H. 323 Software ip interface Requirements / Feature Specifications compas id 143543 Issue 4 June 02, 2014 John W. Soltes (retired)

5.2 Security and Privacy

DHCP (RFC 2131 [7.3-20d], see also 96x1H-IPI.5.1.600) includes the following text on security considerations:

DHCP is built directly on UDP and IP which are as yet inherently insecure. Furthermore, DHCP is generally intended to make maintenance of remote and/or diskless hosts easier. While perhaps not impossible, configuring such hosts with passwords or keys may be difficult and inconvenient. Therefore, DHCP in its current form is quite insecure.

Unauthorized DHCP servers may be easily set up. Such servers can then send false and potentially disruptive information to clients such as incorrect or duplicate IP addresses, incorrect routing information (including spoof routers, etc.), incorrect domain nameserver addresses (such as spoof nameservers), and so on. Clearly, once this seed information is in place, an attacker can further compromise affected systems.

Malicious DHCP clients could masquerade as legitimate clients and retrieve information intended for those legitimate clients. Where dynamic allocation of resources is used, a malicious client could claim all resources for itself, thereby denying resources to legitimate clients.

HTTP (RFC 2616 [7.3-23b], see also 96x1H-IPI.5.1.1400) describes security considerations in Section 15 (pp.150-156).

TLS (RFC 2246 [7.3-26b], see also 96x1H-IPI.5.1.1500) is supported for authenticated download of configuration files.

Requirements for Internet Hosts – Communication Layers (RFC 1122 [7.3-3a]) includes the following text on security considerations:

There are many security issues in the communication layers of host software, but a full discussion is beyond the scope of this RFC.

The Internet architecture generally provides little protection against spoofing of IP source addresses, so any security mechanism that is based upon verifying the IP source address of a datagram should be treated with suspicion. However, in restricted environments some source-address checking may be possible. For example, there might be a secure LAN whose gateway to the rest of the Internet discarded any incoming datagram with a source address that spoofed the LAN address. In this case, a host on the LAN could use the source address to test for local vs. remote source. This problem is complicated by source routing, and some have suggested that source-routed datagram forwarding by hosts should be outlawed for security reasons.

6.0 ACKNOWLEDGEMENTS

7.0 REFERENCES

The following is a categorized list of all referenced documents. Those preceded by an asterisk are referenced in the body of a requirement / specification in this document.

7.1 Avaya Documents

[7.1-1a]	96x1 Hardware Devices PRD, by Jamie Lawson, Issue 1.0, COMPAS ID 142620.
[7.1-1b]	9600 IP Deskphone H.323 Software, Version 6.2 Endpoints and Video Solutions Product Requirements Document, by Oliver Bengtsson, COMPAS ID 153014.
[7.1-1c]	96x1 IP Deskphone H.323 Software, Release “Banff” / 6.3 Endpoints Product Requirements Document, by Oliver Bengtsson, COMPAS ID 155225.
* [7.1-2]	96x1 Telephones Hardware R/FS, by Gerhard Hickler, COMPAS ID 143557.
[7.1-3a]	9608/9611/BM12 User Interface Design Description, by Christian Tenberg, COMPAD ID 143566.
[7.1-3b]	9621/9641 User Interface Design Description, by Christian Tenberg, COMPAS ID 142962.
[7.1-3c]	96x1 Button-Oriented Phones User Interface Design Description, by Christian Tenberg, COMPAS ID 146702.
[7.1-3d]	96x1 Touchscreen Phone User Interface Design Description, by Christian Tenberg, COMPAS ID 146703.
* [7.1-4]	96x1 Telephones Common Operations R/FS, by Rob Mitchell, COMPAS ID 143547.
[7.1-5]	96x1 Telephones Local Applications R/FS, by Rob Mitchell, COMPAS ID 143548.
[7.1-6]	96x1 Telephones H.323 Telephony R/FS, by Rob Mitchell, COMPAS ID 143549.
[7.1-7]	96x1 Telephones Push R/FS, by John Soltes, COMPAS ID 143837.
[7.1-8]	96x1 Telephones WML Browser R/FS, by John Soltes, COMPAS ID 143836.
[7.1-9]	Avaya Call Processing (ACP) Single Connect IP Terminal Platform Protocol Specification, by Rob Mitchell, COMPAS ID 77121.
[7.1-10]	96x1 Telephones Software Distribution Package R/FS, by John Soltes, COMPAS ID 143545.
* [7.1-11]	Audio Platform Quality Requirements, Issue 7.1, April 27, 2007, by John Jetzt, COMPAS ID 55630.
[7.1-12]	Congestion Characteristics of DHCP and TFTP, August 25, 1999, by Mark Wildie, Julian Orbach and Luke Tucker, COMPAS ID 75210.
* [7.1-13]	Avaya RTCP Requirements (with RTP-MIB Additions), Issue 3.1, April 16, 2010, by Matthew Chandler, Russ Barnes and Muneyb Minhazuddin, COMPAS ID 93608.
[7.1-14a]	Avaya GCS CTO Organization Performance Monitoring Instrumentation Specification, Version 1.1, March 23, 2007, COMPAS ID 120310
[7.1-14b]	QOS Monitoring (QView) RFS, Issue 1.7, January 22, 2002, by Karen Barrett, Luke Tucker and Anwar Siddiqui, COMPAS ID 82615.
[7.1-15]	VoIP Call Admission Control in Avaya Call Processing Platform using RSVP, July 3, 2001, by Anwar Siddiqui and Luke Tucker, COMPAS ID 83198.
[7.1-16g]	Internal Standard Blueprint: CEC-002 - Remote Access, COMPAS ID 147576.
[7.1-16h]	Internal Standard Blueprint: CEC-004 - Logging, COMPAS ID 147585.
[7.1-16i]	Internal Standard Blueprint: CEC-006 - SNMP, COMPAS ID 146989.
[7.1-16j]	Internal Standard Blueprint: CEC-007 – Installation & Update, COMPAS ID 148174.
[7.1-16k]	Internal Standard Blueprint: CEC-009 - Fault Isolation & Diagnosis, COMPAS ID 148172.
[7.1-16l]	Internal Standard Blueprint: CEC-010 - Performance Management, COMPAS ID 148171.
[7.1-16m]	Internal Standard Blueprint: CEC-015 - Authentication, Authorization & Single Sign-on, COMPAS ID 147873.
[7.1-16n]	Internal Standard Blueprint: CEC-016 - Trust and Certificate Management, COMPAS ID 147434.
[7.1-16o]	Internal Standard Blueprint: CEC-017 - Encryption, COMPAS ID 147513.
[7.1-16p]	Internal Standard Blueprint: CEC-018 - Firewall & Denial of Service, COMPAS ID 147049.
[7.1-16q]	Internal Standard Blueprint: CEC-019 - Operating System Hardening, COMPAS ID 147849.
[7.1-17a]	Coding for Resiliency against Denial of Service (DoS) Attacks, Issue 1.1, May 2002, by Sung Moon, COMPAS ID 92261.
[7.1-17b]	Defensive Designs and Discard Strategies Against Denial of Service Flooding and Fragmentation Attacks, by Sung Moon, http://info.dr.avaya.com/defty/ces-sec/discard_stgy_DoS.htm
[7.1-18]	Requirements for AES Media Encryption, Issue 1.0, March 6, 2003, by Bob Gilman, Bob Serkowski and Mark Wutzke, COMPAS ID 96151.
[7.1-19a]	Requirements for Secure Download from the Avaya Web, Issue 1.0, by Bob Serkowski, COMPAS ID 93833.
[7.1-19b]	SRAD 6458: CM Server and Download Certificates, Issue 1.0, by Bob Serkowski, COMPAS ID 99734.
[7.1-19c]	Avaya Product Certificate Authority Certificate Policy and Practice Statement (CP/CPS), working issue, by Rick Robinson, COMPAS ID 99760.
[7.1-22a]	System Requirements and Architecture Document: Chatter System – Master SRAD, Issue 3.06, February 17, 2005, by Steve Ellis, COMPAS ID 102893.
*[7.1-22b]	System Requirements and Architecture Document: Chatter Test Plug, Issue 3.1, February 1, 2005, by Steve Ellis, Karen Barrett and Neil Hepworth, COMPAS ID 101605.
[7.1-22c]	Avaya CNA Test Plug: Software Design, by Mark Wildie, Issue 1.1, 28 September 2004, COMPAS ID 105150.
[7.1-23]	Converged Systems Division (CSD) Joint Requirements Document: Authentication and Discovery Architecture and Strategy, Draft Issue 0.5, October 15, 2004, by Ran Ish-Shalom and Mahalingam Mani, COMPAS ID 106401.
[7.1-24]	GCS Certificate Infrastructure Product Requirements Document, Draft Issue 0.4, February 24, 2005 (although the document says January 8, 2005), by David Ahrens, COMPAS ID 108657.
*[7.1-25]	Avaya and Extreme Networks Interoperability: LLDP Interoperability and Extensions, Version 1.17, November 13, 2005.
[7.1-26]	Systems Requirements and Architecture Document (SRAD): SRTP on CM and Media Gateways, by Amit Agarwal, Bob Gilman, Lincy Scaria and Andy Zmolek, COMPAS ID 114855.
[7.1-27]	IP Telephone Serviceability Platform Quality Requirements, COMPAS ID 133082.
[7.1-28]	IP Telephone VPN Client R/FS, Issue 1.4, April 20, 2007, by Anupam Rai, COMPAS ID 108639.
[7.1-29a]	VPNremote For 46xx Series IP telephone Installation And Deployment Guide, Issue 0.1, June 28, 2006, by Anupam Rai, COMPAS ID 120840.
[7.1-29b]	VPNremote for the 4600 Series IP Telephones Release 2.1 Administrator’s Guide, 19-600753, Issue 3, June 2007.
[7.1-30a]	Configuring Cisco VPN Concentrator to Support Avaya VPNremote Phones, Issue 1.0, December 19, 2006, by the Avaya Solution & Interoperability Test Lab.
[7.1-30b]	Configuring Cisco PIX Security Appliance using Cisco Adaptive Security Device Manager (ASDM) VPN Wizard to Support Avaya VPNremote Phones, Issue 1.0, January 3, 2007, by the Avaya Solution & Interoperability Test Lab.
[7.1-30c]	Configuring the Avaya VPNremote Phone for Certificate Authentication using the Cisco Adaptive Security Appliance (ASA) and the Microsoft Certificate Authority, Issue 1.0, August 10, 2007, by the Avaya Solution & Interoperability Test Lab.
[7.1-31a]	Interactions Between the SLA Monitor Agent and the SLA Monitor Server, by Jean Meloche, COMPAS ID 148793.
[7.1-31b]	Interactions Between SLA Monitor Agents, by Jean Meloche, COMPAS ID 148794.
[7.1-31c]	SLA Monitor Configuration, by Jean Meloche, COMPAS ID 148795.
[7.1-31d]	SLA Monitor Data, by Jean Meloche, COMPAS ID 148796.
[7.1-31e]	SLA Monitor Ports, by Jean Meloche, COMPAS ID 148797.
[7.1-31f]	SLA Monitor Agent Startup and Registration, by Jean Meloche, COMPAS ID 148798.
[7.1-31g]	SLA Monitor Summary Matrix, by Jean Meloche, COMPAS ID 148801.
[7.1-31h]	SLA Monitor Visualization and Analysis, by Jean Meloche, COMPAS ID 148802.
[7.1-31i]	SLA Monitor Alarming, by Jean Meloche, COMPAS ID 149125.

7.2 Ethernet and ANSI/IEEE/ISO/IEC Documents

[7.2-0a]	The Ethernet - A Local Area Network, Version 1.0, by Digital Equipment Corporation, Intel Corporation and Xerox Corporation, September 1980.
*[7.2-0b]	Ethernet Data Link Layer and Physical Layer Specifications, by Digital Equipment Corporation, document number AA-K759B-TK, November 1982.
*[7.2-1]	IEEE Std 802.3, 2000 Edition, Information technology- Telecommunications and information exchange between systems- Local and metropolitan area networks- Specific requirements- Part 3: Carrier Sense Multiple Access with Collision Detection (CSMA/CD) access method and physical layer specifications.
*[7.2-1a]	Corrections to ISO/IEC 8802-3: 2000 IEEE Std 802.3, 2000 Edition, Issued 1 May 2001.
*[7.2-1b]	IEEE Std 802.3af-2003 IEEE Standard for Information technology- Telecommunications and information exchange between systems- Local and metropolitan area networks- Specific requirements Part 3: Carrier Sense Multiple Access with Collision Detection (CSMA/CD) Access Method and Physical Layer Specifications Amendment: Data Terminal Equipment (DTE) Power via Media Dependent Interface (MDI).
[7.2-2]	International Standard ISO/IEC 8802-2:1998 ANSI/IEEE Std 802.2, 1998 Edition, Information technology- Telecommunications and information exchange between systems- Local and metropolitan area networks- Specific requirements- Part 2: Logical Link Control.
[7.2-3]	ANSI/IEEE Std 802.1B, 1995 edition, Information technology- Telecommunications and information exchange between systems- Local and metropolitan area networks- Common specifications- Part 2: LAN/MAN management.
*[7.2-4]	ISO/IEC 15802-3: 1998 ANSI/IEEE Std 802.1D, 1998 Edition, Information technology- Telecommunications and information exchange between systems- Local and metropolitan area networks- Common specifications- Part 3: Media Access Control (MAC) Bridges.
*[7.2-4a]	IEEE Std 802.1t-2001, IEEE Standard for Information technology- Telecommunications and information exchange between systems- Local and metropolitan area networks- Common specifications- Part 3: Media Access Control (MAC) Bridges- Amendment 1
[7.2-4b]	IEEE Std 802.1w-2001, IEEE Standard for Local and metropolitan area networks- Common specifications- Part 3: Media Access Control (MAC) Bridges- Amendment 2: Rapid Reconfiguration
*[7.2-5]	IEEE Std 802.1H, 1997 Edition, IEEE Standard for Information technology- Telecommunications and information exchange between systems- Local and metropolitan area networks- Technical reports and guidelines- Part 5: Media Access Control (MAC) Bridging of Ethernet V2.0 in Local Area Networks.
*[7.2-6]	IEEE Std 802.1Q-1998, IEEE Standards for Local and Metropolitan Area Networks: Virtual Bridged Local Area Networks.
[7.2-6a]	IEEE Std 802.1u-2001, IEEE Standard for Local and metropolitan area networks- Virtual Bridged Local Area Networks- Amendment 1: Technical and editorial corrections.
[7.2-6b]	IEEE Std 802.1v-2001, IEEE Standard for Local and metropolitan area networks- Virtual Bridged Local Area Networks- Amendment 2: VLAN Classification by Protocol and Port.
[7.2-7a]	IEEE Std 802.1X-2001, IEEE Standard for Local and metropolitan area networks- Port-Based Network Access Control.
*[7.2-7b]	IEEE Std 802.1XTM-2004, IEEE Standard for Local and metropolitan area networks- Port-Based Network Access Control.
[7.2-7c]	IEEE Std 802.1XTM-2010, IEEE Standard for Local and metropolitan area networks- Port-Based Network Access Control.
*[7.2-8a]	IEEE Std 802.1ABTM-2005, IEEE Standard for Local and metropolitan area networks: Station and Media Access Control Connectivity Discovery.
[7.2-8b]	IEEE Std 802.1ABTM-2009, IEEE Standard for Local and metropolitan area networks: Station and Media Access Control Connectivity Discovery.
[7.2-9]	ISO/IEC TR 11802-1, Second edition, 1997-08-15, Information technology- Telecommunications and information exchange between systems- Local and metropolitan area networks- Technical reports and guidelines - Part 1: The structure and coding of Logical Link Control addresses in Local Area Networks.
*[7.2-10]	ANSI X3.4-1986: American National Standard for Information Systems- Coded Character Sets- 7-Bit American National Standard Code for Information Interchange (7-Bit ASCII)
[7.2-11]	ISO 9660:1988 (corrected and reprinted 1988-09-01), Information processing - Volume and file structure of CD-ROM for information interchange.
[7.2-12]	ISO/IEC 9945-1:1996 ANSI/IEEE Std 1003.1, 1996 Edition. Information technology - Portable Operating System Interface (POSIX®) - Part 1: System Application Program Interface (API) [C Language].
*[7.2-13]	ISO/IEC 10646-1:2003 Information technology – Universal Multiple-Octet Coded Character Set (UCS) - Part 1: Architecture and Basic Multilingual Plane

7.3 Internet Engineering Task Force (IETF) Documents

IETF RFCs (Requests For Comments) with numbered “STD” designations are IETF Standard Protocols. In the table below, “DS” designates IETF Draft Standard Protocols, “PS” designates Proposed Standard Protocols, “BCP” designates Best Current Practices, “EP” designates Experimental Protocols, “H” designates Historic Protocols, “I” designates Informational documents and “UNK” designates documents whose status is Unknown. A “-O” designates Obsolete documents.

	BCP 14:		RFC 2119:			Key words for use in RFCs to Indicate Requirement Levels, March 1997, by S. Bradner.
[7.3-1]	STD 1:		RFC 5000:			Internet Official Protocol Standards, May 2008, by RFC Editor.
[7.3-2]	STD 2:		RFC 1700:			Assigned Numbers, October 1994, by J. Reynolds and J. Postel.
*[7.3-3a]	STD 3:		RFC 1122:			Requirements for Internet Hosts - Communication Layers, October 1989, by R. Braden,
*[7.3-3b]	STD 3:		RFC 1123:			Requirements for Internet Hosts - Application and Support, October 1989, by R. Braden.
*[7.3-4a]	STD 5:		RFC 791:			Internet Protocol (IP), September 1981, by Information Sciences Institute, as amended by
*[7.3-4b]	STD 5:		RFC 950:			Internet Standard Subnetting Procedure, August 1985, by J. Mogul and J. Postel;
*[7.3-4c]	STD 5:		RFC 919:			Broadcasting Internet Datagrams, October 1984, by J. Mogul; and
*[7.3-4d]	STD 5:		RFC 922:			Broadcasting Internet Datagrams in the Presence of Subnets, October 1984, by J. Mogul (note that RFC 922 is very similar to RFC 919 and only contains additional requirements for gateways (routers), not hosts (endpoints)).
*[7.3-4e]	STD 5:		RFC 792:			Internet Control Message Protocol, (ICMP), September 1981, by J. Postel.
*[7.3-4f]	STD 5:		RFC 1112:			Host Extensions for IP Multicasting, (IGMP), August 1989, by S. Deering.
*[7.3-4g]			RFC 2113:			IP Router Alert Option, February 1997, by D. Katz.
*[7.3-4h]			RFC 2236:			Internet Group Management Protocol, Version 2, (IGMPv2), November 1997, by W. Fenner.
	Note:		RFC 2113 is required by RFC 2236.
[7.3-4i]	PS		RFC 3376:			Internet Group Management Protocol, Version 3, (IGMPv3), October 2002, by B. Cain, S. Deering, I. Kouvelas, B. Fenner and A. Thyagarajan.
[7.3-4j]	PS		RFC 4604:			Using Internet Group Management Protocol Version 3 (IGMPv3) and Multicast Listener Discovery Protocol Version 2 (MLDv2) for Source-Specific Multicast, August 2006, by H. Holbrook, B. Cain and B. Haberman.
	Note:		RFC 4604 updates RFC 3376, RFC 3376 obsoletes RFC 2236, and RFC 2236 updated RFC 1112.
	Note:		Additional IP and ICMP requirements are given in Section 3 of RFC 1122.
*[7.3-5]	STD 6:		RFC 768:			User Datagram Protocol, (UDP), August 28, 1980, by J. Postel.
	Note:		Additional UDP requirements are given in Section 4.1 of RFC 1122.
*[7.3-6a]	STD 7:		RFC 793:			Transmission Control Protocol, (TCP), September 1981, by Information Sciences Institute.
	Note:		Additional TCP requirements are given in Section 4.2 of RFC 1122.
*[7.3-6b]	UNK		RFC 879:			The TCP Maximum Segment Size and Related Topics, November 1983, by J. Postel.
*[7.3-6c]	DS		RFC 1191:			Path MTU Discovery, November 1990, by J. Mogul and S. Deering.
[7.3-6d]	PS		RFC 1323:			TCP Extensions for High Performance, May 1992, by V. Jacobson, R. Braden, and D. Borman.
*[7.3-6e]	I		RFC 1948:			Defending Against Sequence Number Attacks, May 1996, by S. Bellovin.
*[7.3-6f]	PS		RFC 2581:			TCP Congestion Control, April 1999, by M. Allman, V. Paxson and W. Stevens.
[7.3-6g]	PS		RFC 3390:			Increasing TCP’s Initial Window, October 2002, by M. Allman, S. Floyd and C. Partridge.
[7.3-7a]	STD 8:		RFC 854:			Telnet Protocol Specification, (TELNET), May 1983, by J. Postel and J. Reynolds.
[7.3-7b]	STD 8:		RFC 855:			Telnet Option Specifications, May 1983, by J. Postel and J. Reynolds.
	Note:		Additional TELNET requirements are given in Section 3 of RFC 1123. RFC 854, pp.10-11, defines the NVT (Network Virtual Terminal) character set that is referenced by many other IETF documents.
[7.3-8]	STD 11:		RFC 822:			Standard for the Format of ARPA Internet Text Messages, August 13, 1982, by David H. Crocker.
[7.3-9a]	DS	RFC 1521:				MIME (Multipurpose Internet Mail Extensions) Part One: Mechanisms for Specifying and Describing the Format of Internet Message Bodies, September 1993, by N. Borenstein and N. Freed.
*[7.3-9b]	DS	RFC 2045				Multipurpose Internet Mail Extensions (MIME) Part One: Format of Internet Message Bodies, November 1996, by N. Freed and N. Borenstein.
	Note:	RFC 1521 is referenced by RFC 1945 (HTTP 1.0) for the base64 encoding of basic authentication, but RFC 1521 is obsoleted by RFCs 2045-2049, and RFC 2616 (HTTP 1.1) references RFC 2617 for basic authentication which, in turn, references RFC 2045 for base64 encoding.
[7.3-10]	STD 20:		RFC 862:			Echo Protocol, May 1983, by J. Postel.
*[7.3-11a]	STD 13:		RFC 1034:			Domain Names – Concepts and Facilities (DNS), November 1987, by P. Mockapetris.
*[7.3-11b]	STD 13:		RFC 1035:			Domain Names – Implementation and Specification (DNS), November 1987, by P. Mockapetris.
	Note:		Additional DNS requirements are given in Section 4.1 of RFC 1123.
[7.3-11c]	PS		RFC 2136:			Dynamic Updates in the Domain Name System (DNS UPDATE), April 1997, by P. Vixie, S. Thomson, Y. Rekhter and J. Bound.
[7.3-11d]	PS		RFC 3007:			Secure Domain Name System (DNS) Dynamic Update, November 2000, by B. Wellington.
	Note:		RFC 3007 updates RFCs 2535 and 2136 and obsoletes RFC 2137.
[7.3-11e]	PS		RFC 2181:			Clarifications to the DNS Specification, July 1997, by Robert Elz and Randy Bush.
[7.3-11f]	BCP 17:		RFC 2219:			Use of DNS Aliases for Network Services, October 1997, by Martin Hamilton and Russ Wright.
[7.3-11g]	I		RFC 2276:			Architectural Principles of Uniform Resource Name Resolution, January 1998, by K. Sollins
[7.3-11h]	PS		RFC 2782:			A DNS RR for Specifying the Location of Services, February 2000, by Arnt Gulbrandsen, Paul Vixie and Levon Esibov.
[7.3-11i]	I		RFC 3401:			Dynamic Delegation Discovery System (DDDS) Part One: The Comprehensive DDDS, October 2002, by M. Mealling.
[7.3-11j]	PS		RFC 3402:			Dynamic Delegation Discovery System (DDDS) Part Two: The Algorithm, October 2002, by M. Mealling.
[7.3-11k]	PS		RFC 3403:			Dynamic Delegation Discovery System (DDDS) Part Three: The Domain Name System (DNS) Database, October 2002, by M. Mealling.
[7.3-11l]	PS		RFC 3404:			Dynamic Delegation Discovery System (DDDS) Part Four: The Uniform Resource Identifiers (URI) Resolution Application, October 2002, by M. Mealling.
	Note:		RFC 3401 updates RFC 2276, and RFCs 3401, 3402, 3403 and 3404 obsolete RFC 2168 (Resolution of Uniform Resource Identifiers using the Domain Name System) and RFC 2915 (The Naming Authority Pointer (NAPTR)).
*[7.3-12a]	STD 62:		RFC 3411:			An Architecture for Describing Simple Network Management Protocol (SNMP) Management Frameworks, December 2002, by D. Harrington, R. Presuhn, B. Wijnen.
*[7.3-12b]	STD 62:		RFC 3412:			Message Processing and Dispatching for the Simple Network Management Protocol (SNMP), December 2002, by J. Case, D. Harrington, R. Presuhn, B. Wijnen.
*[7.3-12c]	STD 62:		RFC 3413:			Simple Network Management Protocol (SNMP) Applications, December 2002, by D. Levi, P. Meyer, B. Stewart.
[7.3-12d]	STD 62:		RFC 3414:			User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3), December 2002, by U. Blumenthal, B. Wijnen.
*[7.3-12e]	STD 62:		RFC 3415:			View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP), December 2002, by B. Wijnen, R. Presuhn, K. McCloghrie.
*[7.3-12f]	STD 62:		RFC 3416:			Version 2 of the Protocol Operations for the Simple Network Management Protocol (SNMP), December 2002, by R. Presuhn, Ed.
*[7.3-12g]	STD 62:		RFC 3417:			Transport Mappings for the Simple Network Management Protocol (SNMP), December 2002, by R. Presuhn, Ed.
*[7.3-12h]	STD 62:		RFC 3418:			Management Information Base (MIB) for the Simple Network Management Protocol (SNMP), December 2002, by R. Presuhn, Ed.
*[7.3-12i]	BCP 74:		RFC 3584:			Coexistence between Version 1, Version 2, and Version 3 of the Internet-standard Network Management Framework, August 2003, by R. Frye, D. Levi, S. Routhier, and B. Wijnen.
*[7.3-13a]	STD 58:		RFC 2578:			Structure of Management Information Version 2 (SMIv2), April 1999, edited by K. McCloghrie, D. Perkins and J. Schoenwaelder.
*[7.3-13b]	STD 58:		RFC 2579:			Textual Conventions for SMIv2, April 1999, edited by K. McCloghrie, D. Perkins and J. Schoenwaelder.
*[7.3-13c]	STD 58:		RFC 2580:			Conformance Statements for SMIv2, April 1999, edited by K. McCloghrie, D. Perkins and J. Schoenwaelder.
[7.3-14a]	STD 16:		RFC 1155:			Structure and Identification of Management Information for TCP/IP-based Internets, May 1990, by M. Rose and K. McCloghrie
[7.3-14b]	STD 16:		RFC 1212:			Concise MIB Definitions, March 1991, edited by M. Rose and K. McCloghrie.
*[7.3-14c]	STD 17:		RFC 1213:			Management Information Base for Network Management of TCP/IP Internets: MIB-II, March 1991, edited by K. McCloghrie and M. Rose.
*[7.3-14d]	PS		RFC 4293:			Management Information Base for the Internet Protocol (IP), April 2006, edited by S. Routhier.
	Note:		RFC 4293 obsoletes RFCs 2011, 2465, and 2466.
*[7.3-14e]	PS		RFC 4022:			Management Information Base for the Transmission Control Protocol (TCP), March 2005, edited by R. Raghunarayan.
	Note:		RFC 4022 obsoletes RFCs 2012 and 2452.
*[7.3-14f]	PS		RFC 4113:			Management Information Base for the User Datagram Protocol (UDP), June 2005, by B. Fenner and J. Flick.
	Note:		RFC 4113 obsoletes RFCs 2013 and 2454.
*[7.3-14g]	DS		RFC 2863:			The Interfaces Group MIB, June 2000, by K. McCloghrie and F. Kastenholz.
[7.3-14h]	PS		RFC 3621:			Power Ethernet MIB, December 2003, by A. Berger and D. Romascanu.
[7.3-14i]	PS		RFC 3636:			Definitions of Managed Objects for IEEE 802.3 Medium Attachment Units (MAUs), September 2003, by J. Flick.
[7.3-14j]	PS		RFC 4001:			Textual Conventions for Internet Network Addresses, February 2005, by M. Daniele, B. Haberman, S. Routhier, and J. Schoenwaelder.
[7.3-14k]	PS		RFC 4022:			Management Information Base for the Transmission Control Protocol (TCP), March 2005, edited by R. Raghunarayan.
	Note:		RFC 4022 obsoletes RFCs 2012 and 2452.
*[7.3-16]	STD 37:		RFC 826:			An Ethernet Address Resolution Protocol, (ARP), November 1982, by David C. Plummer.
	Note:		Additional ARP requirements are given in Section 2 of IETF STD 3: RFC 1122 [7.3-3a].
*[7.3-17]	STD 41:		RFC 894:			A Standard for the Transmission of IP Datagrams over Ethernet Networks, April 1984, by Charles Hornig.
[7.3-18]	STD 43:		RFC 1042:			A Standard for the Transmission of IP Datagrams over IEEE 802 Networks, February 1988, by J. Postel and J. Reynolds.
	Note:		Additional datagram transmission requirements are given in Section 2.3.3 of RFC 1122.
*[7.3-19]	I	RFC 1321:				The MD5 Message-Digest Algorithm, April 1992, by R. Rivest.
	Note:		RFC 1334: PPP Authentication Protocols, was obsoleted by RFC 1994, but Password Authentication Protocol (PAP) is not included in RFC 1994, so the latest specification of PAP is still in RFC 1334.
[7.3-19a]	STD 51:		RFC 1661:			The Point-to-Point Protocol (PPP), July 1994, W. Simpson, editor.
[7.3-19b]	STD 51:		RFC 1662:			PPP in HDLC-like Framing, July 1994, W. Simpson, editor.
[7.3-19c]	PS		RFC 1332:			The PPP Internet Protocol Control Protocol (IPCP), May 1992, by G. McGregor.
[7.3-19d]	DS		RFC 1994:			PPP Challenge Handshake Authentication Protocol (CHAP), August 1996, by W. Simpson.
	Note:		RFC 1994 is updated by RFC 2484, and it obsoletes RFC 1334.
	Note:		RFC 2284 (PPP Extensible Authentication Protocol EAP) was obsoleted by RFC 3748.
[7.3-19e]	PS		RFC 2484:			PPP LCP Internationalization Configuration Option, January 1999, by G. Zorn.
	Note:		RFC 2484 updates RFC 1994.
*[7.3-19f]	EP-O		RFC 2716:			PPP EAP TLS Authentication Protocol, October 1999, by B. Aboba and D. Simon.
	Note:		RFC 2716 was obsoleted by RFC 5216.
[7.3-19g]	I		RFC 2869:			RADIUS Extensions, June 2000, by C. Rigney, W. Willats and P. Calhoun
[7.3-19h]	draft-aboba-radius-rfc2869bis-22.txt (Updates RFC 2869)									RADIUS Support For Extensible Authentication Protocol (EAP), 15 May 2003, by B. Aboba and P. Calhoun.
*[7.3-19i]	PS		RFC 3748:			Extensible Authentication Protocol (EAP), June 2004, by B. Aboba, L. Blunk, J. Vollbrecht, J. Carlson and H. Levkowetz, Ed.
	Note:		RFC 3748 obsoletes RFC 2284 (PPP Extensible Authentication Protocol EAP).
[7.3-19j]	PS		RFC 5216:			The EAP-TLS Authentication Protocol, March 2008, by D. Simon, B. Aboba and R. Hurst.
	Note:		RFC 5216 obsoletes RFC 2716.
[7.3-19k]	PS		RFC 5247:			Extensible Authentication Protocol (EAP) Key Management Framework, August 2008, by B. Aboba, D. Simon and P. Eronen.
	Note:		RFC 5247 updates RFC 3748.
[7.3-19m]	draft-ietf-pppext-eap-ttls-05.txt								EAP Tunneled TLS Authentication Protocol (EAP-TTLS), July 2004, by Paul Funk.
[7.3-19n]	draft-kamath-pppext-peapv0-00.txt										Microsoft's PEAP version 0 (Implementation in Windows XP SP1), October 25, 2002, by Vivek Kamath, Ashwin Palekar and Mark Wodrich.
[7.3-19o]	draft-josefsson-pppext-eap-tls-eap-10.txt										Protected EAP Protocol (PEAP) Version 2, 15 October 2004, by Ashwin Palekar, Dan Simon, Joe Salowey, Hao Zhou, Glen Zorn and S. Josefsson
[7.3-20a]	DS			RFC 951:			Bootstrap Protocol (BOOTP), September 1985, by Bill Croft and John Gilmore.
[7.3-20b]	DS			RFC 1534:			Interoperation Between DHCP and BOOTP, October 1993, by R. Droms.
[7.3-20c]	DS			RFC 1542:			Clarifications and Extensions for the Bootstrap Protocol, October 1993, by W. Wimer.
*[7.3-20d]	DS			RFC 2131:			Dynamic Host Configuration Protocol, (DHCP), March 1997, by R. Droms.
*[7.3-20e]	DS			RFC 2132:			DHCP Options and BOOTP Vendor Extensions, March 1997, by S. Alexander and R. Droms.
[7.3-20f]	PS			RFC 3118:			Authentication for DHCP Messages, June 2001, by R. Droms and W. Arbaugh, Editors.
*[7.3-21a]	PS			RFC 2205:			Resource ReSerVation Protocol (RSVP) -- Version 1 Functional Specification, September 1997, by R. Braden, L. Zhang, S. Berson, S. Herzog, and S. Jamin.
[7.3-21b]	PS			RFC 2210:			The Use of RSVP with IETF Integrated Services, September 1997, by J. Wroclawski.
[7.3-21c]	PS			RFC 2745:			RSVP Diagnostic Messages, January 2000, by A. Terzis, B. Braden, S. Vincent and L. Zhang.
[7.3-21d]	PS			RFC 2750:			RSVP Extensions for Policy Control, January 2000, by S. Herzog.
[7.3-21e]	BCP 96:			RFC 3936:			Procedures for Modifying the Resource reSerVation Protocol (RSVP). K. Kompella, J. Lang. October 2004
[7.3-22a]	PS			RFC 2733:			An RTP Payload Format for Generic Forward Error Correction, December 1999, by J. Rosenberg and H. Schulzrinne.
[7.3-22b]	PS			RFC 2959:			Real-Time Transport Protocol Management Information Base, October 2000, by M. Baugher, B. Strahm and I. Suconick.
[7.3-22c]	PS			RFC 3389:			Real-time Transport Protocol (RTP) Payload for Comfort Noise, September 2002, by Robert Zopf.
*[7.3-22d]	STD 64:			RFC 3550:			RTP: A Transport Protocol for Real-Time Applications, (RTP/RTCP), July 2003, by H. Schulzrinne, S. Casner, R. Frederick and V. Jacobson.
	Note:			RFC 3550 obsoletes RFC 1889, and is updated by RFC 5506, RFC 5761, RFC 6051 and RFC 6222.
*[7.3-22e]	STD 65:			RFC 3551:			RTP Profile for Audio and Video Conferences with Minimal Control, July 2003, by H. Schulzrinne and S. Casner.
	Note:			RFC 3551 obsoletes RFC 1890, and is updated by RFC 5761.
*[7.3-22f]	PS			RFC 3711:			The Secure Real-time Transport Protocol (SRTP), March 2004, by M. Baugher, D. McGrew, M. Naslund, E. Carrara and K. Norrman.
	Note:			RFC 3711 is updated by RFC 5506.
[7.3-22g]	PS			RFC 4585:			Extended RTP Profile for Real-time Transport Control Protocol (RTCP)-Based Feedback (RTP/AVPF), July 2006, by J. Ott, S. Wenger, N. Sato, C. Burmeister, J. Rey.
[7.3-22h]	PS			RFC 4855:			Media Type Registration of RTP Payload Formats, February 2007, by S. Casner.
[7.3-22i]	PS			RFC 4856:			Media Type Registration of Payload Formats in the RTP Profile for Audio and Video Conferences, February 2007, by S. Casner.
	Note:			RFCs 4855 and 4856 together obsolete RFC 3555.
[7.3-22j]	PS			RFC 4867:			RTP Payload Format and File Storage Format for the Adaptive Multi-Rate (AMR) and Adaptive Multi-Rate Wideband (AMR-WB) Audio Codecs, April 2007, by J. Sjoberg, M. Westerlund, A. Lakaniemi, and Q. Xie.
	Note:			RFC 4867 obsoletes RFC 3267.
[7.3-22k]	BCP131:			RFC 4961:			Symmetric RTP / RTP Control Protocol (RTCP), July 2007, by D. Wing.
[7.3-22l]	PS			RFC 5109:			RTP Payload Format for Generic Forward Error Correction, December 2007, by A. Li.
	Note:			RFC 5109 obsoletes RFC 2733 and RFC 3009 (Registration of parityfec MIME types).
[7.3-22m]	PS			RFC 5506:			Support for Reduced-Size Real-Time Transport Control Protocol (RTCP): Opportunities and Consequences, April 2009, by I. Johansson and M. Westerlund.
[7.3-22n]	PS			RFC 5761:			Multiplexing RTP Data and Control Packets on a Single Port, April 2010, by C. Perkins and M. Westerlund.
[7.3-22o]	PS			RFC 6051:			Rapid Synchronisation of RTP Flows, November 2010, by C. Perkins and T. Schierl.
[7.3-22p]	PS			RFC 6188:			The Use of AES-192 and AES-256 in Secure RTP, March 2011, by D. McGrew.
[7.3-22q]	PS			RFC 6222:			Guidelines for Choosing RTP Control Protocol (RTCP) Canonical Names (CNAMEs), April 2011, by A. Begen, C. Perkins and D. Wing.
*[7.3-23a]	I			RFC 1945:			Hypertext Transfer Protocol – HTTP/1.0, May 1996, by Tim Berners-Lee, Roy T. Fielding and Henrik Frystyk Nielsen.
*[7.3-23b]	DS			RFC 2616:			Hypertext Transfer Protocol – HTTP/1.1, June 1999, by Roy T. Fielding, James Gettys, Jeffrey C. Mogul, Henrik Frystyk Nielsen, Larry Masinter, Paul J. Leach and Tim Berners-Lee.
	Note:			RFC 2616 obsoletes RFC 2068 (an earlier version of HTTP/1.1), and is updated by RFC 2817.
[7.3-23c]	I			RFC 2145:			Use and Interpretation of HTTP Version Numbers, May 1997, by Jeffrey C. Mogul, Roy T. Fielding, James Gettys and Henrik Frystyk Nielsen.
*[7.3-23d]	DS			RFC 2617:			HTTP Authentication: Basic and Digest Access Authentication, June 1999, by John Franks, Phillip Hallam-Baker, Jeffery Hostetler, Scott Lawrence, Paul Leach, Ari Luotonen and Lawrence Stewart.
	Note:			RFC 2617 obsoletes RFC 2069 (An Extension to HTTP: Digest Access Authentication).
[7.3-23e]	PS			RFC 2817:			Upgrading to TLS Within HTTP/1.1, May 2000, by R. Khare and S. Lawrence.
*[7.3-23f]	I			RFC 2818:			HTTP Over TLS, May 2000, by E. Rescorla.
	Note:			Section 3.1 of RFC 2818 requires the use of matching rules specified in RFC 2459, which was obsoleted by RFC 3280, which was obsoleted by RFC 5280.
[7.3-23g]	BCP 44			RFC 2964:			Use of HTTP State Management, October 2000, by Keith Moore and Ned Freed.
[7.3-23h]	PS			RFC 2965:			HTTP State Management Mechanism, October 2000, by David Kristol and Lou Montulli.
	Note:			RFC 2965 obsoletes RFC 2109 (HTTP State Management Mechanism).
[7.3-24]	I			RFC 2104:			HMAC: Keyed-Hashing for Message Authentication, February 1997, by H. Krawczyk, M. Bellare and R. Canetti.
[7.3-25a]	PS			RFC 1738:			Uniform Resource Locators (URL), December 1994, by Tim Berners-Lee, Larry Masinter and Mark McCahill.
[7.3-25b]	DS			RFC 2396:			Uniform Resource Identifiers (URI): Generic Syntax, August 1998, by Tim Berners-Lee, Roy Fielding and Larry Masinter.
	Note:			RFC 2396 was obsoleted by STD 66: RFC 3986 (see below).
*[7.3-25c]	STD 66:			RFC 3986:			Uniform Resource Identifier (URI): Generic Syntax, January 2005, by Tim Berners-Lee, Roy Fielding and Larry Masinter.
	Note:			RFC 3986 updates RFC 1738 (Uniform Resource Locators (URL)) and obsoletes RFC 2732 (Relative Uniform Resource Locators), RFC 2396 (Uniform Resource Identifiers (URI): Generic Syntax) and RFC 1808 (Relative Uniform Resource Locators).
*[7.3-26a]	draft-freier-ssl-version3-02.txt								The SSL Protocol Version 3.0, November 18, 1996, by Alan O. Freier, Philip Karlton and Paul C. Kocher, available at http://www.netscape.com/eng/ssl3/draft302.txt
*[7.3-26b]	PS-O			RFC 2246:			The TLS Protocol Version 1.0, January 1999, by Tim Dierks and Christopher Allen.
	Note:			RFC 2246 was obsoleted by RFC 4346, which was obsoleted by RFC 5246.
[7.3-26c]	PS			RFC 2712:			Addition of Kerberos Cipher Suites to Transport Layer Security (TLS), October 1999, by Ari Medvinsky and Matthew Hur.
	Note:			RFC 3268 (AES Ciphersuites for TLS) was obsoleted by RFC 5246.
	Note:			RFC 3546 (TLS Extensions) updated RFC 2246, but was obsoleted by RFC 4366.
	Note:			RFC 4346 (TLS Protocol Version 1.1) obsoleted RFC 2246, but was obsoleted by RFC 5246.
	Note:			RFC 4366 (TLS Extensions) updated RFC 4346 and obsoleted RFC 3546, but was obsoleted by RFC 5246 and RFC 6066.
[7.3-26e]	I			RFC 4492:			Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS), May 2006, by S. Blake-Wilson, N. Bolyard, V. Gupta, C. Hawk and B. Moeller.
[7.3-26g]	PS			RFC 5077:			Transport Layer Security (TLS) Session Resumption without Server-Side State, January 2008, by J. Salowey, H. Zhou, P. Eronen and H. Tschofenig.
[7.3-26i]	PS			RFC 5246:			The Transport Layer Security (TLS) Protocol Version 1.2, August 2008, by T. Dierks and E. Rescorla.
	Note:			RFC 5246 updates RFC 4492 and obsoletes RFC 3268, RFC 4346 and RFC 4366.
[7.3-26j]	PS			RFC 5746:			Transport Layer Security (TLS) Renegotiation Indication Extension, February 2010, by E. Rescorla, M. Ray, S. Dispensa and N. Oskov.
	Note:			RFC 5746 updates RFCs 2246, 4346, 4347, 4366 and 5246.
[7.3-26k]	EP			RFC 5878:			Transport Layer Security (TLS) Authorization Extensions, May 2010, by R. Housley.
[7.3-26l]	PS			RFC 6176:			Prohibiting Secure Sockets Layer (SSL) Version 2.0, March 2011, by S. Turner and T. Polk.
*[7.3-27a]	PS			RFC 2474:			Definition of the Differentiated Services Field (DS Field) in the IPv4 and IPv6 Headers, (DIFFSRV), December 1998, by K. Nichols, S. Blake, F. Baker and D. Black
[7.3-27b]	I			RFC 2475:			An Architecture for Differentiated Services, December 1998, by S. Blake, D. Black, M. Carlson, E. Davies, Z. Wang and W. Weiss.
[7.3-27c]	PS			RFC 2597:			Assured Forwarding PHB Group, June 1999, by J. Heinanen, F. Baker, W. Weiss and J. Wroclawski
[7.3-27d]				RFC 3168:			The Addition of Explicit Congestion Notification (ECN) to IP, September 2001, by K. Ramakrishnan, S. Floyd, and D. Black.
	Note:			RFC 3168 obsoletes RFC 2481, it updates RFC 2474, RFC 2401 and RFC 793, and it is updated by RFC 4301 and RFC 6040.
[7.3-27e]	PS			RFC 3246:			An Expedited Forwarding PHB (Per-Hop Behavior), March 2002, by B. Davie, A. Charny, J.C.R. Bennett, K. Benson, J.Y. Le Boudec, W. Courtney, S. Davari, V. Firoiu and D. Stiliadis
	Note:			RFC 3246 obsoletes RFC 2598.
[7.3-27f]	I			RFC 3260:			New Terminology and Clarifications for Diffserv, April 2002, by D. Grossman.
	Note:			RFC 3260 updates RFCs 2474, 2475 and 2597.
*[7.3-28]	STD 63:				RFC 3629:			UTF-8, a transformation format of ISO 10646, November 2003, by F. Yergeau.
	Note:				RFC 3629 obsoletes RFC 2279, which obsoletes RFC 2044.
[7.3-29a]	PS				RFC 2833:			RTP Payload for DTMF Digits, Telephony Tones and Telephony Signals, May 2000, by H. Schulzrinne and S. Petrack.
[7.3-29b]	PS				RFC 4733:			RTP Payload for DTMF Digits, Telephony Tones, and Telephony Signals, December 2006, by H. Schulzrinne and T. Taylor.
[7.3-29c]	PS				RFC 4734:			Definition of Events for Modem, Fax, and Text Telephony Signals, December 2006, by H. Schulzrinne and T. Taylor.
	Note:				RFC 4733 and 4734 obsolete RFC 2833.
*[7.3-30a]	I-O				RFC 3164:			The BSD syslog Protocol, August 2001, by C. Lonvick.
	Note:				RFC 3164 was obsolete by RFC 5424.
[7.3-30b]	PS				RFC 5424:			The Syslog Protocol, March 2009, by R. Gerhards.
[7.3-31a]	DS				RFC 1305:			Network Time Protocol (NTP Version 3) Specification, Implementation and Analysis, March 1992, by David L. Mills.
*[7.3-31b]	I				RFC 2030:			Simple Network Time Protocol (SNTP) Version 4 for IPv4, IPv6 and OSI, October 1996, by David L. Mills.
*[7.3-32a]	I				RFC 3447:			Public-Key Cryptography Standards (PKCS) #1: RSA Cryptography Specifications Version 2.1, February 2003, by J. Jonsson and B. Kaliski.
	Note:				RFC 3447 obsoletes RFC 2437, which obsoleted RFC 2313.
[7.3-32b]	I				RFC 2315:			PKCS #7: Cryptographic Message Syntax Version 1.5, March 1998, by B. Kaliski.
[7.3-32c]	I				RFC 2985:			PKCS #9: Selected Object Classes and Attribute Types Version 2.0, November 2000, by M. Nystrom and B. Kaliski.
[7.3-32d]	I				RFC 2986:			PKCS #10: Certification Request Syntax Specification Version 1.7, November 2000, by M. Nystrom and B. Kaliski.
	Note:				RFC 2986 obsoletes RFC 2314, and is updated by RFC 5967.
*[7.3-32e]	PS				RFC 3279:			Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, April 2002, by W. Polk, R. Housley and L. Bassham.
	Note:				RFC 3279 is updated by RFC 4055, RFC 4491, RFC 5480 and RFC 5758.
[7.3-32f]	PS				RFC 4055:			Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, June 2005, by J. Schaad, B. Kaliski and R. Housley.
	Note:				RFC 4055 updates RFC 3279 and is updated by RFC 5756.
*[7.3-32g]	PS				RFC 5280:			Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, May 2008, by D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, W. Polk.
	Note:				RFC 5280 obsoletes RFC 3280 (which obsoleted RFC 2459), RFC 4325 and RFC 4630.
[7.3-32h]	PS				RFC 5756:			Updates for RSAES-OAEP and RSASSA-PSS Algorithm Parameters, January 2010, by S. Turner, D. Brown, K. Yiu, R. Housley and T. Polk.
	Note:				RFC 5756 updates RFC 4055.
[7.3-32i]	PS				RFC 5758:			Internet X.509 Public Key Infrastructure: Additional Algorithms and Identifiers for DSA and ECDSA, January 2010, by Q. Dang, S. Santesson, K. Moriarty, D. Brown and T. Polk.
	Note:				RFC 5758 updates RFC 3279.
[7.3-32j]	I				RFC 5967:			The application/pkcs10 Media Type, August 2010, by S. Turner.
	Note:				RFC 5967 updates RFC 2986.
[7.3-33]	I				RFC 1750:			Randomness Recommendations for Security, December 1994, by D. Eastlake, S. Crocker and J. Schiller.
*[7.3-34a]	draft-nourse-scep-18.txt							Cisco Systems' Simple Certificate Enrollment Protocol (SCEP), January 21, 2009 (expires July 25, 2009), by A. Nourse, X. Liu, J. Vilhuber and C. Madson.
*[7.3-34b]	I				RFC 2315:			PKCS #7: Cryptographic Message Syntax Version 1.5, March 1998, by B. Kaliski.
*[7.3-34c]	I				RFC 2985:			PKCS #9: Selected Object Classes and Attribute Types Version 2.0, November 2000, by M. Nystrom and B. Kaliski.
*[7.3-34d]	I				RFC 2986:			PKCS #10: Certification Request Syntax Specification Version 1.7, November 2000, by M. Nystrom and B. Kaliski.
[7.3-35a]	H				RFC 1421:			Privacy Enhancement for Internet Electronic Mail (PEM): Part I: Message Encryption and Authentication Procedures, February 1993, by J. Linn.
*[7.3-35b]	H				RFC 1422:			Privacy Enhancement for Internet Electronic Mail: Part II: Certificate-Based Key Management, February 1993, by S. Kent.
*[7.3-35c]	H				RFC 1423:			Privacy Enhancement for Internet Electronic Mail: Part III: Algorithms, Modes, and Identifiers, February 1993, by D. Balenson.
[7.3-35d]	H				RFC 1424:			Privacy Enhancement for Internet Electronic Mail: Part IV: Key Certification and Related Services, February 1993, by B. Kaliski.
*[7.3-36a]	PS				RFC 4250:			The Secure Shell (SSH) Protocol Assigned Numbers, January 2006, by S. Lehtinen and C. Lonvick, editor.
[7.3-36b]	PS				RFC 4251:			The Secure Shell (SSH) Protocol Architecture, January 2006, by T. Ylonen and C. Lonvick, editor.
*[7.3-36c]	PS				RFC 4252:			The Secure Shell (SSH) Authentication Protocol, January 2006, by T. Ylonen and C. Lonvick, editor.
*[7.3-36d]	PS				RFC 4253:			The Secure Shell (SSH) Transport Layer Protocol, January 2006, by T. Ylonen and C. Lonvick, editor.
*[7.3-36e]	PS				RFC 4254:			The Secure Shell (SSH) Connection Protocol, January 2006, by T. Ylonen and C. Lonvick, editor.
[7.3-36f]	PS				RFC 4255:			Using DNS to Securely Publish Secure Shell (SSH) Key Fingerprints, January 2006, by J. Schlyter and W. Griffin.
*[7.3-36g]	PS				RFC 4256:			Generic Message Exchange Authentication for the Secure Shell Protocol (SSH), January 2006, by F. Cusack and M. Forssen.
[7.3-36h]	PS				RFC 4335:			The Secure Shell (SSH) Session Channel Break Extension, January 2006, by J. Galbraith and P. Remaker.
[7.3-36i]	PS				RFC 4344:			The Secure Shell (SSH) Transport Layer Encryption Modes, January 2006, by M. Bellare, T. Kohno and C. Namprempre.
[7.3-36j]	PS				RFC 4345:			Improved Arcfour Modes for the Secure Shell (SSH) Transport Layer Protocol, January 2006, by B. Harris.
[7.3-36k]	PS				RFC 4419:			Diffie-Hellman Group Exchange for the Secure Shell (SSH) Transport Layer Protocol, March 2006, by M. Friedl, N. Provos and W. Simpson.
[7.3-36m]	PS				RFC 4432:			RSA Key Exchange for the Secure Shell (SSH) Transport Layer Protocol, March 2006, by B. Harris.
[7.3-36n]	PS				RFC 4462:			Generic Security Service Application Program Interface (GSS-API) Authentication and Key Exchange for the Secure Shell (SSH) Protocol, May 2006, by J. Hutzelman, J. Salowey, J. Galbraith and V. Welch.
*[7.3-36o]	I				RFC 4716:			The Secure Shell (SSH) Public Key File Format, November 2006, by J. Galbraith and R. Thayer.
[7.3-36p]	PS				RFC 5656:			Elliptic Curve Algorithm Integration in the Secure Shell Transport Layer, December 2009, by D. Stebila and J. Green.
[7.3-37]	PS				RFC 2003:			IP Encapsulation within IP, October 1996, by C. Perkins.
[7.3-38a]	PS-O				RFC 2393:			IP Payload Compression Protocol (IPComp), December 1998, by A. Sacham, R. Monsour, R. Pereira and M. Thomas.
[7.3-38b]	PS				RFC 3173:			IP Payload Compression Protocol (IPComp), September 2001, by A. Sacham, B. Monsour, R. Pereira and M. Thomas.
	Note:				RFC 3173 obsoletes RFC 2393.
*[7.3-38c]	I				RFC 2395:			IP Payload Compression Using LZS, December 1998, by R. Friend and R. Monsour.
*[7.3-39a]	PS-O				RFC 2401:			Security Architecture for the Internet Protocol, November 1998, by S. Kent and R. Atkinson.
[7.3-39b]	PS				RFC 4301:			Security Architecture for the Internet Protocol, December 2005, by S. Kent and K. Seo.
	Note:				RFC 4301 obsoletes RFC 2401.
*[7.3-39c]	PS-O				RFC 2402:			IP Authentication Header, November 1998, by S. Kent and R. Atkinson.
[7.3-39d]	PS				RFC 4302:			IP Authentication Header, December 2005, by S. Kent.
	Note:				RFC 4302 obsoletes RFC 2402.
*[7.3-39e]	PS				RFC 2403:			The Use of HMAC-MD5-96 within ESP and AH, November 1998, by C. Madson and R. Glenn
*[7.3-39f]	PS				RFC 2404:			The Use of HMAC-SHA-1-96 within ESP and AH, November 1998, by C. Madson and R. Glenn.
*[7.3-39g]	PS				RFC 2405:			The ESP DES-CBC Cipher Algorithm With Explicit IV, November 1998 by C. Madson and N. Doraswamy.
*[7.3-39h]	PS				RFC 2451:			The ESP CBC-Mode Cipher Algorithms, November 1998, by R. Pereira and R. Adams.
	Note:				RFC 2451 is a normative reference of RFC 3602 [7.3-39i].
*[7.3-39i]	PS				RFC 3602:			The AES-CBC Cipher Algorithm and Its Use with IPsec, September 2003, by S. Frankel, R. Glenn and S.Kelly.
*[7.3-39j]	PS-O				RFC 2406:			IP Encapsulating Security Payload (ESP), November 1998, by S. Kent and R. Atkinson.
	Note:				RFC 2406 is a normative reference of RFC 3602 [7.3-39h].
[7.3-39k]	PS				RFC 4303:			IP Encapsulating Security Payload (ESP), December 2005, by S. Kent.
	Note:				RFC 4303 obsoletes RFC 2406.
[7.3-39m]	PS-O				RFC 4305:			Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH), December 2005, by D. Eastlake.
	Note:				RFC 4305 obsoletes RFCs 2402 and 2406.
[7.3-39n]	PS				RFC 4308:			Cryptographic Suites for IPsec, December 2005, by P. Hoffman.
[7.3-39o]	PS				RFC 4835:			Cryptographic Algorithm Implementation Requirements for Encapsulating Security Payload (ESP) and Authentication Header (AH), April 2007, by V. Manral.
	Note:				RFC 4835 obsoletes RFCs 4305.
[7.3-39p]	I				RFC 4869:			Suite B Cryptographic Suites for IPsec, May 2007, by L. Law and J. Solinas.
*[7.3-39q]	PS				RFC 2410:			The NULL Encryption Algorithm and Its Use With IPsec, November 1998, by R. Glenn and S. Kent
[7.3-39r]	I				RFC 2411:			IP Security Document Roadmap, November 1998, by R. Thayer, N. Doraswamy and R. Glenn.
*[7.3-40a]	PS				RFC 2407:			The Internet IP Security Domain of Interpretation for ISAKMP, November 1998, by D. Piper.
*[7.3-40b]	PS				RFC 2408:			Internet Security Association and Key Management Protocol (ISAKMP), November 1998, by D. Maughan, M. Schertler, M. Schneider and J. Turner.
*[7.3-40c]	draft-ietf-ipsec-isakmp-mode-cfg-05.txt							The ISAKMP Configuration Method, August 17, 1999 (expired February 17, 2000), by R. Pereira, S. Anand and B. Patel.
*[7.3-40d]	PS				RFC 2409:			The Internet Key Exchange (IKE), November 1998, by D. Harkins and D. Carrel.
[7.3-40e]	PS				RFC 4109:			Algorithms for Internet Key Exchange version 1 (IKEv1), May 2005, by P. Hoffman.
	Note:				RFC 4109 updates RFC 2409.
[7.3-40f]	I				RFC 2412:			The OAKLEY Key Determination Protocol, November 1998, by H. Orman.
[7.3-40g]	PS				RFC 2631:			Diffie-Hellman Key Agreement Method, June 1999, by E. Rescorla.
*[7.3-40h]	PS				RFC 3526:			More Modular Exponential (MODP) Diffie-Hellman groups for Internet Key Exchange (IKE), May 2003, T. Kivinen and M. Kojo.
*[7.3-40i]	draft-ietf-ipsec-isakmp-xauth-06.txt							Extended Authentication within ISAKMP/Oakley (XAUTH), December 1999 (expired May 2000), by R. Pereira and S. Beaulieu.
*[7.3-40j]	draft-ietf-ipsec-isakmp-hybrid-auth-05.txt							A Hybrid Authentication Mode for IKE, August 2000 (expired February 2001), by M. Litvin, R. Shamir and T. Zegman.
[7.3-40k]	PS				RFC 4304:			Extended Sequence Number (ESN) Addendum to IPsec Domain of Interpretation for Internet Security Association and Key Management Protocol (ISAKMP), December 2005, by S. Kent.
[7.3-40m]	PS				RFC 4306:			Internet Key Exchange (IKEv2) Protocol, December 2005, by C. Kaufman, Ed.
	Note:				RFC 4306 obsoletes RFCs 2407, 2408 and 2409.
[7.3-40n]	PS				RFC 4307:			Cryptographic Algorithms for Use in the Internet Key Exchange Version 2 (IKEv2), December 2005, by J. Schiller.
[7.3-41a]	I				RFC 3715:			IPsec-Network Address Translation (NAT) Compatibility Requirements, March 2004, B. Aboba and W. Dixon.
*[7.3-41b]	PS				RFC 3947:			Negotiation of NAT-Traversal in the IKE, January 2005, by T. Kivinen, B. Swander, A. Huttunen, and V. Volpe.
	Note:				RFC 3947 was previously: draft-ietf-ipsec-nat-t-ike-00.txt through draft-ietf-ipsec-nat-t-ike-08.txt, available at http://www.potaroo.net/ietf/idref/draft-ietf-ipsec-nat-t-ike/
[7.3-41c]	PS				RFC 3948:			UDP Encapsulation of IPsec ESP Packets, January 2005, by A. Huttunen, B. Swander, V. Volpe, L. DiBurro and M. Stenberg. Note that RFC 3948 was previously: draft-ietf-ipsec-udp-encaps-00.txt through draft-ietf-ipsec-udp-encaps-09.txt, available at http://www.potaroo.net/ietf/idref/draft-ietf-ipsec-udp-encaps/
*[7.3-42a]	DS				RFC 1981:			Path MTU Discovery for IP version 6, August 1996, by J. McCann, S. Deering, and J. Mogul.
*[7.3-42b]	DS				RFC 2460:			Internet Protocol, Version 6 (IPv6) Specification, December 1998, by S. Deering and R. Hinden.
*[7.3-42c]	PS				RFC 2464:			Transmission of IPv6 Packets over Ethernet Networks, December 1998, by M. Crawford.
*[7.3-42d]	PS				RFC 2710:			Multicast Listener Discovery (MLD) for IPv6, October 1999, by S. Deering, W. Fenner, and B. Haberman.
*[7.3-42e]	PS				RFC 3315:			Dynamic Host Configuration Protocol for IPv6 (DHCPv6), July 2003, by R. Droms, Ed., J. Bound, B. Volz, T. Lemon, C. Perkins, and M. Carney.
[7.3-42f]	PS				RFC 3590:			Source Address Selection for the Multicast Listener Discovery (MLD) Protocol, September 2003, by B. Haberman.
	Note:				RFC 3590 updates RFC 2710.
*[7.3-42g]	DS				RFC 3596:			DNS Extensions to Support IP Version 6, October 2003, by S. Thomson, C. Huitema, V. Ksinant, and M. Souissi.
[7.3-42h]	PS				RFC 3646:			DNS Configuration options for Dynamic Host Configuration Protocol for IPv6 (DHCPv6), December 2003, by R. Droms.
[7.3-42i]	PS				RFC 3810:			Multicast Listener Discovery Version 2 (MLDv2) for IPv6, June 2004, by R. Vida and L. Costa, Eds.
	Note:				RFC 3810 updates RFC 2710.
[7.3-42j]	PS				RFC 4007:			IPv6 Scoped Address Architecture, March 2005, by S. Deering, B. Haberman, T. Jinmei, E. Nordmark, and B. Zill.
*[7.3-42k]	PS				RFC 4213:			Basic Transition Mechanisms for IPv6 Hosts and Routers, October 2005, by E. Nordmark and R. Gilligan.
*[7.3-42l]	DS				RFC 4291:			IP Version 6 Addressing Architecture, February 2006, by R. Hinden and S. Deering.
	Note:				RFC 4291 obsoletes RFC 3513, which obsoleted RFC 2373.
[7.3-42m]	I				RFC 4294:			IPv6 Node Requirements, April 2006, by J. Loughney, Editor.
[7.3-42n]	PS				RFC 4361:			Node-specific Client Identifiers for Dynamic Host Configuration Protocol Version Four (DHCPv4), February 2006, by T. Lemon and B. Sommerfield.
	Note:				RFC 4361 updates RFCs 2131, 2132, and 3315.
*[7.3-42o]	DS				RFC 4443:			Internet Control Message Protocol (ICMPv6) for the Internet Protocol Version 6 (IPv6) Specification, March 2006, by A. Conta, S. Deering, and M. Gupta, Ed.
[7.3-42p]	PS				RFC 4604:			Using Internet Group Management Protocol Version 3 (IGMPv3) and Multicast Listener Discovery Protocol Version 2 (MLDv2) for Source-Specific Multicast, August 2006, by H. Holbrook, B. Cain, and B. Haberman.
	Note:				RFC 4604 updates RFCs 3376 and 3810.
*[7.3-42q]	DS				RFC 4861:			Neighbor Discovery for IP version 6 (IPv6), September 2007, by T. Narten, E. Nordmark, W. Simpson, and H. Soliman.
*[7.3-42r]	DS				RFC 4862:			IPv6 Stateless Address Autoconfiguration, September 2007, by S. Thomson, T. Narten, and T. Jinmei.
[7.3-42s]	PS				RFC 4884:			Extended ICMP to Support Multi-Part Messages, April 2007, by R. Bonica, D. Gan, D. Tappan, and C. Pignataro.
	Note:				RFC 4884 updates RFCs 792 and 4443
	DS				RFC 4941:			Privacy Extensions for Stateless Address Autoconfiguration in IPv6, September 2007, by T. Narten, R. Draves and S. Krishnan.
	Note:				RFC 4941 obsoletes RFC 3041.
*[7.3-42t]	PS				RFC 5095:			Deprecation of Type 0 Routing Headers in IPv6, December 2007, by J. Abley, P. Savola, and G. Neville-Neil.
	Note:				RFC 5095 updates RFCs 2460 and 4294.
[7.3-42u]	PS				RFC 5494:			IANA Allocation Guidelines for the Address Resolution Protocol (ARP), April 2009, by J. Arkko and C. Pignataro.
	Note:				RFC 5494 updates RFCs 3315, 4361, and many more.
[7.3-43a]	PS				RFC 2560:			X.509 Internet Public Key Infrastructure Online Certificate Status Protocol – OCSP, June 1999, by M. Myers, R. Ankney, A. Malpani, S. Galperin and C. Adams.
[7.3-43b]	PS				RFC 5019:			The Lightweight Online Certificate Status Protocol (OCSP) Profile for High-Volume Environments, September 2007, by A. Deacon and R. Hurst.
[7.3-43c]	PS				RFC 6277:			Online Certificate Status Protocol Algorithm Agility, June 2011, by S. Santesson and P. Hallam-Baker.
	Note:				RFC 6277 updates RFC 2560.

7.4 International Telecommunications Union (ITU) Documents

[7.4-2]	ITU-T Recommendation E.180/Q.35, Technical characteristics of tones for the telephone service, March 1998.
[7.4-2a]	ITU-T Recommendation E.180 Supplement 2, Various Tones Used in National Networks, January 1994.
[7.4-3]	ITU-T Recommendation G.167, Acoustic echo controllers, March 1993.
* [7.4-4]	ITU-T Recommendation G.711, Pulse Code Modulation (PCM) of Voice Frequencies, November 1988.
[7.4-4a]	Appendix I: A high quality low-complexity algorithm for packet loss concealment with G.711, September, 1999.
[7.4-4b]	Appendix II: A comfort noise payload definition for ITU-T G.711 use in packet-based multimedia communication systems, February, 2000.
* [7.4-5]	ITU-T Recommendation G.722, 7 kHz Audio-Coding Within 64 kbit/s, November 1988.
[7.4-9]	ITU-T Recommendation G.723.1, Speech coders: Dual rate speech coder for multimedia communications transmitting at 5.3 and 6.3 kbit/s, March 1996.
[7.4-9a]	Annex A to ITU-T Recommendation G.723.1: Silence compression scheme, November 1996.
[7.4-10]	ITU-T Recommendation G.726, General Aspects of Digital Transmission Systems; Terminal Equipments: 40, 32, 24, 16 kbit/s Adaptive Differential Pulse Code Modulation (ADPCM), 1990.
* [7.4-10a]	Annex A to ITU-T Recommendation G.726: Extensions of Recommendation G.726 for use with Uniform-Quantized Input and Output, November 1994.
[7.4-11]	ITU-T Recommendation G.729, Coding of speech at 8 kbit/s using Conjugate-Structure Algebraic-Code-Excited Linear-Prediction (CS-ACELP), March 1996.
* [7.4-11a]	Annex A to ITU-T Recommendation G.729: Reduced complexity 8 kbit/s CS-ACELP speech codec, November 1996.
* [7.4-11b]	Annex B to ITU-T Recommendation G.729: A silence compression scheme for G.729 optimized for terminals conforming to Recommendation V.70, November 1996.
[7.4-12a]	ITU-T Recommendation X.509, The Directory: Public-key and attribute certificate frameworks, 07/1988.
* [7.4-12b]	ITU-T Recommendation X.509, The Directory: Public-key and attribute certificate frameworks, 03/2000.
* [7.4-12c]	ITU-T Recommendation X.509, The Directory: Public-key and attribute certificate frameworks, 08/2005.
* [7.4-13]	ITU-T Recommendation X.690, The Directory: ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER), December, 1997.

7.5 Federal Information Processing Standards Publications (FIPS PUBs)

[7.5-1a]	FIPS PUB 46-3, Data Encryption Standard (DES), Reaffirmed October 25, 1999.
[7.5-1b]	FIPS PUB 81, DES Modes of Operation, December 2, 1980.
[7.5-2]	FIPS PUB 140-2, Security Requirements for Cryptographic Modules, May 25, 2001, (+ Change Notices through December 3, 2002).
*[7.5-3]	FIPS PUB 180-2, Secure Hash Standard, August 1, 2002, (+ Change Notice to include SHA-224, February 25, 2004).
*[7.5-4]	FIPS PUB 186-2, Digital Signature Standard (DSS), January 27, 2000, including Change Notice 1, October 5, 2001, available at: http://csrc.nist.gov/publications/fips/fips186-2/fips186-2-change1.pdf
*[7.5-5]	FIPS PUB 197, Advanced Encryption Standard, November 26, 2001. Note: FIPS PUB 197 is a normative reference of IETF RFC 3602 [7.3-39h].

7.6 National Institute of Standards and Technology Special Publications (NIST SPs)

[7.6-1]	NIST SP 800-90, Recommendation for Random Number Generation Using Deterministic Random Bit Generators (Revised), by Elaine B. Barker and John M. Kelsey, March 2007.
[7.6-1a]	NIST SP 800-90A, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, by Elaine B. Barker and John M. Kelsey, January 2012.
[7.6-2a]	NIST SP 800-131A, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, by Elaine Barker and Allen Roginsky, January 2011.

7.7 Telecommunications Industry Association (TIA)

*[7.7-1]

Link Layer Discovery Protocol for Media Endpoint Devices, ANSI/TIA-1057-2006.

7.8 U. S. Government Documents

[7.8-1a]	Department of Defense Unified Capabilities Requirements 2008 (UCR 2008) December 2008.
[7.8-1b]	Department of Defense Unified Capabilities Requirements 2008 (UCR 2008) Change 1 Final, January 2010.
[7.8-1c]	Department of Defense Unified Capabilities Requirements 2008 (UCR 2008) Change 2 Final, December 2010.
[7.8-1d]	Department of Defense Unified Capabilities Requirements 2008 (UCR 2008) Change 3 Final, September 2011.

7.9 Other Vendors’ Documents

*[7.9-1]

Proprietary Contivity Client Developers Guide, Revision 1.12, May 5, 2004.

Directory: public -> downloadFile.jsp?file= -> resources -> sites -> AVAYA -> content -> live -> SOLUTIONS
public -> The german unification, 1815-1870
public ->  Preparation of Papers for ieee transactions on medical imaging
public -> Harmonised compatibility and sharing conditions for video pmse in the 7 9 ghz frequency band, taking into account radar use
public -> Adjih, C., Georgiadis, L., Jacquet, P., & Szpankowski, W. (2006). Multicast tree structure and the power law
public -> Duarte, G. Pujolle: fits: a flexible Virtual Network Testbed Architecture
public -> Swiss Federal Institute of Technology (eth) Zurich Computer Engineering and Networks Laboratory
public -> Tr-41. 4-03-05-024 Telecommunications
public -> Chris Young sets 2016 “I’m Comin’ Over” Tour headlining dates
SOLUTIONS -> CM: How to enable 'auto answer' feature

Download 4.77 Mb.

Share with your friends: