Network Working Group R. Housley
Request for Comments: 3378 RSA Laboratories
Category: Informational S. Hollenbeck
VeriSign, Inc.
September 2002
Network Working Group R. Housley
Request for Comments: 3378 RSA Laboratories
Category: Informational S. Hollenbeck
VeriSign, Inc.
September 2002
EtherIP: Tunneling Ethernet Frames in IP Datagrams
EtherIP:IP数据报中的隧道以太网帧
Status of this Memo
本备忘录的状况
This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.
本备忘录为互联网社区提供信息。它没有规定任何类型的互联网标准。本备忘录的分发不受限制。
Abstract
摘要
This document describes the EtherIP, an early tunneling protocol, to provide informational and historical context for the assignment of IP protocol 97. EtherIP tunnels Ethernet and IEEE 802.3 media access control frames in IP datagrams so that non-IP traffic can traverse an IP internet. The protocol is very lightweight, and it does not provide protection against infinite loops.
本文档介绍EtherIP,一种早期隧道协议,为IP协议97的分配提供信息和历史背景。EtherIP在IP数据报中隧道以太网和IEEE 802.3媒体访问控制帧,以便非IP流量可以通过IP internet。该协议非常轻量级,并且不提供针对无限循环的保护。
EtherIP was first designed and developed in 1991. This document was written to document the protocol for informational purposes and to provide historical context for the assignment of IP protocol 97 by IANA.
EtherIP于1991年首次设计和开发。本文件旨在记录协议以供参考,并为IANA分配IP协议97提供历史背景。
The IETF Layer Two Tunneling Protocol Extensions (L2TPEXT) Working Group and IETF Pseudo Wire Emulation Edge-to-Edge (PWE3) Working Group are developing protocols that overcome the deficiencies of EtherIP. In general, the standards track protocols produced by these IETF working groups should be used instead of EtherIP.
IETF第二层隧道协议扩展(L2TPEXT)工作组和IETF伪线仿真边到边(PWE3)工作组正在开发克服EtherIP缺陷的协议。一般来说,应该使用这些IETF工作组制定的标准跟踪协议,而不是EtherIP。
The EtherIP protocol is used to tunnel Ethernet [DIX] and IEEE 802.3 [CSMA/CD] media access control (MAC) frames (including IEEE 802.1Q [VLAN] datagrams) across an IP internet. Tunneling is usually performed when the layer three protocol carried in the MAC frames is not IP or when encryption obscures the layer three protocol control information needed for routing. EtherIP may be implemented in an end station to enable tunneling for that single station, or it may be implemented in a bridge-like station to enable tunneling for multiple stations connected to a particular local area network (LAN) segment.
EtherIP协议用于在IP互联网上传输以太网[DIX]和IEEE 802.3[CSMA/CD]媒体访问控制(MAC)帧(包括IEEE 802.1Q[VLAN]数据报)。隧道通常在MAC帧中承载的第三层协议不是IP或加密掩盖路由所需的第三层协议控制信息时执行。EtherIP可以在终端站中实现,以便为单个站启用隧道,也可以在桥形站中实现,以便为连接到特定局域网(LAN)段的多个站启用隧道。
EtherIP may be used to enable communications between stations that implement Ethernet or IEEE 802.3 with a layer three protocol other than IP. For example, two stations connected to different Ethernet LANs using the Xerox Network Systems Internetwork Datagram Protocol (IDP) [XNS] could employ EtherIP to enable communications across the Internet.
EtherIP可用于实现采用除IP以外的第三层协议的以太网或IEEE 802.3的站点之间的通信。例如,使用施乐网络系统网络间数据报协议(IDP)[XNS]连接到不同以太网LAN的两个站点可以使用EtherIP实现跨Internet的通信。
EtherIP may be used to enable communications between stations that encrypt the Ethernet or IEEE 802.3 payload. Regardless of the layer three protocol used, encryption obscures the layer three protocol control information, making routing impossible. For example, two stations connected to different Ethernet LANs using IEEE 802.10b [SDE] could employ EtherIP to enable encrypted communications across the Internet.
EtherIP可用于启用加密以太网或IEEE 802.3有效载荷的站点之间的通信。无论使用哪种第三层协议,加密都会掩盖第三层协议控制信息,从而使路由无法进行。例如,使用IEEE 802.10b[SDE]连接到不同以太网LAN的两个站点可以使用EtherIP来实现Internet上的加密通信。
EtherIP may be implemented in a single station to provide tunneling of Ethernet or IEEE 802.3 frames for either of the reasons stated above. Such implementations require processing rules to determine which MAC frames to tunnel and which MAC frames to ignore. Most often, these processing rules are based on the destination address or the EtherType.
出于上述任一原因,以太网IP可在单个站点中实现,以提供以太网或IEEE 802.3帧的隧道传输。这样的实现需要处理规则来确定哪些MAC帧要通过隧道传输,哪些MAC帧要忽略。通常,这些处理规则基于目标地址或以太网类型。
EtherIP may be implemented in a bridge-like station to provide tunneling services for all stations connected to a particular LAN segment. Such implementations promiscuously listen to all of the traffic on the LAN segment, then apply processing rules to determine which MAC frames to tunnel and which MAC frames to ignore. MAC frames that require tunneling are encapsulated with EtherIP and IP, then transmitted to the local IP router for delivery to the bridge-like station serving the remote LAN. Most often, these processing rules are based on the source address, the destination address, or the EtherType. Care in establishing these rules must be exercised to ensure that the same MAC frame does not get transmitted endlessly between several bridge-like stations, especially when broadcast or multicast destination MAC addresses are used as selection criteria. Infinite loops can result if the topology is not restricted to a tree, but the construction of the tree is left to the human that is configuring the bridge-like stations.
EtherIP可以在桥形站点中实现,为连接到特定LAN段的所有站点提供隧道服务。这种实现杂乱无章地侦听LAN段上的所有通信量,然后应用处理规则来确定要隧道的MAC帧和要忽略的MAC帧。需要隧道传输的MAC帧用EtherIP和IP封装,然后传输到本地IP路由器,以传送到为远程LAN服务的网桥式站点。通常,这些处理规则基于源地址、目标地址或以太网类型。在建立这些规则时必须小心,以确保相同的MAC帧不会在多个类似网桥的站点之间无休止地传输,特别是当广播或多播目的地MAC地址用作选择标准时。如果拓扑不局限于树,但树的构造留给配置桥形站点的人员,则会产生无限循环。
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].
本文件中的关键词“必须”、“不得”、“必需”、“应”、“不应”、“应”、“不应”、“建议”、“可”和“可选”应按照[RFC2119]中所述进行解释。
EtherIP segments are sent and received as internet datagrams. An Internet Protocol (IP) header carries several information fields, including an identifier for the next level protocol. An EtherIP header follows the internet header, providing information specific to the EtherIP protocol.
以太IP段作为internet数据报发送和接收。Internet协议(IP)头包含多个信息字段,包括下一级协议的标识符。EtherIP报头跟随internet报头,提供特定于EtherIP协议的信息。
Internet Protocol version 4 (IPv4) [RFC791] defines an 8-bit field called "Protocol" to identify the next level protocol. The value of this field MUST be set to 97 decimal (141 octal, 61 hex) to identify an EtherIP datagram.
Internet协议版本4(IPv4)[RFC791]定义了一个名为“协议”的8位字段,用于标识下一级协议。此字段的值必须设置为97十进制(141八进制,61十六进制),以标识EtherIP数据报。
EtherIP datagrams contain a 16-bit header and a variable-length encapsulated Ethernet or IEEE 802.3 frame that immediately follows IP fields.
EtherIP数据报包含一个16位报头和一个紧跟在IP字段后面的可变长度封装以太网或IEEE 802.3帧。
+-----------------------+-----------------------------+
| | | |
| IP | EtherIP Header | Encapsulated Ethernet Frame |
| | | |
+-----------------------+-----------------------------+
+-----------------------+-----------------------------+
| | | |
| IP | EtherIP Header | Encapsulated Ethernet Frame |
| | | |
+-----------------------+-----------------------------+
Figure 1: EtherIP Datagram Description
图1:EtherIP数据报描述
The 16-bit EtherIP header field consists of two parts: a 4-bit version field that identifies the EtherIP protocol version and a 12-bit field reserved for future use. The value of the version field MUST be 3 (three, '0011' binary). The value of the reserved field MUST be 0 (zero). Earlier versions of this protocol used an 8-bit header field. The Xerox Ethernet Tunnel (XET) employed the 8-bit header. The 16-bit header field provides memory alignment advantages in some implementation environments.
16位EtherIP标头字段由两部分组成:一个用于标识EtherIP协议版本的4位版本字段和一个保留供将来使用的12位字段。版本字段的值必须为3(三个“0011”二进制)。保留字段的值必须为0(零)。此协议的早期版本使用8位头字段。施乐以太网隧道(XET)采用8位报头。16位标头字段在某些实现环境中提供内存对齐优势。
In summary, the EtherIP Header has two fields:
总之,EtherIP标头有两个字段:
Bits 0-3: Protocol version Bits 4-15: Reserved for future use
位0-3:协议版本位4-15:保留供将来使用
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
| | |
| VERSION | RESERVED |
| | |
+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
| | |
| VERSION | RESERVED |
| | |
+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+---+
Figure 2: EtherIP Header Format (in bits)
图2:EtherIP头格式(以位为单位)
The encapsulated Ethernet frame field contains a complete Ethernet or IEEE 802.3 frame of any type less the frame check sequence (FCS) value. The IP checksum does not provide integrity protection for the Ethernet/IEEE 802.3 frame, so some higher-layer protocol encapsulated by the Ethernet/IEEE 802.3 frame is expected to provide the integrity protection.
封装以太网帧字段包含任何类型的完整以太网或IEEE 802.3帧,减去帧检查序列(FCS)值。IP校验和不为Ethernet/IEEE 802.3帧提供完整性保护,因此Ethernet/IEEE 802.3帧封装的一些更高层协议有望提供完整性保护。
This section describes the processing to encapsulate an Ethernet or IEEE 802.3 MAC frame in an EtherIP datagram. First, the implementation determines whether the MAC frame requires tunneling. Then, if tunneling is required, the MAC frame is processed according to the steps provided in this section. Stations processing VLAN datagrams MAY need to examine the VLAN header to make appropriate tunneling decisions.
本节描述将以太网或IEEE 802.3 MAC帧封装在EtherIP数据报中的处理。首先,实现确定MAC帧是否需要隧道。然后,如果需要隧道,则根据本节中提供的步骤处理MAC帧。处理VLAN数据报的站点可能需要检查VLAN报头以做出适当的隧道决策。
An end station that implements EtherIP may tunnel some traffic, but not all traffic. Thus, the first step in processing a MAC frame is to determine if the frame needs to be tunneled or not. If the recipient station is connected to the same LAN as the source station, then tunneling is not needed. If the network connecting the stations can route the layer three protocol, then tunneling is not needed. Other environment specific criteria MAY also be applied. If tunneling is not needed, skip all EtherIP processing and perform normal data link layer processing to transmit the MAC frame. Otherwise, follow the steps described below.
实现EtherIP的终端站可能会通过隧道传输一些流量,但不是所有流量。因此,处理MAC帧的第一步是确定帧是否需要进行隧道传输。如果接收站与源站连接到同一LAN,则不需要隧道。如果连接站点的网络可以路由第三层协议,则不需要隧道。也可采用其他特定于环境的标准。如果不需要隧道,则跳过所有EtherIP处理并执行正常的数据链路层处理以传输MAC帧。否则,请按照下面描述的步骤操作。
A bridge-like station promiscuously listens to all of the MAC frames on the LAN. Each MAC frame read from the LAN is examined to determine if it needs to be tunneled. If the recipient station is connected to the same LAN as the source station, then tunneling is not needed. If the destination MAC address is a router serving the LAN, then tunneling is not needed. Other environment specific criteria MAY also be applied. If tunneling is not needed, then discard the MAC frame. Otherwise, follow the steps described below.
一个类似网桥的站点杂乱无章地监听局域网上的所有MAC帧。检查从LAN读取的每个MAC帧,以确定是否需要对其进行隧道传输。如果接收站与源站连接到同一LAN,则不需要隧道。如果目标MAC地址是为LAN服务的路由器,则不需要隧道。也可采用其他特定于环境的标准。如果不需要隧道,则丢弃MAC帧。否则,请按照下面描述的步骤操作。
The EtherIP encapsulation process is as follows:
EtherIP封装过程如下所示:
1. Prepend the 16-bit EtherIP header to the MAC frame. The EtherIP Version field MUST be set to 3 (three), and the EtherIP Reserved field MUST be set to 0 (zero). The MAC frame MUST NOT include the FCS.
1. 将16位EtherIP头前置到MAC帧。EtherIP版本字段必须设置为3(三),EtherIP保留字段必须设置为0(零)。MAC帧不得包括FCS。
2. Determine the destination IP address of the remote EtherIP station. This address is usually determined from the destination MAC address.
2. 确定远程EtherIP站的目标IP地址。此地址通常由目标MAC地址确定。
3. Encapsulate the EtherIP datagram in an IP datagram with the destination IP address determined in the previous step, and the IPv4 Protocol field MUST be set to 97 (decimal).
3. 将EtherIP数据报封装在IP数据报中,目标IP地址在上一步中确定,IPv4协议字段必须设置为97(十进制)。
4. Transmit the resulting IP datagram to the remote EtherIP station via the IP router serving the LAN.
4. 通过为LAN提供服务的IP路由器将生成的IP数据报传输到远程EtherIP站。
This section describes the processing to decapsulate an Ethernet or IEEE 802.3 MAC frame from an EtherIP datagram.
本节描述从EtherIP数据报中解除以太网或IEEE 802.3 MAC帧封装的处理。
Since a bridge-like station promiscuously listens to all of the MAC frames on the LAN, it may need to separate the MAC frames that encapsulate IP datagrams addressed to it from MAC frames that are candidates for decapsulation. The process for identifying MAC frames that are candidates for decapsulation is as follows:
由于网桥式站点杂乱无章地侦听LAN上的所有MAC帧,因此可能需要将封装发往它的IP数据报的MAC帧与候选解封装的MAC帧分开。用于识别作为脱封候选的MAC帧的过程如下:
1. Perform normal data link layer processing to receive a suspected EtherIP datagram.
1. 执行正常的数据链路层处理以接收可疑的EtherIP数据报。
2. If the recipient station is connected to the same LAN as the source station, then ignore the frame. In most environments, frames with a source MAC address other than the IP router serving the LAN are ignored.
2. 如果接收站与源站连接到同一LAN,则忽略该帧。在大多数环境中,源MAC地址不是为LAN服务的IP路由器的帧被忽略。
3. If the network connecting the stations can route the layer three protocol, then decapsulation is not needed, and the frame is ignored.
3. 如果连接站点的网络可以路由第三层协议,则不需要解除封装,帧将被忽略。
4. Ignore frames that do not contain an IP datagram.
4. 忽略不包含IP数据报的帧。
5. Examine the IPv4 protocol field to confirm that the value of the field is 97 (decimal). If not, ignore the frame.
5. 检查IPv4协议字段以确认该字段的值为97(十进制)。如果不是,则忽略该帧。
Other environment specific criteria MAY also be applied.
也可采用其他特定于环境的标准。
Upon reception of an IPv4 datagram with the Protocol field set to 97 (decimal), the MAC frame is processed as follows:
在接收到协议字段设置为97(十进制)的IPv4数据报时,MAC帧的处理如下:
1. Examine the 16-bit EtherIP header. Confirm that the value of the version field is 3 (three), and that the value of the Reserved field is 0 (zero). Frames with other values MUST be discarded.
1. 检查16位以太网IP报头。确认版本字段的值为3(三),保留字段的值为0(零)。必须丢弃具有其他值的帧。
2. Extract the encapsulated MAC frame from the EtherIP datagram. Note that the extracted frame MUST NOT include a FCS value.
2. 从EtherIP数据报中提取封装的MAC帧。请注意,提取的帧不得包含FCS值。
3. Perform normal data link layer processing to transmit the extracted MAC frame to the destination station on the LAN. The FCS MUST be calculated and appended to the frame as part of the data link layer transmission processing.
3. 执行正常的数据链路层处理,将提取的MAC帧发送到LAN上的目标站。作为数据链路层传输处理的一部分,必须计算FCS并将其附加到帧中。
IANA has assigned IP protocol value 97 (decimal) for EtherIP. No further action or review is required.
IANA为EtherIP分配了IP协议值97(十进制)。无需采取进一步行动或审查。
EtherIP can be used to enable the transfer of encrypted Ethernet or IEEE 802.3 frame payloads. In this regard, EtherIP can improve security. However, if a firewall permits EtherIP traffic to pass in and out of a protected enclave, arbitrary communications are enabled. Therefore, if a firewall is configured to permit communication using EtherIP, then additional checking of each frame is probably necessary to ensure that the security policy that the firewall is installed to enforce is not violated.
EtherIP可用于传输加密以太网或IEEE 802.3帧有效载荷。在这方面,以太网IP可以提高安全性。但是,如果防火墙允许EtherIP通信进出受保护的飞地,则会启用任意通信。因此,如果防火墙配置为允许使用EtherIP进行通信,则可能需要对每个帧进行额外检查,以确保不违反安装防火墙以强制执行的安全策略。
Further, the addition of EtherIP can expose a particular environment to additional security threats. Assumptions that might be appropriate when all communicating nodes are attached to one Ethernet segment or switch may no longer hold when nodes are attached to different Ethernet segments or switches are bridged together with EtherIP. It is outside the scope of this specification, which documents an existing practice, to fully analyze and review the risks of Ethernet tunneling. The IETF Pseudo-wire Emulation Working Group is doing work in this area, and this group is expected to provide information about general layering as well as specific Ethernet over IP documents. An example should make the concern clear. A number of IETF standards employ relatively weak security mechanisms when communicating nodes are expected to be connected to the same local area network. The Virtual Router Redundancy Protocol [RFC2338] is one instance. The relatively weak security mechanisms represent a greater vulnerability in an emulated Ethernet. One solution is to protect the IP datagrams that carry EtherIP with IPsec [RFC2401].
此外,EtherIP的添加可能会使特定环境面临额外的安全威胁。当所有通信节点连接到一个以太网段或交换机时,当节点连接到不同的以太网段或交换机与EtherIP桥接在一起时,可能适用的假设可能不再成立。全面分析和审查以太网隧道的风险不在本规范的范围内,本规范记录了一项现有实践。IETF伪线仿真工作组正在这方面开展工作,预计该工作组将提供有关一般分层以及特定IP以太网文档的信息。举一个例子可以清楚地说明问题。当通信节点预期连接到同一局域网时,许多IETF标准采用相对较弱的安全机制。虚拟路由器冗余协议[RFC2338]就是一个例子。相对较弱的安全机制代表了模拟以太网中更大的漏洞。一种解决方案是使用IPsec[RFC2401]保护承载EtherIP的IP数据报。
The IETF Pseudo-wire Emulation Working Group may document other security mechanisms as well.
IETF伪线仿真工作组也可以记录其他安全机制。
This document describes a protocol that was originally designed and implemented by Xerox Special Information Systems in 1991 and 1992. An earlier version of the protocol was provided as part of the Xerox Ethernet Tunnel (XET).
本文件描述了施乐特殊信息系统在1991年和1992年最初设计和实施的协议。该协议的早期版本是作为Xerox以太网隧道(XET)的一部分提供的。
[CSMA/CD] Institute of Electrical and Electronics Engineers: "Carrier Sense Multiple Access with Collision Detection (CSMA/CD) Access Method and Physical Layer Specifications", ANSI/IEEE Std 802.3-1985, 1985.
[CSMA/CD]电气和电子工程师协会:“带冲突检测的载波侦听多址接入(CSMA/CD)接入方法和物理层规范”,ANSI/IEEE标准802.3-1985,1985。
[DIX] Digital Equipment Corporation, Intel Corporation, and Xerox Corporation: "The Ethernet -- A Local Area Network: Data Link Layer and Physical Layer (Version 2.0)", November 1982.
[DIX]数字设备公司、英特尔公司和施乐公司:“以太网——局域网:数据链路层和物理层(2.0版)”,1982年11月。
[RFC791] Postel, J., "Internet Protocol", STD 5, RFC 791, September 1981.
[RFC791]Postel,J.,“互联网协议”,标准5,RFC7911981年9月。
[RFC2119] Bradner, S., "Key Words for Use in RFCs to Indicate Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC2119]Bradner,S.,“RFC中用于表示需求水平的关键词”,BCP 14,RFC 2119,1997年3月。
[RFC2338] Knight, S., Weaver, D., Whipple, D., Hinden, R., Mitzel, D., Hunt, P., Higginson, P., Shand, M. and A. Lindem, "Virtual Router Redundancy Protocol", RFC 2338, April 1998.
[RFC2338]奈特,S.,韦弗,D.,惠普尔,D.,辛登,R.,米特泽尔,D.,亨特,P.,希金森,P.,尚德,M.和A.林登,“虚拟路由器冗余协议”,RFC 2338,1998年4月。
[RFC2401] Kent, S. and R. Atkinson, "Security Architecture for the Internet Protocol", RFC 2401, November 1998.
[RFC2401]Kent,S.和R.Atkinson,“互联网协议的安全架构”,RFC 2401,1998年11月。
[SDE] Institute of Electrical and Electronics Engineers: "Interoperable LAN/MAN Security (SILS) Secure Data Exchange (SDE) (Clause 2)", IEEE Std 802.10b-1992, 1992.
[SDE]电气和电子工程师协会:“互操作局域网/城域网安全(SILS)安全数据交换(SDE)(第2条)”,IEEE标准802.10b-1992,1992年。
[XNS] Xerox Corporation: "Internet Transport Protocols", XSIS 028112, December 1981.
[XNS]施乐公司:“互联网传输协议”,XSIS 028112,1981年12月。
[VLAN] Institute of Electrical and Electronics Engineers: "IEEE Standard for Local and Metropolitan Area Networks: Virtual Bridge Local Area Networks", ANSI/IEEE Std 802.1Q-1998, 1998.
[VLAN]电气和电子工程师协会:“局域网和城域网的IEEE标准:虚拟网桥局域网”,ANSI/IEEE标准802.1Q-1998,1998。
Russell Housley RSA Laboratories 918 Spring Knoll Drive Herndon, VA 20170 USA
美国弗吉尼亚州赫恩登斯普林诺尔大道918号拉塞尔·霍斯利RSA实验室,邮编:20170
EMail: rhousley@rsasecurity.com
EMail: rhousley@rsasecurity.com
Scott Hollenbeck VeriSign, Inc. 21345 Ridgetop Circle Dulles, VA 20166-6503 USA
Scott Hollenbeck VeriSign,Inc.美国弗吉尼亚州杜勒斯Ridgetop Circle 21345,邮编20166-6503
EMail: shollenbeck@verisign.com
EMail: shollenbeck@verisign.com
Copyright (C) The Internet Society (2002). All Rights Reserved.
版权所有(C)互联网协会(2002年)。版权所有。
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.
本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assigns.
上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。
This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Acknowledgement
确认
Funding for the RFC Editor function is currently provided by the Internet Society.
RFC编辑功能的资金目前由互联网协会提供。