver Processing...................................10
5. Key Exchange Procedure.....................................11
5.1. IPsec Key Management for L2...........................11
5.2. Alternative Key Management............................11
6. Secure ULE SNDU example....................................12
7. Security Considerations....................................13
8. IANA Considerations........................................13
9. Acknowledgments............................................13
10. References................................................13
10.1. Normative References.................................13
10.2. Informative References...............................14
11. Author's Addresses........................................14
12. IPR Notices...............................................15
12.1. Intellectual Property Statement......................15
12.2. Intellectual Property................................16
13. Copyright Statement.......................................16
1. Introduction
The Unidirectional Lightweight Encapsulation Protocol (ULE) [3]
is used for the transportation of user traffic like IP datagrams,
ethernet frames, etc. over ISO MPEG-2 Transport Streams (TS) [1].
This document describes a new ULE mandatory extension header for
providing link layer security for ULE.
In MPEG-2 transmission networks employing ULE, there is a need to
provide link-layer security, particularly where network layer and
transport-layer security may not be present or may not be
sufficient. The security requirements are presented and discussed
in detail in [4]. The set of security services that the security
extension for ULE can provide includes data confidentiality, data
integrity, data origin authentication and rejection of replayed
packets. While providing suitable link encryption is mandatory,
link layer data integrity and data origin authentication is
provided as an optional security service. These are especially
desirable for systems where there are several ULE transmitters
Cruickshank et. al. Expires January 13, 2009 [Page 2]
�
Internet-Draft Security Extension for ULE July 2008
(e.g. satellite meshed systems with on-board processing).
On Securing the ULE SNDUs, security is provided at the link layer
as opposed to other existing mechanisms like IP Security (IPsec)
[8] that provides security at the network-layer or TLS [11] that
provides transport layer security. Since these security services
are provided at the link layer any network layer protocol like IP
(even with Ethernet bridging) may be used with secure ULE.
ULE may use and benefit from IETF key management protocols, such
as the MSEC Group Domain of Interpretation (GDOI) [9] and Group
Secure Association Key Management Protocol (GSAKMP) [7]. This
does not preclude the use of other key management methods in
scenarios for which there is benefit. The encryption algorithms,
key lengths, etc. will be defined making use of the standard
IPsec suites. For this purpose a security association identity
similar to the IPsec Security Parameter Index (SPI)[8] is used.
In some current encapsulation methods like Multi-Protocol
Encapsulation (MPE) [5], encryption of the MAC address requires
each receiver to decrypt all encrypted data sent using a TS
Logical Channel (identified by a PID), before it can then filter
the PDUs that matches the set of Network Point of Attachment
(NPA) addresses that the Receiver wishes to receive. Therefore
encryption of the MPE NPA address is not permitted in such
systems. This document specifies a method which provides support
for using temporary Layer 2 NPA address.
2. Requirements notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in
[2].
3. Abbreviations used in the document
AES - Advanced Encryption Standard
DVB - Digital Video Broadcasting
GDOI - Group Domain of Interpretation
GSKAMP - Group Secure Association Key Management Protocol
IPsec - Internet Protocol Security
Cruickshank et. al. Expires January 13, 2009 [Page 3]
�
Internet-Draft Security Extension for ULE July 2008
MPE - Multi-Protocol Encapsulation
MAC - Message Authentication Code
NAT - Network Address Translation
NCC - Network Control Centre
NPA - Network Point of Attachment
PEP - Protocol Enhancing Proxy
PID - Packet Identifier
PDU - Protocol Data Unit
SAD - Security Association Database
SHA - Standard Hash Algorithm
SNDU - Subnetwork Data Unit
SPD - Security Policy Database
SPI - Security Parameter Index
TLS - Transport Layer Security
ULE - Unidirectional Lightweight Encapsulation Protocol
4. ULE Security Extension
This section describes the security services offered and the
packet format of the security extension for ULE. The procedures
for processing the security extension header at the transmitter
and the receiver are also described.
4.1. Security Services
MPEG-2 based networks are susceptible to several security
attacks, both passive and active. Some of the main security
services (mandatory or optional) that the security extension for
ULE aims to provide for IP services running on MPEG-2 based
systems are:
o Data Confidentiality (Mandatory): Data confidentiality is
achieved by encrypting the higher layer PDU (and other ULE
Cruickshank et. al. Expires January 13, 2009 [Page 4]
�
Internet-Draft Security Extension for ULE July 2008
extensions headers that may be present and require security)
before encapsulation in the ULE SNDU, so that only authorised
receivers can decrypt the transmitted information while an
adversary would not be able to recover the important
information even if it got hold of the transmitted data.
o Receiver NPA address hiding (optional): The SNDU type that is
visible to all receivers has the value "encrypted content",
whereas the type of PDU being carried is described using a
field within the encrypted payload. This is an important
objective for ULE security to prevent any passive attacks like
traffic analysis. The option D=1 (i.e. no NPA address
present) is permitted as long as the ULE_Security_Identifier
(ULE-SID) is unique in the whole ULE network. This implies
the need for a centralised key management system that
generates the ULE-SID. If an NPA address is used (option D=0)
in the base ULE header and NPA address hiding is utilized,
then encrypted NPA address should be used. The combination of
the ULE-SID and encrypted NPA will guarantee the uniqueness of
the security association even in the case of a decentralized
key management system.
o Data origin authentication (Optional): Data origin (source)
authentication allows a ULE receiver to verify that the data
is sent by the claimed ULE sender. To achieve data origin
authentication, a Message Authentication Code (MAC) is
generated for each message using a shared secret key and is
also transmitted along with the data. The ULE receiver
calculates the MAC for the received data using the shared key,
and then compares this computed MAC value to the one sent by
the sender along with the data. If the two match, then the
receiver knows that the data had to be sent from the claimed
sender.
o Data Integrity (Optional): Data integrity provides a way for
the receiver of the data message to know if the data has been
tampered in transit by an attacker. The MAC used for data
authentication also provides data integrity. The receiver of
the data calculates the MAC and compares it to the one
transmitted by the sender. If an adversary had tampered with
the message then the two MACs would not match.
o Replay Attacks Countermeasures (Optional): Methods against
replay attacks need to ensure that the received data is recent
and that an adversary has not replayed old messages at a later
Cruickshank et. al. Expires January 13, 2009 [Page 5]
�
Internet-Draft Security Extension for ULE July 2008
time. A monotonically increasing sequence number would be used
with every message and messages with old sequence number
values would be rejected. The choice of using sequence numbers
is dictated by policy and is done by the key management
system.
Another issue is key space. There is a need for the following two
databases for the correct processing on security in ULE
transmitters and receivers:
o Security Policy Database (SPD): This database contains the
policies that determine the processing of all ULE
inbound/outbound traffic (such as encrypting all outbound ULE
traffic destined to a certain terminal).
o Security Association Database (SAD): Each entry defines the
parameters associated with one ULE-SID such as encryption
keys, keys and algorithms used for calculating the MAC,
presence of Sequence number and MAC. Each ULE-SID has an entry
in the SAD.
This specification may re-use existing techniques in IPsec
architecture and therefore the SPD and the SAD will follow the
format of these databases as defined in RFC 4301 [8]. The
security suite of algorithms for data encryption and data
authenticity/integrity specified in IPsec/MSEC will be used for
ULE security. The design of these databases will be simpler and
also the lookups because unlike in IPsec only the ULE-SID along
with the NPA address and possibly the PID is needed to retrieve
the data from these databases.
4.2. Secure ULE SNDU Format
The security extension aims to secure the transmission of user
traffic over MPEG-2 Transport Streams. In order to address the
security issues, Figure 1 shows the SNDU format with the security
extension header.
This security extension is a standard extension header as
described in Section 5 of RFC 4326 [3] and does not affect the
ULE base protocol. This security extension header is a Mandatory
ULE Extension header. This means that a receiver MUST process
this header before it processes the next extension header or the
encapsulated PDU, otherwise the entire SNDU should be discarded.
Cruickshank et. al. Expires January 13, 2009 [Page 6]
�
Internet-Draft Security Extension for ULE July 2008
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+----------------------------+------------------------------+
|D| Length | Type = S-ULE |
+-+----------------------------+------------------------------+
| Receiver Destination NPA Address * |
| +------------------------------+
| | ULE_Security_ID |
+------------------------------+------------------------------+
| ULE_Security_ID | Sequence Number (Optional) |
+------------------------------+------------------------------+
| Sequence Number (Optional) | Next-Type = Type of PDU |
+------------------------------+------------------------------+
| |
| |
= Encrypted PDU =
| |
| |
+------------------------------+------------------------------+
| |
= Message Authentication Code (Optional) =
| |
+-------------------------------------------------------------+
| Cyclic Redundancy Check |
+-------------------------------------------------------------+
Figure 1 General SNDU format with Security extension header (D=0)
In Figure 1, the Type field in the base header denotes that a
mandatory security extension header is present. The receiver
destination NPA address is optional. After the base ULE header
the security extension header follows. This header contains the
ULE-SID, the optional Sequence Number field and the optional
Message Authentication Code (MAC) field. The Next-Type field
denotes the type of the enclosed PDU. The higher-layer PDU is
encrypted and then encapsulated in the SNDU.
The format of the Destination Address Absent field (D), the
Length field the Type field and the Receiver Destination NPA
address field are defined by ULE [3].
4.2.1. Destination Address Absent (D) Field
The most significant bit of the Length Field carries the value of
the Destination Address Absent Field (D) as defined by ULE [3].
Cruickshank et. al. Expires January 13, 2009 [Page 7]
�
Internet-Draft Security Extension for ULE July 2008
When D is set to 0, it indicates the presence of the Destination
Address Field while D set to 1 indicates that a Destination
Address Field is not present.
4.2.2. Length Field
A 15-bit Length field denotes the length, in bytes, of the SNDU
counted from the byte following the Type field, up to and
including the CRC [3].
4.2.3. Type Field
A 16-bit Type Field indicates that this is a Secure ULE SNDU [3].
[XXX IANA ACTION REQUIRED to allocate xxS-ULExx XXX]
The S-ULE header is defined in the IANA maintained Next-Header
Registry for ULE and has the value xxS-ULExx
[XXX END of IANA ACTION XXX]
4.2.4. Destination NPA Address Field
The SNDU Destination Address Field is optional. This field is
MUST be carried when field D is set to 0 and may be omitted when
D=1 [3].
4.2.5. ULE-SID Field
A 32-bit security identifier, the ULE-SID similar to the SPI used
in IPsec has been added to uniquely identify the secure session.
This ULE-SID represents the security association between the
MPEG-2 transmitter and receiver for a particular session and
indicates the keys and algorithms used for encrypting the data
payload and calculating the MAC. The ULE-SID is used by a
receiver to filter PDUs in combination with the NPA address when
present.
4.2.6. Sequence Number Field
An optional 32-bit sequence number MAY be included in the ULE
SNDU to prevent replay attacks. The gateway monotonically
increments this number when it sends a packet to the receiver and
the receiver verifies the correct sequence number and MUST
discard all SNDUs which do not match. If an adversary tries to
inject or replay old packets the sequence number would not match.
This would result in discarding the packet.
Cruickshank et. al. Expires January 13, 2009 [Page 8]
�
Internet-Draft Security Extension for ULE July 2008
SNDU reordering is not permitted on ULE links, and therefore any
accidental reordering of segments will result in discard.
4.2.7. Type Field
This second type field denotes the type of packet that is
encrypted and encapsulated in the Secure ULE SNDU. If another ULE
extension header follows, then this type field indicates the type
of this extension header.
4.2.8. Encrypted SNDU Payload
To achieve data confidentiality, the traffic between the MPEG-2
TS transmitter (ULE Encapsulator) and Receiver needs to be
encrypted. The network layer PDUs are first encrypted and then
encapsulated in the secure ULE SNDU. The security associations
between the two communicating points will describe the algorithms
and keys used for encryption purposes.
Secure ULE does not impose the use of any specific encryption
algorithm and should be able to support the commonly used
algorithms including DES [12], 3DES etc.
4.2.9. Message Authentication Code (MAC) Field
To provide both data origin authentication and data integrity, a
Message Authentication Code (MAC) is included in the extension
header.
The MAC is calculated over the ULE security extension header and
the encrypted data payload. The receiver calculates the MAC for
the each received packet and compares it with the transmitted
value. The two would not match in only 2 cases, firstly either
there was an error during processing or transmission over the
MPEG-2 Network, or secondly the packet has not been sent from an
authenticated entity. In either case, the packet MUST be
discarded. Hence the same MAC can be used for data origin
authentication and to provide data integrity for
transmission/processing errors.
4.3. Transmitter Processing
The following procedure is followed at the encapsulator for
processing the security extension header for ULE:
o Upon reception of the higher layer PDU, the SPD is first
queried to check the policy to be applied to the PDU. If
Cruickshank et. al. Expires January 13, 2009 [Page 9]
�
Internet-Draft Security Extension for ULE July 2008
security is needed then an SA must exist in the SAD (this is
set by the key management system). The parameters are
retrieved from the SAD and it is first encrypted using the key
and the algorithm as indicated in the SAD.
o The header of the base protocol (and other extension headers
if present) is added to the SNDU.
o The ULE-SID for the security association between the
transmitter and the receiver are added next.
o The SAD is consulted to determine if the sequence number has
to be added. If required, then the corresponding sequence
number is added to the SNDU.
o Then the encrypted higher layer PDU is encapsulated to form
the SNDU.
o The SAD is then checked to determine if the data origin
authentication and data integrity has to be provided. If
required, then the MAC has to be calculated. The MAC is
calculated over the encrypted PDU (and other possible
extension headers), the Security extension header and the
secret key. The MAC is then added to the extension header in
the SNDU.
o Finally, the CRC is calculated as defined in Section 4.6 of
RFC4326 [3] and added.
4.4. Receiver Processing
The following procedure is followed at the Receiver for
processing the security extension header for ULE:
o Upon reception of a Secure ULE SNDU, the Receiver first
filters the received packets according to the receiver
destination NPA address (if present).
o The CRC is verified as defined in RFC4326 [3].
o The Receiver then uses the ULE-SID to obtain the security
associations between the transmitter and receiver and retrieve
the data from the SAD. With this the receiver determines if
the sequence number and the MAC are present or not. This is
also used to determine the algorithms and keys used for both
encryption of the encapsulated PDU and for generation of the
message authentication code.
Cruickshank et. al. Expires January 13, 2009 [Page 10]
�
Internet-Draft Security Extension for ULE July 2008
o If present the next step would be to check the MAC to verify
the authenticity and integrity of the received PDU. If the
calculated MAC does not match the transmitted MAC, then the
PDU is discarded.
o It would then use the sequence number for filtering any out
of-sequence packets.
o Finally the encapsulated payload will be decrypted.
5. Key Exchange Procedure
This section describes the key exchange procedure, used to
install and manage the keys at Receivers. There is a need to
take into account the two cases described in [10], both
unidirectional and bi-directional transfers. The key management
procedures are independent from the ULE operations. During the
key exchange procedure, the ULE-SID will be defined.
The exact data encryption and data integrity choices are linked
to the key management systems in use. One example is the security
suite 1 (defined in GSAKMP [7]). This uses AES (CBC mode, Key
Length: 128 bits) for data encryption and DSS-ASN1-DER for
digital signature and SHA-1 as the Hash algorithm. Other suites
will be added in future versions.
A detailed key management system is not presented in this
document, but two approaches are outlined.
5.1. IPsec Key Management for L2
Existing key management systems can be used such as the MSEC key
exchange protocols, GDOI and GSAKMP. The format of the ULE-SID
will be identical to the security association as defined in GDOI
or GSAKMP. The initial key exchange between the security server
and the ULE receiver can be transported either within the ULE
network or may be performed by some other means. This is a
matter of policy and an architecture decision. For example, for
bi-directional transfers the whole key exchange procedures could
be carried within the ULE network, while for unidirectional
transfers, some other bidirectional connection should be used.
5.2. Alternative Key Management
The method described here for link security may be used with
alternative key management systems when used as a part of a
system that already implements a key management infrastructure
Cruickshank et. al. Expires January 13, 2009 [Page 11]
�
Internet-Draft Security Extension for ULE July 2008
(e.g. the DVB-RCS security system [6]). The format of the ULE-
Security-ID will be the same format as defined in DVB-RCS
security procedures.
6. Secure ULE SNDU example
This section shows the ULE SNDU with the security extension
header when IP datagrams are secured using Secure ULE. In the
example below, there are no additional extension headers.
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+----------------------------+------------------------------+
|D| Length (15 bits) | Type = S-ULE |
+-+----------------------------+------------------------------+
| Encrypted Receiver Destination NPA Address (48 bits) |
| +------------------------------+
| | ULE_Security_ID |
+------------------------------+------------------------------+
| ULE_Security_ID | Sequence Number (Optional) |
+------------------------------+------------------------------+
| Sequence Number (Optional) | Type = IPv4 |
+------------------------------+------------------------------+
| |
= Encrypted IP Datagram =
| |
+------------------------------+------------------------------+
| |
= Message Authentication Code (Optional) =
| |
+-------------------------------------------------------------+
| Cyclic Redundancy Code (32 bits) |
+-------------------------------------------------------------+
Figure 2 Secure ULE SNDU with D=0
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+----------------------------+------------------------------+
|1| Length (15 bits) | Type = S-ULE |
+-+----------------------------+------------------------------+
| ULE_Security_ID |
+-------------------------------------------------------------+
| Sequence Number (Optional) |
+------------------------------+------------------------------+
| Type = IPv4 | |
+------------------------------+ |
Cruickshank et. al. Expires January 13, 2009 [Page 12]
�
Internet-Draft Security Extension for ULE July 2008
| |
= Encrypted IP Datagram =
| |
+------------------------------+------------------------------+
| |
= Message Authentication Code (Optional) =
| |
+-------------------------------------------------------------+
| Cyclic Redundancy Code |
+-------------------------------------------------------------+
Figure 3 Secure ULE SNDU with D=1
7. Security Considerations
Link-level (L2) encryption of IP traffic is commonly used in
broadcast/radio links to supplement End-to-End security (e.g.
provided by TLS, SSH, Open PGP, S/MIME, IPsec). A common
objective is to provide the same level of privacy as terrestrial
links. This document defines a method to provide mandatory link
encryption at the ULE level. The method may also support optional
link level integrity / authentication of the SNDU payload plus
protection against replay attacks. This is provided in a flexible
way using a new ULE Mandatory Extension Header for security. This
decouples specification of the security functions from the
encapsulation functions. This method also supports encryption of
the NPA addresses. The encryption and integrity algorithms are
similar to the ones used in IPsec/MSEC protocols.
8. IANA Considerations
The S-ULE header is defined in the IANA maintained Next-Header
Registry for ULE and has the value xxS-ULExx
9. Acknowledgments
The authors acknowledge the help and advice from Gorry Fairhurst
(University of Aberdeen), L. Duquerroy (Alcatel Alenia Space)
Stephane Coombes (ESA) and Yim Fun Hu (University of Bradford) in
the preparation of this document.
10. References
10.1. Normative References
[1] ISO/IEC DIS 13818-1, "Information technology - Generic
codeing of moving pictures and associated audio information
Cruickshank et. al. Expires January 13, 2009 [Page 13]
�
Internet-Draft Security Extension for ULE July 2008
- Part1: Systems", International Standards Organisation
(ISO)
[2] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997.
[3] Fairhurst, G. and B. Collini-Nocker, "Unidirectional
Lightweight Encapsulation (ULE) for Transmission of IP
Datagrams over an MPEG-2 Transport Streams", RFC 4326,
December 2005.
[4] H. Cruickshank, S. Iyengar and P. Pillai, "Security
requirements for the Unidirectional Lightweight
Encapsulation (ULE) protocol", draft-ietf-ipdvb-sec-req-
07.txt, June 17, 2008.
10.2. Informative References
[5] "Digital Video Broadcasting (DVB): DVB Specifications for
Data Broadcasting", ETSI EN 301 192 v1.3.1, 2003.
[6] "Digital Video Broadcasting (DVB): Interaction Channel for
satellite distribution systems", ETSI EN 301 790 v1.4.1,
2005.
[7] Harney, H., Meth, U., Colegrove, A., and G. Gross, "GSAKMP:
Group Secure Association Key Management Protocol", RFC
4535, June 2006.
[8] S. Kent and K. Seo, "Security Architecture for the Internet
Protocol", RFC 4301, December 2005.
[9] Baugher, M., Weis, B., Hardjono, T., and H. Harney, "The
Group Domain of Interpretation", RFC 3547, July 2003.
[10] Montpetit, M., Fairhurst, G., Clausen, H., Collini-Nocker,
B., and H. Linder, "A Framework for Transmission of IP
Datagrams over MPEG-2 Networks", RFC 4259, November 2005.
[11] http://www.ietf.org/html.charters/tls-charter.html
[12] National Institute of Standards and Technology, "Data
encryption Standard (DES)", Federal Information Processing
Standard (FIPS) Publication, FIPS PUB 46-3, October 1999.
11. Author's Addresses
Cruickshank et. al. Expires January 13, 2009 [Page 14]
�
Internet-Draft Security Extension for ULE July 2008
Haitham Cruickshank
Centre for Communications System Research (CCSR)
University of Surrey
Guildford, Surrey, GU2 7XH
UK
Email: h.cruickshank@surrey.ac.uk
Prashant Pillai
Mobile and Satellite Communications Research Centre (MSCRC)
School of Engineering, Design and Technology
University of Bradford
Richmond Road, Bradford BD7 1DP
UK
Email: p.pillai@bradford.ac.uk
Sunil Iyengar
Space & Defence
Logica
Springfield Drive
Leatherhead
Surrey KT22 7LP
UK
Email: sunil.iyengar@logica.com
12. IPR Notices
Copyright (c) The IETF Trust (2008).
12.1. Intellectual Property Statement
Full Copyright Statement
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
This document and the information contained herein are provided
on an "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE
REPRESENTS OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE
IETF TRUST AND THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL
WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY
WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE
ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR
FITNESS FOR A PARTICULAR PURPOSE.
Cruickshank et. al. Expires January 13, 2009 [Page 15]
�
Internet-Draft Security Extension for ULE July 2008
12.2. Intellectual Property
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be
claimed to pertain to the implementation or use of the technology
described in this document or the extent to which any license
under such rights might or might not be available; nor does it
represent that it has made any independent effort to identify any
such rights. Information on the procedures with respect to
rights in RFC documents can be found in BCP 78 and BCP 79.
Copies of IPR disclosures made to the IETF Secretariat and any
assurances of licenses to be made available, or the result of an
attempt made to obtain a general license or permission for the
use of such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR
repository at http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention
any copyrights, patents or patent applications, or other
proprietary rights that may cover technology that may be required
to implement this standard. Please address the information to
the IETF at ietf-ipr@ietf.org.
13. Copyright Statement
Copyright (C) The IETF Trust (2008).
This document is subject to the rights, licenses and restrictions
contained in BCP 78, and except as set forth therein, the authors
retain all their rights.
Cruickshank et. al. Expires January 13, 2009 [Page 16]
�