rfc9046.original.xml   rfc9046.xml 
<?xml version='1.0' encoding='utf-8'?> <?xml version="1.0" encoding="UTF-8"?>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc2629 version 1.3.23 -->
<!DOCTYPE rfc SYSTEM "rfc2629-xhtml.ent"> <!DOCTYPE rfc SYSTEM "rfc2629-xhtml.ent">
<?rfc strict="yes"?>
<?rfc toc="yes"?> <rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft
<?rfc tocdepth="4"?> -ietf-babel-information-model-14" number="9046" obsoletes="" updates="" submissi
<?rfc symrefs="yes"?> onType="IETF" category="info" consensus="true" xml:lang="en" tocInclude="true" t
<?rfc sortrefs="yes"?> ocDepth="4" symRefs="true" sortRefs="true" version="3">
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft
-ietf-babel-information-model-14" category="info" obsoletes="" updates="" submis
sionType="IETF" xml:lang="en" tocInclude="true" tocDepth="4" symRefs="true" sort
Refs="true" version="3">
<!-- xml2rfc v2v3 conversion 3.5.0 --> <!-- xml2rfc v2v3 conversion 3.5.0 -->
<front> <front>
<title>Babel Information Model</title> <title>Babel Information Model</title>
<seriesInfo name="Internet-Draft" value="draft-ietf-babel-information-model- <seriesInfo name="RFC" value="9046"/>
14"/> <author initials="B." surname="Stark" fullname="Barbara Stark">
<author initials="B.H." surname="Stark" fullname="Barbara Stark">
<organization>AT&amp;T</organization> <organization>AT&amp;T</organization>
<address> <address>
<postal> <postal>
<street/> <street/>
<city>Atlanta, GA</city> <city></city>
<region/> <region>TX</region>
<code/> <code/>
<country>US</country> <country>United States of America</country>
</postal> </postal>
<phone/> <phone/>
<email>barbara.stark@att.com</email> <email>barbara.stark@att.com</email>
</address> </address>
</author> </author>
<author initials="M.J." surname="Jethanandani" fullname="Mahesh Jethanandani <author initials="M." surname="Jethanandani" fullname="Mahesh Jethanandani">
"> <organization>Kloud Services</organization>
<organization>VMware</organization>
<address> <address>
<postal> <postal>
<street/> <street/>
<city/> <city/>
<region>California</region> <region>CA</region>
<code/> <code/>
<country>US</country> <country>United States of America</country>
</postal> </postal>
<phone/> <phone/>
<email>mjethanandani@gmail.com</email> <email>mjethanandani@gmail.com</email>
</address> </address>
</author> </author>
<date year="2021"/> <date year="2021" month="June" />
<area>Routing</area> <area>Routing</area>
<workgroup>Babel routing protocol</workgroup> <workgroup>Babel routing protocol</workgroup>
<keyword>Babel</keyword> <keyword>Babel</keyword>
<abstract> <abstract>
<t>This Babel Information Model provides structured data elements <t>The Babel information model provides structured data elements
for a Babel implementation reporting its current state and may for a Babel implementation reporting its current state and may
allow limited configuration of some such data elements. allow limited configuration of some such data elements.
This information model can be used as a basis for creating data This information model can be used as a basis for creating data
models under various data modeling regimes. This information models under various data modeling regimes. This information
model only includes parameters and parameter values useful for model only includes parameters and parameter values useful for
managing Babel over IPv6.</t> managing Babel over IPv6.</t>
</abstract> </abstract>
</front> </front>
<middle> <middle>
<section anchor="introduction" numbered="true" toc="default"> <section anchor="introduction" numbered="true" toc="default">
<name>Introduction</name> <name>Introduction</name>
<t>Babel is a loop-avoiding distance-vector routing protocol defined in <t>Babel is a loop-avoiding, distance-vector routing protocol defined in
<xref target="RFC8966" format="default"/>. <xref target="RFC8967" format="defaul t"/> defines a security <xref target="RFC8966" format="default"/>. <xref target="RFC8967" format="defaul t"/> defines a security
mechanism that allows Babel packets to be cryptographically mechanism that allows Babel packets to be cryptographically
authenticated, and <xref target="RFC8968" format="default"/> defines a security mechanism authenticated, and <xref target="RFC8968" format="default"/> defines a security mechanism
that allows Babel packets to be both authenticated and encrypted. that allows Babel packets to be both authenticated and encrypted.
This document describes an information model for Babel (including implementation s This document describes an information model for Babel (including implementation s
using one or both of these security mechanisms) that can be used to create manag ement using one or both of these security mechanisms) that can be used to create manag ement
protocol data models (such as a NETCONF <xref target="RFC6241" format="default"/ > YANG <xref target="RFC7950" format="default"/> data model).</t> protocol data models (such as a NETCONF <xref target="RFC6241" format="default"/ > YANG <xref target="RFC7950" format="default"/> data model).</t>
<t>Due to the simplicity of the Babel protocol, most of the information mo del <t>Due to the simplicity of the Babel protocol, most of the information mo del
is focused on reporting Babel protocol operational state, and very little of is focused on reporting the Babel protocol operational state, and very little of
that is considered mandatory to implement for an implementation claiming that is considered mandatory to implement for an implementation claiming
compliance with this information model. Some parameters may be configurable. compliance with this information model. Some parameters may be configurable.
However, it is up to the Babel implementation whether to allow any of these However, it is up to the Babel implementation whether to allow any of these
to be configured within its implementation. Where the implementation does to be configured within its implementation. Where the implementation does
not allow configuration of these parameters, it MAY still choose to expose not allow configuration of these parameters, it <bcp14>MAY</bcp14> still choose to expose
them as read-only.</t> them as read-only.</t>
<t>The Information Model is presented using a hierarchical structure. This <t>The information model is presented using a hierarchical structure. This
does does
not preclude a data model based on this Information Model from using a referenti not preclude a data model based on this information model from using a referenti
al al
or other structure.</t> or other structure.</t>
<t>This information model only includes parameters and parameter values <t>This information model only includes parameters and parameter values
useful for managing Babel over IPv6. This model has no parameters useful for managing Babel over IPv6. This model has no parameters
or values specific to operating Babel over IPv4, even though or values specific to operating Babel over IPv4, even though
<xref target="RFC8966" format="default"/> does define a multicast group for <xref target="RFC8966" format="default"/> does define a multicast group for
sending and listening to multicast announcements on IPv4. sending and listening to multicast announcements on IPv4.
There is less likelihood of breakage due to inconsistent There is less likelihood of breakage due to inconsistent
configuration and increased implementation simplicity if configuration and increased implementation simplicity if
Babel is operated always and only over IPv6. Running Babel Babel is operated always and only over IPv6. Running Babel
over IPv6 requires IPv6 at the link layer and does not need over IPv6 requires IPv6 at the link layer and does not need
advertised prefixes, router advertisements or DHCPv6 to be advertised prefixes, router advertisements, or DHCPv6 to be
present in the network. Link-local IPv6 is widely supported present in the network. Link-local IPv6 is widely supported
among devices where Babel is expected to be used. Note that among devices where Babel is expected to be used. Note that
Babel over IPv6 can be used for configuration of both IPv4 Babel over IPv6 can be used for configuration of both IPv4
and IPv6 routes.</t> and IPv6 routes.</t>
<section anchor="requirements-language" numbered="true" toc="default"> <section anchor="requirements-language" numbered="true" toc="default">
<name>Requirements Language</name> <name>Requirements Language</name>
<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL <t>
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQU
"MAY", and "OPTIONAL" in this document are to be interpreted as IRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
described in BCP014 <xref target="RFC2119" format="default"/> <xref target="RFC8 NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>
174" format="default"/> when, and only when, they RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
appear in all capitals, as shown here.</t> "<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to
be interpreted as
described in BCP&nbsp;14 <xref target="RFC2119"/> <xref target="RFC8174"/>
when, and only when, they appear in all capitals, as shown here.
</t>
</section> </section>
<section anchor="notation" numbered="true" toc="default"> <section anchor="notation" numbered="true" toc="default">
<name>Notation</name> <name>Notation</name>
<t>This document uses a programming language-like notation to define the
properties <t>This document uses a programming-language-like notation to define the
properties
of the objects of the information model. An optional property is enclosed of the objects of the information model. An optional property is enclosed
by square brackets, [ ], and a list property is indicated by two numbers by square brackets, [ ], and a list property is indicated by two numbers
in angle brackets, &lt;m..n&gt;, where m indicates the minimal number in angle brackets, &lt;m..n&gt;, where m indicates the minimal number
of list elements, of list elements,
and n indicates the maximum number of list elements. The symbol * for n and n indicates the maximum number of list elements. The symbol "*" for n
means there are no defined limits on the number of list elements. Each parameter means there are no defined limits on the number of list elements. Each parameter
and object includes an indication of "ro" or "rw". "ro" means the parameter and object includes an indication of "ro" or "rw". "ro" means the parameter
or object is read-only. "rw" means it is read-write. For an object, read-write or object is read-only. "rw" means it is read-write. For an object, read-write
means instances of the object can be created or deleted. means instances of the object can be created or deleted.
If an implementation is allowed to choose If an implementation is allowed to choose
to implement a "rw" parameter as read-only, this is noted in the parameter to implement a "rw" parameter as read-only, this is noted in the parameter
description.</t> description.</t>
<t>The object definitions use base types that are defined as follows:</t > <t>The object definitions use base types that are defined as follows:</t >
<dl indent="12"> <dl indent="14">
<dt> <dt>
binary </dt> binary: </dt>
<dd> <dd>
<t>A binary string (sequence of octets).</t> <t>A binary string (sequence of octets).</t>
</dd> </dd>
<dt> <dt>
boolean </dt> boolean: </dt>
<dd> <dd>
<t>A type representing a Boolean (true or false) value.</t> <t>A type representing a Boolean (true or false) value.</t>
</dd> </dd>
<dt> <dt>
datetime </dt> datetime: </dt>
<dd> <dd>
<t>A type representing a date and time using the Gregorian calendar. The datetime <t>A type representing a date and time using the Gregorian calendar. The datetime
format MUST conform to RFC 3339 <xref target="RFC3339" format="default"/> Sectio n 5.6.</t> format <bcp14>MUST</bcp14> conform to <xref target="RFC3339" sectionFormat="comm a" section="5.6"/>.</t>
</dd> </dd>
<dt> <dt>
ip-address </dt> ip-address: </dt>
<dd> <dd>
<t>A type representing an IP address. This type supports both IPv4 a nd IPv6 <t>A type representing an IP address. This type supports both IPv4 a nd IPv6
addresses.</t> addresses.</t>
</dd> </dd>
<dt> <dt>
operation </dt> operation: </dt>
<dd> <dd>
<t>A type representing a remote procedure call or other action that can be used <t>A type representing a remote procedure call or other action that can be used
to manipulate data elements or system behaviors.</t> to manipulate data elements or system behaviors.</t>
</dd> </dd>
<dt> <dt>
reference </dt> reference: </dt>
<dd> <dd>
<t>A type representing a reference to another information or data mo del element <t>A type representing a reference to another information or data mo del element
or to some other device resource.</t> or to some other device resource.</t>
</dd> </dd>
<dt> <dt>
string </dt> string: </dt>
<dd> <dd>
<t>A type representing a human-readable string consisting of a (poss ibly restricted) <t>A type representing a human-readable string consisting of a (poss ibly restricted)
subset of Unicode and ISO/IEC 10646 <xref target="ISO.10646" format="default"/> characters.</t> subset of Unicode and ISO/IEC 10646 <xref target="ISO.10646" format="default"/> characters.</t>
</dd> </dd>
<dt> <dt>
uint </dt> uint: </dt>
<dd> <dd>
<t>A type representing an unsigned integer number. This information <t>A type representing an unsigned integer number. This information
model does not define a precision.</t> model does not define a precision.</t>
</dd> </dd>
</dl> </dl>
</section> </section>
</section> </section>
<section anchor="overview" numbered="true" toc="default"> <section anchor="overview" numbered="true" toc="default">
<name>Overview</name> <name>Overview</name>
<t>The Information Model is hierarchically structured as follows:</t> <t>The information model is hierarchically structured as follows:</t>
<artwork align="left" name="" type="" alt=""><![CDATA[ <sourcecode name="" type=""><![CDATA[
+-- babel-information +-- babel-information
+-- babel-implementation-version +-- babel-implementation-version
+-- babel-enable +-- babel-enable
+-- router-id +-- router-id
+-- self-seqno +-- self-seqno
+-- babel-metric-comp-algorithms +-- babel-metric-comp-algorithms
+-- babel-security-supported +-- babel-security-supported
+-- babel-mac-algorithms +-- babel-mac-algorithms
+-- babel-dtls-cert-types +-- babel-dtls-cert-types
+-- babel-stats-enable +-- babel-stats-enable
skipping to change at line 249 skipping to change at line 246
| +-- babel-mac-key-value | +-- babel-mac-key-value
| +-- babel-mac-key-algorithm | +-- babel-mac-key-algorithm
| +-- babel-mac-key-test | +-- babel-mac-key-test
+-- babel-dtls-cert-sets +-- babel-dtls-cert-sets
+-- babel-dtls-default-apply +-- babel-dtls-default-apply
+-- babel-dtls-certs +-- babel-dtls-certs
+-- babel-cert-name +-- babel-cert-name
+-- babel-cert-value +-- babel-cert-value
+-- babel-cert-type +-- babel-cert-type
+-- babel-cert-private-key +-- babel-cert-private-key
]]></artwork> ]]></sourcecode>
<t>Most parameters are read-only. Following is a descriptive list of the p <t>Most parameters are read-only. The following is a descriptive list of t
arameters that are not required to be read-only:</t> he parameters that are not required to be read-only:</t>
<ul spacing="normal"> <ul spacing="normal">
<li>enable/disable Babel</li> <li>enable/disable Babel</li>
<li>create/delete Babel MAC Key sets</li> <li>create/delete Babel Message Authentication Code (MAC) Key sets</li>
<li>create/delete Babel Certificate sets</li> <li>create/delete Babel Certificate sets</li>
<li>enable/disable statistics collection</li> <li>enable/disable statistics collection</li>
<li>Constant: UDP port</li> <li>Constant: UDP port</li>
<li>Constant: IPv6 multicast group</li> <li>Constant: IPv6 multicast group</li>
<li>Interface: enable/disable Babel on this interface</li> <li>Interface: enable/disable Babel on this interface</li>
<li>Interface: Metric algorithm</li> <li>Interface: metric algorithm</li>
<li>Interface: Split horizon</li> <li>Interface: split horizon</li>
<li>Interface: sets of MAC keys</li> <li>Interface: sets of MAC keys</li>
<li>Interface: verify received MAC packets</li> <li>Interface: verify received MAC packets</li>
<li>Interface: set of certificates for use with DTLS</li> <li>Interface: set of certificates for use with DTLS</li>
<li>Interface: use cached info extensions</li> <li>Interface: use cached info extensions</li>
<li>Interface: preferred order of certificate types</li> <li>Interface: preferred order of certificate types</li>
<li>Interface: enable/disable packet log</li> <li>Interface: enable/disable packet log</li>
<li>MAC-keys: create/delete entries</li> <li>MAC-keys: create/delete entries</li>
<li>MAC-keys: key used for sent packets</li> <li>MAC-keys: key used for sent packets</li>
<li>MAC-keys: key used to verify packets</li> <li>MAC-keys: key used to verify packets</li>
<li>DTLS-certs: create/delete entries</li> <li>DTLS-certs: create/delete entries</li>
skipping to change at line 285 skipping to change at line 282
<li>DTLS private keys</li> <li>DTLS private keys</li>
</ul> </ul>
<t>Note that this overview is intended simply to be informative and is not normative. <t>Note that this overview is intended simply to be informative and is not normative.
If there is any discrepancy between this overview and the detailed information If there is any discrepancy between this overview and the detailed information
model definitions in subsequent sections, the error is in this overview.</t> model definitions in subsequent sections, the error is in this overview.</t>
</section> </section>
<section anchor="the-information-model" numbered="true" toc="default"> <section anchor="the-information-model" numbered="true" toc="default">
<name>The Information Model</name> <name>The Information Model</name>
<section anchor="definition-of-babel-information-obj" numbered="true" toc= "default"> <section anchor="definition-of-babel-information-obj" numbered="true" toc= "default">
<name>Definition of babel-information-obj</name> <name>Definition of babel-information-obj</name>
<artwork align="left" name="" type="" alt=""><![CDATA[ <sourcecode name="" type=""><![CDATA[
object { object {
string ro babel-implementation-version; string ro babel-implementation-version;
boolean rw babel-enable; boolean rw babel-enable;
binary ro babel-self-router-id; binary ro babel-self-router-id;
[uint ro babel-self-seqno;] [uint ro babel-self-seqno;]
string ro babel-metric-comp-algorithms<1..*>; string ro babel-metric-comp-algorithms<1..*>;
string ro babel-security-supported<0..*>; string ro babel-security-supported<0..*>;
[string ro babel-mac-algorithms<1..*>;] [string ro babel-mac-algorithms<1..*>;]
[string ro babel-dtls-cert-types<1..*>;] [string ro babel-dtls-cert-types<1..*>;]
[boolean rw babel-stats-enable;] [boolean rw babel-stats-enable;]
[operation babel-stats-reset;] [operation babel-stats-reset;]
babel-constants-obj ro babel-constants; babel-constants-obj ro babel-constants;
babel-interface-obj ro babel-interfaces<0..*>; babel-interface-obj ro babel-interfaces<0..*>;
babel-route-obj ro babel-routes<0..*>; babel-route-obj ro babel-routes<0..*>;
[babel-mac-key-set-obj rw babel-mac-key-sets<0..*>;] [babel-mac-key-set-obj rw babel-mac-key-sets<0..*>;]
[babel-dtls-cert-set-obj rw babel-dtls-cert-sets<0..*>;] [babel-dtls-cert-set-obj rw babel-dtls-cert-sets<0..*>;]
} babel-information-obj; } babel-information-obj;
]]></artwork> ]]></sourcecode>
<dl> <dl>
<dt> <dt>
babel-implementation-version: </dt> babel-implementation-version: </dt>
<dd> <dd>
<t>The name and version of this implementation of the Babel protocol .</t> <t>The name and version of this implementation of the Babel protocol .</t>
</dd> </dd>
<dt> <dt>
babel-enable: </dt> babel-enable: </dt>
<dd> <dd>
<t>When written, it configures whether the protocol should be enable d <t>When written, it configures whether the protocol should be enable d
(true) or disabled (false). (true) or disabled (false).
A read from the running or intended datastore indicates the A read from the running or intended datastore indicates the
configured administrative value of whether the protocol is enabled configured administrative value of whether the protocol is enabled
(true) or not (false). A read from the operational datastore indicates whether (true) or not (false). A read from the operational datastore indicates whether
the protocol is actually running (true) or not (i.e., it indicates the the protocol is actually running (true) or not (i.e., it indicates the
operational state of the protocol). operational state of the protocol).
A data model that does not replicate parameters for running and operational A data model that does not replicate parameters for running and operational
datastores can implement this as two separate parameters. datastores can implement this as two separate parameters.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-self-router-id: </dt> babel-self-router-id: </dt>
<dd> <dd>
<t>The router-id used by this instance of the Babel protocol <t>The router-id used by this instance of the Babel protocol
to identify itself. <xref target="RFC8966" format="default"/> to identify itself. <xref target="RFC8966" format="default"/>
describes this as an arbitrary string of 8 octets.</t> describes this as an arbitrary string of 8 octets.</t>
</dd> </dd>
<dt> <dt>
babel-self-seqno: </dt> babel-self-seqno: </dt>
<dd> <dd>
<t>The current sequence number included in route updates for routes <t>The current sequence number included in route updates for routes
originated by this node. This is a 16-bit unsigned integer.</t> originated by this node. This is a 16-bit unsigned integer.</t>
</dd> </dd>
<dt> <dt>
babel-metric-comp-algorithms: </dt> babel-metric-comp-algorithms: </dt>
<dd> <dd>
<t>List of supported cost computation algorithms. Possible <t>List of supported cost computation algorithms. Possible
values include "2-out-of-3", and "ETX". values include "2-out-of-3", as described in <xref target="RFC8966" sectionForma
"2-out-of-3" is described in t="comma" section="A.2.1"/>, and "ETX", as described in <xref target="RFC8966" s
<xref target="RFC8966" format="default"/>, section A.2.1. ectionFormat="comma" section="A.2.2"/>. </t>
"ETX" is described in
<xref target="RFC8966" format="default"/>, section A.2.2.</t>
</dd> </dd>
<dt> <dt>
babel-security-supported: </dt> babel-security-supported: </dt>
<dd> <dd>
<t>List of supported security mechanisms. Possible values include <t>List of supported security mechanisms. Possible values include
"MAC" to indicate support of <xref target="RFC8967" format="default"/> and "DTLS " "MAC" to indicate support of <xref target="RFC8967" format="default"/> and "DTLS "
to indicate support of <xref target="RFC8968" format="default"/>.</t> to indicate support of <xref target="RFC8968" format="default"/>.</t>
</dd> </dd>
<dt> <dt>
babel-mac-algorithms: </dt> babel-mac-algorithms: </dt>
<dd> <dd>
<t>List of supported MAC computation algorithms. Possible values <t>List of supported MAC computation algorithms. Possible values
include "HMAC-SHA256", "BLAKE2s-128" to indicate support for include "HMAC-SHA256" and "BLAKE2s-128" to indicate support for
algorithms indicated in <xref target="RFC8967" format="default"/>.</t> algorithms indicated in <xref target="RFC8967" format="default"/>.</t>
</dd> </dd>
<dt> <dt>
babel-dtls-cert-types: </dt> babel-dtls-cert-types: </dt>
<dd> <dd>
<t>List of supported certificate types. Possible values include <t>List of supported certificate types. Possible values include
"X.509" and "RawPublicKey" to indicate support for types "X.509" and "RawPublicKey" to indicate support for types
indicated in <xref target="RFC8968" format="default"/>.</t> indicated in <xref target="RFC8968" format="default"/>.</t>
</dd> </dd>
<dt> <dt>
skipping to change at line 406 skipping to change at line 399
<dd> <dd>
<t>A set of babel-route-obj objects. Contains the routes known to th is <t>A set of babel-route-obj objects. Contains the routes known to th is
node.</t> node.</t>
</dd> </dd>
<dt> <dt>
babel-mac-key-sets: </dt> babel-mac-key-sets: </dt>
<dd> <dd>
<t>A set of babel-mac-key-set-obj objects. If this <t>A set of babel-mac-key-set-obj objects. If this
object is implemented, it object is implemented, it
provides access to parameters related to the MAC security mechanism. provides access to parameters related to the MAC security mechanism.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this object as read-only ("ro").</t> to expose this object as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-dtls-cert-sets: </dt> babel-dtls-cert-sets: </dt>
<dd> <dd>
<t>A set of babel-dtls-cert-set-obj objects. If this <t>A set of babel-dtls-cert-set-obj objects. If this
object is implemented, it object is implemented, it
provides access to parameters related to the DTLS security mechanism. provides access to parameters related to the DTLS security mechanism.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this object as read-only ("ro").</t> to expose this object as read-only ("ro").</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="definition-of-babel-constants-obj" numbered="true" toc="d efault"> <section anchor="definition-of-babel-constants-obj" numbered="true" toc="d efault">
<name>Definition of babel-constants-obj</name> <name>Definition of babel-constants-obj</name>
<artwork align="left" name="" type="" alt=""><![CDATA[ <sourcecode name="" type=""><![CDATA[
object { object {
uint rw babel-udp-port; uint rw babel-udp-port;
[ip-address rw babel-mcast-group;] [ip-address rw babel-mcast-group;]
} babel-constants-obj; } babel-constants-obj;
]]></artwork> ]]></sourcecode>
<dl> <dl>
<dt> <dt>
babel-udp-port: </dt> babel-udp-port: </dt>
<dd> <dd>
<t>UDP port for sending and listening for Babel packets. Default <t>UDP port for sending and listening for Babel packets. Default
is 6696. An implementation MAY choose is 6696. An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro"). to expose this parameter as read-only ("ro").
This is a 16-bit unsigned integer.</t> This is a 16-bit unsigned integer.</t>
</dd> </dd>
<dt> <dt>
babel-mcast-group: </dt> babel-mcast-group: </dt>
<dd> <dd>
<t>Multicast group for sending and listening to multicast <t>Multicast group for sending and listening to multicast
announcements on IPv6. Default is ff02::1:6. announcements on IPv6. Default is ff02::1:6.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="definition-of-babel-interface-obj" numbered="true" toc="d efault"> <section anchor="definition-of-babel-interface-obj" numbered="true" toc="d efault">
<name>Definition of babel-interface-obj</name> <name>Definition of babel-interface-obj</name>
<artwork align="left" name="" type="" alt=""><![CDATA[ <sourcecode name="" type=""><![CDATA[
object { object {
reference ro babel-interface-reference; reference ro babel-interface-reference;
[boolean rw babel-interface-enable;] [boolean rw babel-interface-enable;]
string rw babel-interface-metric-algorithm; string rw babel-interface-metric-algorithm;
[boolean rw babel-interface-split-horizon;] [boolean rw babel-interface-split-horizon;]
[uint ro babel-mcast-hello-seqno;] [uint ro babel-mcast-hello-seqno;]
[uint ro babel-mcast-hello-interval;] [uint ro babel-mcast-hello-interval;]
[uint ro babel-update-interval;] [uint ro babel-update-interval;]
[boolean rw babel-mac-enable;] [boolean rw babel-mac-enable;]
[reference rw babel-if-mac-key-sets<0..*>;] [reference rw babel-if-mac-key-sets<0..*>;]
[boolean rw babel-mac-verify;] [boolean rw babel-mac-verify;]
[boolean rw babel-dtls-enable;] [boolean rw babel-dtls-enable;]
[reference rw babel-if-dtls-cert-sets<0..*>;] [reference rw babel-if-dtls-cert-sets<0..*>;]
[boolean rw babel-dtls-cached-info;] [boolean rw babel-dtls-cached-info;]
[string rw babel-dtls-cert-prefer<0..*>;] [string rw babel-dtls-cert-prefer<0..*>;]
[boolean rw babel-packet-log-enable;] [boolean rw babel-packet-log-enable;]
[reference ro babel-packet-log;] [reference ro babel-packet-log;]
[babel-if-stats-obj ro babel-if-stats;] [babel-if-stats-obj ro babel-if-stats;]
babel-neighbor-obj ro babel-neighbors<0..*>; babel-neighbor-obj ro babel-neighbors<0..*>;
} babel-interface-obj; } babel-interface-obj;
]]></artwork> ]]></sourcecode>
<dl> <dl>
<dt> <dt>
babel-interface-reference: </dt> babel-interface-reference: </dt>
<dd> <dd>
<t>Reference to an interface object that can be used to send and <t>Reference to an interface object that can be used to send and
receive IPv6 packets, as defined by receive IPv6 packets, as defined by
the data model (e.g., YANG <xref target="RFC7950" format="default"/>, BBF <xref target="TR-181" format="default"/>). the data model (e.g., YANG <xref target="RFC7950" format="default"/> and Broadba nd Forum (BBF) <xref target="TR-181" format="default"/>).
Referencing syntax will be specific to the data model. If there is Referencing syntax will be specific to the data model. If there is
no set of interface objects available, this should be a string that indicates no set of interface objects available, this should be a string that indicates
the interface name used by the underlying operating system.</t> the interface name used by the underlying operating system.</t>
</dd> </dd>
<dt> <dt>
babel-interface-enable: </dt> babel-interface-enable: </dt>
<dd> <dd>
<t>When written, it configures whether the protocol should be enable d <t>When written, it configures whether the protocol should be enable d
(true) or disabled (false) on this interface. (true) or disabled (false) on this interface.
A read from the running or intended datastore indicates the A read from the running or intended datastore indicates the
configured administrative value of whether the protocol is enabled configured administrative value of whether the protocol is enabled
(true) or not (false). A read from the operational datastore indicates whether (true) or not (false). A read from the operational datastore indicates whether
the protocol is actually running (true) or not (i.e., it indicates the the protocol is actually running (true) or not (i.e., it indicates the
operational state of the protocol). operational state of the protocol).
A data model that does not replicate parameters for running and operational A data model that does not replicate parameters for running and operational
datastores can implement this as two separate parameters. datastores can implement this as two separate parameters.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-interface-metric-algorithm: </dt> babel-interface-metric-algorithm: </dt>
<dd> <dd>
<t>Indicates the metric computation algorithm used on this interface . <t>Indicates the metric computation algorithm used on this interface .
The value MUST be one of those listed in the babel-information-obj The value <bcp14>MUST</bcp14> be one of those listed in the babel-metric-comp-al
babel-metric-comp-algorithms parameter. gorithms parameter.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-interface-split-horizon: </dt> babel-interface-split-horizon: </dt>
<dd> <dd>
<t>Indicates whether or not the split horizon optimization is used <t>Indicates whether or not the split-horizon optimization is used
when calculating metrics on this interface. A value of true when calculating metrics on this interface. A value of "true"
indicates split horizon optimization is used. indicates split-horizon optimization is used.
Split horizon optimization is described in Split-horizon optimization is described in
<xref target="RFC8966" format="default"/>, section 3.7.4. <xref target="RFC8966" sectionFormat="comma" section="3.7.4"/>.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-mcast-hello-seqno: </dt> babel-mcast-hello-seqno: </dt>
<dd> <dd>
<t>The current sequence number in use for multicast <t>The current sequence number in use for multicast
Hellos sent on this interface. Hellos sent on this interface.
This is a 16-bit unsigned integer.</t> This is a 16-bit unsigned integer.</t>
</dd> </dd>
<dt> <dt>
skipping to change at line 543 skipping to change at line 536
<dd> <dd>
<t>The current interval in use for all updates (multicast <t>The current interval in use for all updates (multicast
and unicast) sent on this interface. Units are centiseconds. and unicast) sent on this interface. Units are centiseconds.
This is a 16-bit unsigned integer.</t> This is a 16-bit unsigned integer.</t>
</dd> </dd>
<dt> <dt>
babel-mac-enable: </dt> babel-mac-enable: </dt>
<dd> <dd>
<t>Indicates whether the MAC security mechanism is enabled <t>Indicates whether the MAC security mechanism is enabled
(true) or disabled (false). (true) or disabled (false).
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-if-mac-keys-sets: </dt> babel-if-mac-key-sets: </dt>
<dd> <dd>
<t>List of references to the babel-mac entries that apply to this <t>List of references to the babel-mac-key-sets entries that apply t o this
interface. When an interface instance is created, all babel-mac-key-sets interface. When an interface instance is created, all babel-mac-key-sets
instances with babel-mac-default-apply "true" will be included instances with babel-mac-default-apply "true" will be included
in this list. in this list.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-mac-verify </dt> babel-mac-verify:</dt>
<dd> <dd>
<t>A Boolean flag indicating whether MACs in incoming Babel packets <t>A Boolean flag indicating whether MACs in incoming Babel packets
are required to be present and are verified. If this parameter is "true", are required to be present and are verified. If this parameter is "true",
incoming packets are required to have a valid MAC. incoming packets are required to have a valid MAC.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-dtls-enable: </dt> babel-dtls-enable: </dt>
<dd> <dd>
<t>Indicates whether the DTLS security mechanism is enabled <t>Indicates whether the DTLS security mechanism is enabled
(true) or disabled (false). (true) or disabled (false).
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-if-dtls-cert-sets: </dt> babel-if-dtls-cert-sets: </dt>
<dd> <dd>
<t>List of references to the babel-dtls-cert-sets entries that apply to this <t>List of references to the babel-dtls-cert-sets entries that apply to this
interface. When an interface instance is created, all babel-dtls-cert-sets interface. When an interface instance is created, all babel-dtls-cert-sets
instances with babel-dtls-default-apply "true" will be included instances with babel-dtls-default-apply "true" will be included
in this list. in this list.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-dtls-cached-info: </dt> babel-dtls-cached-info: </dt>
<dd> <dd>
<t>Indicates whether the cached_info extension <t>Indicates whether the cached_info extension
(see <xref target="RFC8968" format="default"/> Appendix A) is included in Client Hello (see <xref target="RFC8968" sectionFormat="comma" section="A"/>) is included in ClientHello
and ServerHello packets. The extension is included if the value and ServerHello packets. The extension is included if the value
is "true". is "true".
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-dtls-cert-prefer: </dt> babel-dtls-cert-prefer: </dt>
<dd> <dd>
<t>List of supported certificate types, in order of preference. <t>List of supported certificate types, in order of preference.
The values MUST be among those The values <bcp14>MUST</bcp14> be among those
listed in the babel-dtls-cert-types parameter. listed in the babel-dtls-cert-types parameter.
This list is used to populate the server_certificate_type This list is used to populate the server_certificate_type
extension (see <xref target="RFC8968" format="default"/> Appendix A) extension (see <xref target="RFC8968" sectionFormat="comma" section="A"/>)
in a Client Hello. Values that are present in in a ClientHello. Values that are present in
at least one instance in the babel-dtls-certs object of a at least one instance in the babel-dtls-certs object of a
referenced babel-dtls instance and that have referenced babel-dtls instance and that have
a non-empty babel-cert-private-key will be used to populate a non-empty babel-cert-private-key will be used to populate
the client_certificate_type extension in a Client Hello.</t> the client_certificate_type extension in a ClientHello.</t>
</dd> </dd>
<dt> <dt>
babel-packet-log-enable: </dt> babel-packet-log-enable: </dt>
<dd> <dd>
<t>Indicates whether packet logging is enabled <t>Indicates whether packet logging is enabled
(true) or disabled (false) on this interface.</t> (true) or disabled (false) on this interface.</t>
</dd> </dd>
<dt> <dt>
babel-packet-log: </dt> babel-packet-log: </dt>
<dd> <dd>
<t>A reference or url link to a file that contains a timestamped log <t>A reference or URL link to a file that contains a timestamped log
of packets received and sent on babel-udp-port on this interface. of packets received and sent on babel-udp-port on this interface.
The <xref target="libpcap" format="default"/> file format with .pcap file extens ion SHOULD be supported for The <xref target="libpcap" format="default"/> file format with a .pcap file exte nsion <bcp14>SHOULD</bcp14> be supported for
packet log files. Logging is packet log files. Logging is
enabled / disabled by babel-packet-log-enable. enabled/disabled by babel-packet-log-enable.
Implementations will need to carefully manage and limit Implementations will need to carefully manage and limit
memory used by packet logs.</t> memory used by packet logs.</t>
</dd> </dd>
<dt> <dt>
babel-if-stats: </dt> babel-if-stats: </dt>
<dd> <dd>
<t>Statistics collection object for this interface.</t> <t>Statistics collection object for this interface.</t>
</dd> </dd>
<dt> <dt>
babel-neighbors: </dt> babel-neighbors: </dt>
<dd> <dd>
<t>A set of babel-neighbor-obj objects.</t> <t>A set of babel-neighbor-obj objects.</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="definition-of-babel-if-stats-obj" numbered="true" toc="de fault"> <section anchor="definition-of-babel-if-stats-obj" numbered="true" toc="de fault">
<name>Definition of babel-if-stats-obj</name> <name>Definition of babel-if-stats-obj</name>
<artwork align="left" name="" type="" alt=""><![CDATA[ <sourcecode name="" type=""><![CDATA[
object { object {
uint ro babel-sent-mcast-hello; uint ro babel-sent-mcast-hello;
uint ro babel-sent-mcast-update; uint ro babel-sent-mcast-update;
uint ro babel-sent-ucast-hello; uint ro babel-sent-ucast-hello;
uint ro babel-sent-ucast-update; uint ro babel-sent-ucast-update;
uint ro babel-sent-IHU; uint ro babel-sent-IHU;
uint ro babel-received-packets; uint ro babel-received-packets;
} babel-if-stats-obj; } babel-if-stats-obj;
]]></artwork> ]]></sourcecode>
<dl> <dl>
<dt> <dt>
babel-sent-mcast-hello: </dt> babel-sent-mcast-hello: </dt>
<dd> <dd>
<t>A count of the number of multicast Hello packets sent on this int erface.</t> <t>A count of the number of multicast Hello packets sent on this int erface.</t>
</dd> </dd>
<dt> <dt>
babel-sent-mcast-update: </dt> babel-sent-mcast-update: </dt>
<dd> <dd>
<t>A count of the number of multicast update packets sent on this in terface.</t> <t>A count of the number of multicast update packets sent on this in terface.</t>
skipping to change at line 672 skipping to change at line 666
<t>A count of the number of unicast Hello packets sent on this inter face.</t> <t>A count of the number of unicast Hello packets sent on this inter face.</t>
</dd> </dd>
<dt> <dt>
babel-sent-ucast-update: </dt> babel-sent-ucast-update: </dt>
<dd> <dd>
<t>A count of the number of unicast update packets sent on this inte rface.</t> <t>A count of the number of unicast update packets sent on this inte rface.</t>
</dd> </dd>
<dt> <dt>
babel-sent-IHU: </dt> babel-sent-IHU: </dt>
<dd> <dd>
<t>A count of the number of IHU packets sent on this interface.</t> <t>A count of the number of "I Heard You" (IHU) packets sent on this interface.</t>
</dd> </dd>
<dt> <dt>
babel-received-packets: </dt> babel-received-packets: </dt>
<dd> <dd>
<t>A count of the number of Babel packets received on this interface .</t> <t>A count of the number of Babel packets received on this interface .</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="definition-of-babel-neighbor-obj" numbered="true" toc="de fault"> <section anchor="definition-of-babel-neighbor-obj" numbered="true" toc="de fault">
<name>Definition of babel-neighbor-obj</name> <name>Definition of babel-neighbor-obj</name>
<artwork align="left" name="" type="" alt=""><![CDATA[ <sourcecode name="" type=""><![CDATA[
object { object {
ip-address ro babel-neighbor-address; ip-address ro babel-neighbor-address;
[binary ro babel-hello-mcast-history;] [binary ro babel-hello-mcast-history;]
[binary ro babel-hello-ucast-history;] [binary ro babel-hello-ucast-history;]
uint ro babel-txcost; uint ro babel-txcost;
uint ro babel-exp-mcast-hello-seqno; uint ro babel-exp-mcast-hello-seqno;
uint ro babel-exp-ucast-hello-seqno; uint ro babel-exp-ucast-hello-seqno;
[uint ro babel-ucast-hello-seqno;] [uint ro babel-ucast-hello-seqno;]
[uint ro babel-ucast-hello-interval;] [uint ro babel-ucast-hello-interval;]
[uint ro babel-rxcost;] [uint ro babel-rxcost;]
[uint ro babel-cost;] [uint ro babel-cost;]
} babel-neighbor-obj; } babel-neighbor-obj;
]]></artwork> ]]></sourcecode>
<dl> <dl>
<dt> <dt>
babel-neighbor-address: </dt> babel-neighbor-address: </dt>
<dd> <dd>
<t>IPv4 or IPv6 address the neighbor sends packets from.</t> <t>IPv4 or IPv6 address the neighbor sends packets from.</t>
</dd> </dd>
<dt> <dt>
babel-hello-mcast-history: </dt> babel-hello-mcast-history: </dt>
<dd> <dd>
<t>The multicast Hello history of whether or not <t>The multicast Hello history of whether or not
the multicast Hello packets prior to babel-exp-mcast-hello-seqno the multicast Hello packets prior to babel-exp-mcast-hello-seqno
were received. were received.
A binary sequence where the most recently received Hello A binary sequence where the most recently received Hello
is expressed as a "1" placed in the left-most bit, with prior bits shifted is expressed as a "1" placed in the leftmost bit, with prior bits shifted
right (and "0" bits placed between prior Hello bits and most recent Hello right (and "0" bits placed between prior Hello bits and most recent Hello
for any not-received Hellos). This value should be displayed using for any not-received Hellos). This value should be displayed using
hex digits ([0-9a-fA-F]). See <xref target="RFC8966" format="default"/>, section A.1.</t> hex digits ([0-9a-fA-F]). See <xref target="RFC8966" sectionFormat="comma" secti on="A.1"/>.</t>
</dd> </dd>
<dt> <dt>
babel-hello-ucast-history: </dt> babel-hello-ucast-history: </dt>
<dd> <dd>
<t>The unicast Hello history of whether or not the <t>The unicast Hello history of whether or not the
unicast Hello packets prior to babel-exp-ucast-hello-seqno were received. unicast Hello packets prior to babel-exp-ucast-hello-seqno were received.
A binary sequence where the most recently received Hello A binary sequence where the most recently received Hello
is expressed as a "1" placed in the left-most bit, with prior bits shifted is expressed as a "1" placed in the leftmost bit, with prior bits shifted
right (and "0" bits placed between prior Hello bits and most recent Hello right (and "0" bits placed between prior Hello bits and the most recent Hello
for any not-received Hellos). This value should be displayed using for any not-received Hellos). This value should be displayed using
hex digits ([0-9a-fA-F]). See <xref target="RFC8966" format="default"/>, section A.1.</t> hex digits ([0-9a-fA-F]). See <xref target="RFC8966" sectionFormat="comma" secti on="A.1"/>.</t>
</dd> </dd>
<dt> <dt>
babel-txcost: </dt> babel-txcost: </dt>
<dd> <dd>
<t>Transmission cost value from the last IHU packet received from <t>Transmission cost value from the last IHU packet received from
this neighbor, or maximum value to indicate the IHU hold timer this neighbor, or the maximum value to indicate the IHU hold timer
for this neighbor has expired. See <xref target="RFC8966" format="default"/>, se for this neighbor has expired. See <xref target="RFC8966" sectionFormat="comma"
ction 3.4.2. section="3.4.2"/>.
This is a 16-bit unsigned integer.</t> This is a 16-bit unsigned integer.</t>
</dd> </dd>
<dt> <dt>
babel-exp-mcast-hello-seqno: </dt> babel-exp-mcast-hello-seqno: </dt>
<dd> <dd>
<t>Expected multicast Hello sequence number of <t>Expected multicast Hello sequence number of
next Hello to be received from this neighbor. If multicast Hello packets next Hello to be received from this neighbor. If multicast Hello packets
are not expected, or processing of multicast packets is not enabled, this are not expected or processing of multicast packets is not enabled, this
MUST be NULL. <bcp14>MUST</bcp14> be NULL.
This is a 16-bit unsigned integer; if the data model uses This is a 16-bit unsigned integer; if the data model uses
zero (0) to represent NULL values for unsigned integers, zero (0) to represent NULL values for unsigned integers,
the data model MAY use a different data type that allows the data model <bcp14>MAY</bcp14> use a different data type that allows
differentiation between zero (0) and NULL.</t> differentiation between zero (0) and NULL.</t>
</dd> </dd>
<dt> <dt>
babel-exp-ucast-hello-seqno: </dt> babel-exp-ucast-hello-seqno: </dt>
<dd> <dd>
<t>Expected unicast Hello sequence number of next <t>Expected unicast Hello sequence number of next
Hello to be received from this neighbor. If unicast Hello packets are not Hello to be received from this neighbor. If unicast Hello packets are not
expected, or processing of unicast packets is not enabled, this MUST be expected or processing of unicast packets is not enabled, this <bcp14>MUST</bcp1 4> be
NULL. NULL.
This is a 16-bit unsigned integer; if the data model uses This is a 16-bit unsigned integer; if the data model uses
zero (0) to represent NULL values for unsigned integers, zero (0) to represent NULL values for unsigned integers,
the data model MAY use a different data type that allows the data model <bcp14>MAY</bcp14> use a different data type that allows
differentiation between zero (0) and NULL.</t> differentiation between zero (0) and NULL.</t>
</dd> </dd>
<dt> <dt>
babel-ucast-hello-seqno: </dt> babel-ucast-hello-seqno: </dt>
<dd> <dd>
<t>The current sequence number in use for unicast Hellos <t>The current sequence number in use for unicast Hellos
sent to this neighbor. If unicast Hellos are not being sent, sent to this neighbor. If unicast Hellos are not being sent,
this MUST be NULL. this <bcp14>MUST</bcp14> be NULL.
This is a 16-bit unsigned integer; if the data model uses This is a 16-bit unsigned integer; if the data model uses
zero (0) to represent NULL values for unsigned integers, zero (0) to represent NULL values for unsigned integers,
the data model MAY use a different data type that allows the data model <bcp14>MAY</bcp14> use a different data type that allows
differentiation between zero (0) and NULL.</t> differentiation between zero (0) and NULL.</t>
</dd> </dd>
<dt> <dt>
babel-ucast-hello-interval: </dt> babel-ucast-hello-interval: </dt>
<dd> <dd>
<t>The current interval in use for unicast Hellos <t>The current interval in use for unicast Hellos
sent to this neighbor. Units are centiseconds. sent to this neighbor. Units are centiseconds.
This is a 16-bit unsigned integer.</t> This is a 16-bit unsigned integer.</t>
</dd> </dd>
<dt> <dt>
babel-rxcost: </dt> babel-rxcost: </dt>
<dd> <dd>
<t>Reception cost calculated for this neighbor. This value is <t>Reception cost calculated for this neighbor. This value is
usually derived from the Hello history, which may be combined with other usually derived from the Hello history, which may be combined with other
data, such as statistics maintained by the link layer. The rxcost is sent data, such as statistics maintained by the link layer. The rxcost is sent
to a neighbor in each IHU. See <xref target="RFC8966" format="default"/>, sectio n 3.4.3. to a neighbor in each IHU. See <xref target="RFC8966" sectionFormat="comma" sect ion="3.4.3"/>.
This is a 16-bit unsigned integer.</t> This is a 16-bit unsigned integer.</t>
</dd> </dd>
<dt> <dt>
babel-cost: </dt> babel-cost: </dt>
<dd> <dd>
<t>The link cost, as computed from the values <t>The link cost, as computed from the values
maintained in the neighbor table: the statistics kept in the maintained in the neighbor table: the statistics kept in the
neighbor table about the reception of Hellos, and the txcost neighbor table about the reception of Hellos and the txcost
computed from received IHU packets. computed from received IHU packets.
This is a 16-bit unsigned integer.</t> This is a 16-bit unsigned integer.</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="definition-of-babel-route-obj" numbered="true" toc="defau lt"> <section anchor="definition-of-babel-route-obj" numbered="true" toc="defau lt">
<name>Definition of babel-route-obj</name> <name>Definition of babel-route-obj</name>
<artwork align="left" name="" type="" alt=""><![CDATA[ <sourcecode name="" type=""><![CDATA[
object { object {
ip-address ro babel-route-prefix; ip-address ro babel-route-prefix;
uint ro babel-route-prefix-length; uint ro babel-route-prefix-length;
binary ro babel-route-router-id; binary ro babel-route-router-id;
reference ro babel-route-neighbor; reference ro babel-route-neighbor;
uint ro babel-route-received-metric; uint ro babel-route-received-metric;
uint ro babel-route-calculated-metric; uint ro babel-route-calculated-metric;
uint ro babel-route-seqno; uint ro babel-route-seqno;
ip-address ro babel-route-next-hop; ip-address ro babel-route-next-hop;
boolean ro babel-route-feasible; boolean ro babel-route-feasible;
boolean ro babel-route-selected; boolean ro babel-route-selected;
} babel-route-obj; } babel-route-obj;
]]></artwork> ]]></sourcecode>
<dl> <dl>
<dt> <dt>
babel-route-prefix: </dt> babel-route-prefix: </dt>
<dd> <dd>
<t>Prefix (expressed in IP address format) for which this <t>Prefix (expressed in IP address format) for which this
route is advertised.</t> route is advertised.</t>
</dd> </dd>
<dt> <dt>
babel-route-prefix-length: </dt> babel-route-prefix-length: </dt>
<dd> <dd>
skipping to change at line 838 skipping to change at line 832
</dd> </dd>
<dt> <dt>
babel-route-neighbor: </dt> babel-route-neighbor: </dt>
<dd> <dd>
<t>Reference to the babel-neighbors entry for the neighbor <t>Reference to the babel-neighbors entry for the neighbor
that advertised this route.</t> that advertised this route.</t>
</dd> </dd>
<dt> <dt>
babel-route-received-metric: </dt> babel-route-received-metric: </dt>
<dd> <dd>
<t>The metric with which this route was advertised <t>The metric with which this route was advertised
by the neighbor, or maximum value to indicate the route was by the neighbor, or the maximum value to indicate the route was
recently retracted and is temporarily unreachable (see Section 3.5.5 recently retracted and is temporarily unreachable (see <xref target="RFC8966" se
of <xref target="RFC8966" format="default"/>). This metric will be ctionFormat="of" section="3.5.4"/>). This metric will be
NULL if the route was not received from a neighbor NULL if the route was not received from a neighbor
but was generated through other means. At least one of but was generated through other means. At least one of the following
babel-route-calculated-metric <bcp14>MUST</bcp14> be non-NULL: babel-route-calculated-metric
and babel-route-received-metric MUST be non-NULL. or babel-route-received-metric.
Having both be non-NULL is expected for a route that is received and Having both be non-NULL is expected for a route that is received and
subsequently advertised. subsequently advertised.
This is a 16-bit unsigned integer; if the data model uses This is a 16-bit unsigned integer; if the data model uses
zero (0) to represent NULL values for unsigned integers, zero (0) to represent NULL values for unsigned integers,
the data model MAY use a different data type that allows the data model <bcp14>MAY</bcp14> use a different data type that allows
differentiation between zero (0) and NULL.</t> differentiation between zero (0) and NULL.</t>
</dd> </dd>
<dt> <dt>
babel-route-calculated-metric: </dt> babel-route-calculated-metric: </dt>
<dd> <dd>
<t>A calculated metric for this route. How the <t>A calculated metric for this route. How the
metric is calculated is implementation-specific. Maximum value metric is calculated is implementation specific. The maximum value
indicates the route was recently retracted and is temporarily unreachable indicates the route was recently retracted and is temporarily unreachable
(see Section 3.5.5 of <xref target="RFC8966" format="default"/>). (see <xref target="RFC8966" sectionFormat="of" section="3.5.4"/>).
At least one of babel-route-calculated-metric and At least one of the following <bcp14>MUST</bcp14> be non-NULL: babel-route-calcu
babel-route-received-metric MUST be non-NULL. lated-metric or babel-route-received-metric.
Having both be non-NULL is expected for a route that is received and Having both be non-NULL is expected for a route that is received and
subsequently advertised. subsequently advertised.
This is a 16-bit unsigned integer; if the data model uses This is a 16-bit unsigned integer; if the data model uses
zero (0) to represent NULL values for unsigned integers, zero (0) to represent NULL values for unsigned integers,
the data model MAY use a different data type that allows the data model <bcp14>MAY</bcp14> use a different data type that allows
differentiation between zero (0) and NULL.</t> differentiation between zero (0) and NULL.</t>
</dd> </dd>
<dt> <dt>
babel-route-seqno: </dt> babel-route-seqno: </dt>
<dd> <dd>
<t>The sequence number with which this route was advertised. <t>The sequence number with which this route was advertised.
This is a 16-bit unsigned integer.</t> This is a 16-bit unsigned integer.</t>
</dd> </dd>
<dt> <dt>
babel-route-next-hop: </dt> babel-route-next-hop: </dt>
<dd> <dd>
<t>The next-hop address of this route. This will be empty <t>The next-hop address of this route. This will be empty
if this route has no next-hop address.</t> if this route has no next-hop address.</t>
</dd> </dd>
<dt> <dt>
babel-route-feasible: </dt> babel-route-feasible: </dt>
<dd> <dd>
<t>A Boolean flag indicating whether this route is feasible, <t>A Boolean flag indicating whether this route is feasible,
as defined in Section 3.5.1 of <xref target="RFC8966" format="default"/>).</t> as defined in <xref target="RFC8966" sectionFormat="of" section="3.5.1"/>).</t>
</dd> </dd>
<dt> <dt>
babel-route-selected: </dt> babel-route-selected: </dt>
<dd> <dd>
<t>A Boolean flag indicating whether this route is selected <t>A Boolean flag indicating whether this route is selected
(i.e., whether it is currently being used for forwarding and (i.e., whether it is currently being used for forwarding and
is being advertised).</t> is being advertised).</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="definition-of-babel-mac-key-set-obj" numbered="true" toc= "default"> <section anchor="definition-of-babel-mac-key-set-obj" numbered="true" toc= "default">
<name>Definition of babel-mac-key-set-obj</name> <name>Definition of babel-mac-key-set-obj</name>
<artwork align="left" name="" type="" alt=""><![CDATA[ <sourcecode name="" type=""><![CDATA[
object { object {
boolean rw babel-mac-default-apply; boolean rw babel-mac-default-apply;
babel-mac-key-obj rw babel-mac-keys<0..*>; babel-mac-key-obj rw babel-mac-keys<0..*>;
} babel-mac-key-set-obj; } babel-mac-key-set-obj;
]]></artwork> ]]></sourcecode>
<dl> <dl>
<dt> <dt>
babel-mac-default-apply: </dt> babel-mac-default-apply: </dt>
<dd> <dd>
<t>A Boolean flag indicating whether this object instance is <t>A Boolean flag indicating whether this object instance is
applied to all new babel-interface instances, by default. applied to all new babel-interfaces instances by default.
If "true", this instance is applied to If "true", this instance is applied to
new babel-interfaces instances at the time they are created, by including new babel-interfaces instances at the time they are created by including
it in the babel-if-mac-key-sets list. it in the babel-if-mac-key-sets list.
If "false", this instance is not applied to new babel-interfaces If "false", this instance is not applied to new babel-interfaces
instances when they are created. instances when they are created.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-mac-keys: </dt> babel-mac-keys: </dt>
<dd> <dd>
<t>A set of babel-mac-key-obj objects.</t> <t>A set of babel-mac-key-obj objects.</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="definition-of-babel-mac-key-obj" numbered="true" toc="def ault"> <section anchor="definition-of-babel-mac-key-obj" numbered="true" toc="def ault">
<name>Definition of babel-mac-key-obj</name> <name>Definition of babel-mac-key-obj</name>
<artwork align="left" name="" type="" alt=""><![CDATA[ <sourcecode name="" type=""><![CDATA[
object { object {
string rw babel-mac-key-name; string rw babel-mac-key-name;
boolean rw babel-mac-key-use-send; boolean rw babel-mac-key-use-send;
boolean rw babel-mac-key-use-verify; boolean rw babel-mac-key-use-verify;
binary -- babel-mac-key-value; binary -- babel-mac-key-value;
string rw babel-mac-key-algorithm; string rw babel-mac-key-algorithm;
[operation babel-mac-key-test;] [operation babel-mac-key-test;]
} babel-mac-key-obj; } babel-mac-key-obj;
]]></artwork> ]]></sourcecode>
<dl> <dl>
<dt> <dt>
babel-mac-key-name: </dt> babel-mac-key-name: </dt>
<dd> <dd>
<t>A unique name for this MAC key that can be used to identify <t>A unique name for this MAC key that can be used to identify
the key in this object instance, since the key value is not the key in this object instance since the key value is not
allowed to be read. This value MUST NOT be empty and can only be provided when t allowed to be read. This value <bcp14>MUST NOT</bcp14> be empty and can only be
his provided when this
instance is created (i.e., it is not subsequently writable). instance is created (i.e., it is not subsequently writable).
The value MAY be auto-generated if not explicitly supplied when the instance is created.</t> The value <bcp14>MAY</bcp14> be auto-generated if not explicitly supplied when t he instance is created.</t>
</dd> </dd>
<dt> <dt>
babel-mac-key-use-send: </dt> babel-mac-key-use-send: </dt>
<dd> <dd>
<t>Indicates whether this key value is used to compute a MAC <t>Indicates whether this key value is used to compute a MAC
and include that MAC in the sent Babel and include that MAC in the sent Babel
packet. A MAC for sent packets is computed using this key if the value packet. A MAC for sent packets is computed using this key if the value
is "true". If the value is "false", this key is not used to is "true". If the value is "false", this key is not used to
compute a MAC to include in sent Babel packets. compute a MAC to include in sent Babel packets.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-mac-key-use-verify: </dt> babel-mac-key-use-verify: </dt>
<dd> <dd>
<t>Indicates whether this key value is used to verify <t>Indicates whether this key value is used to verify
incoming Babel packets. This key is used to verify incoming Babel packets. This key is used to verify
incoming packets if the value is "true". If the value incoming packets if the value is "true". If the value
is "false", no MAC is computed from this key for is "false", no MAC is computed from this key for
comparing with the MAC in an incoming packet. comparison with the MAC in an incoming packet.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-mac-key-value: </dt> babel-mac-key-value: </dt>
<dd> <dd>
<t>The value of the MAC key. An implementation MUST NOT allow <t>The value of the MAC key. An implementation <bcp14>MUST NOT</bcp1 4> allow
this parameter to be read. This can be done by always providing this parameter to be read. This can be done by always providing
an empty string when read, or through permissions, or other means. an empty string when read, through permissions, or by other means.
This value MUST be provided when this This value <bcp14>MUST</bcp14> be provided when this
instance is created, and is not subsequently writable. instance is created and is not subsequently writable.
This value is of a length suitable for the associated This value is of a length suitable for the associated
babel-mac-key-algorithm. babel-mac-key-algorithm.
If the algorithm is based on the HMAC construction <xref target="RFC2104" format If the algorithm is based on the Hashed Message Authentication Code (HMAC) const
="default"/>, ruction <xref target="RFC2104" format="default"/>,
the length MUST be between 0 and an upper limit that is at least the length <bcp14>MUST</bcp14> be between 0 and an upper limit that is at least
the size of the output length (where "HMAC-SHA256" output length the size of the output length (where the "HMAC-SHA256" output length
is 32 octets as described in <xref target="RFC4868" format="default"/>). Longer is 32 octets as described in <xref target="RFC4868" format="default"/>). Longer
lengths MAY be lengths <bcp14>MAY</bcp14> be
supported but are not necessary if the management system has the supported but are not necessary if the management system has the
ability to generate a suitably random value (e.g., by randomly ability to generate a suitably random value (e.g., by randomly
generating a value or by using a key derivation technique as generating a value or by using a key derivation technique as
recommended in <xref target="RFC8967" format="default"/> Security Considerations recommended in the security considerations in <xref target="RFC8967" sectionForm
). If the at="of" section="7"/>). If the
algorithm is "BLAKE2s-128", the length MUST be between 0 and 32 algorithm is "BLAKE2s-128", the length <bcp14>MUST</bcp14> be between 0 and 32
bytes inclusive as specified by <xref target="RFC7693" format="default"/>.</t> bytes inclusive as specified by <xref target="RFC7693" format="default"/>.</t>
</dd> </dd>
<dt> <dt>
babel-mac-key-algorithm </dt> babel-mac-key-algorithm </dt>
<dd> <dd>
<t>The name of the MAC algorithm used with this key. <t>The name of the MAC algorithm used with this key.
The value MUST be the same as one of the enumerations The value <bcp14>MUST</bcp14> be the same as one of the enumerations
listed in the babel-mac-algorithms parameter. listed in the babel-mac-algorithms parameter.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-mac-key-test: </dt> babel-mac-key-test: </dt>
<dd> <dd>
<t>An operation that allows the MAC key and MAC algorithm to <t>An operation that allows the MAC key and MAC algorithm to
be tested to see if they produce an expected outcome. Input be tested to see if they produce an expected outcome. Input
to this operation are a binary string and a calculated MAC to this operation is a binary string and a calculated MAC
(also in the format of a binary string) for the binary string. (also in the format of a binary string) for the binary string.
The implementation is The implementation is
expected to create a MAC over the binary string using the expected to create a MAC over the binary string using the
babel-mac-key-value and the babel-mac-key-algorithm. The babel-mac-key-value and the babel-mac-key-algorithm. The
output of this operation is a Boolean indication that the output of this operation is a Boolean indication that the
calculated MAC matched the input MAC (true) or calculated MAC matched the input MAC (true) or
the MACs did not match (false).</t> the MACs did not match (false).</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="definition-of-babel-dtls-cert-set-obj" numbered="true" to c="default"> <section anchor="definition-of-babel-dtls-cert-set-obj" numbered="true" to c="default">
<name>Definition of babel-dtls-cert-set-obj</name> <name>Definition of babel-dtls-cert-set-obj</name>
<artwork align="left" name="" type="" alt=""><![CDATA[ <sourcecode name="" type=""><![CDATA[
object { object {
boolean rw babel-dtls-default-apply; boolean rw babel-dtls-default-apply;
babel-dtls-cert-obj rw babel-dtls-certs<0..*>; babel-dtls-cert-obj rw babel-dtls-certs<0..*>;
} babel-dtls-cert-set-obj; } babel-dtls-cert-set-obj;
]]></artwork> ]]></sourcecode>
<dl> <dl>
<dt> <dt>
babel-dtls-default-apply: </dt> babel-dtls-default-apply: </dt>
<dd> <dd>
<t>A Boolean flag indicating whether this object instance is <t>A Boolean flag indicating whether this object instance is
applied to all new babel-interface instances, by default. applied to all new babel-interfaces instances by default.
If "true", this instance is applied to If "true", this instance is applied to
new babel-interfaces instances at the time they are created, by including new babel-interfaces instances at the time they are created by including
it in the babel-interface-dtls-certs list. it in the babel-interface-dtls-certs list.
If "false", this instance is not applied to new babel-interfaces If "false", this instance is not applied to new babel-interfaces
instances when they are created. instances when they are created.
An implementation MAY choose An implementation <bcp14>MAY</bcp14> choose
to expose this parameter as read-only ("ro").</t> to expose this parameter as read-only ("ro").</t>
</dd> </dd>
<dt> <dt>
babel-dtls-certs: </dt> babel-dtls-certs: </dt>
<dd> <dd>
<t>A set of babel-dtls-cert-obj objects. This contains both certific ates <t>A set of babel-dtls-cert-obj objects. This contains both certific ates
for this implementation to present for authentication, and to accept for this implementation to present for authentication and those to accept
from others. Certificates with a non-empty babel-cert-private-key can from others. Certificates with a non-empty babel-cert-private-key can
be presented by this implementation for authentication.</t> be presented by this implementation for authentication.</t>
</dd> </dd>
</dl> </dl>
</section> </section>
<section anchor="definition-of-babel-dtls-cert-obj" numbered="true" toc="d efault"> <section anchor="definition-of-babel-dtls-cert-obj" numbered="true" toc="d efault">
<name>Definition of babel-dtls-cert-obj</name> <name>Definition of babel-dtls-cert-obj</name>
<artwork align="left" name="" type="" alt=""><![CDATA[ <sourcecode name="" type=""><![CDATA[
object { object {
string rw babel-cert-name; string rw babel-cert-name;
string rw babel-cert-value; string rw babel-cert-value;
string rw babel-cert-type; string rw babel-cert-type;
binary -- babel-cert-private-key; binary -- babel-cert-private-key;
} babel-dtls-cert-obj; } babel-dtls-cert-obj;
]]></artwork> ]]></sourcecode>
<dl> <dl>
<dt> <dt>
babel-cert-name: </dt> babel-cert-name: </dt>
<dd> <dd>
<t>A unique name for this certificate that can be used to identify <t>A unique name for this certificate that can be used to identify
the certificate in this object instance, since the value is too long the certificate in this object instance since the value is too long
to be useful for identification. This value MUST NOT be empty and can to be useful for identification. This value <bcp14>MUST NOT</bcp14> be empty and
can
only be provided when this instance is created (i.e., it is not only be provided when this instance is created (i.e., it is not
subsequently writable). The value MAY be auto-generated if not subsequently writable). The value <bcp14>MAY</bcp14> be auto-generated if not
explicitly supplied when the instance is created.</t> explicitly supplied when the instance is created.</t>
</dd> </dd>
<dt> <dt>
babel-cert-value: </dt> babel-cert-value: </dt>
<dd> <dd>
<t>The certificate in PEM format <xref target="RFC7468" format="defa <t>The certificate in Privacy-Enhanced Mail (PEM) format <xref targe
ult"/>. t="RFC7468" format="default"/>.
This value MUST be provided when this This value <bcp14>MUST</bcp14> be provided when this
instance is created, and is not subsequently writable.</t> instance is created and is not subsequently writable.</t>
</dd> </dd>
<dt> <dt>
babel-cert-type: </dt> babel-cert-type: </dt>
<dd> <dd>
<t>The name of the certificate type of this object <t>The name of the certificate type of this object
instance. The value MUST be the same as one of the enumerations instance. The value <bcp14>MUST</bcp14> be the same as one of the enumerations
listed in the babel-dtls-cert-types parameter. listed in the babel-dtls-cert-types parameter.
This value can only be provided when this This value can only be provided when this
instance is created, and is not subsequently writable.</t> instance is created and is not subsequently writable.</t>
</dd> </dd>
<dt> <dt>
babel-cert-private-key: </dt> babel-cert-private-key: </dt>
<dd> <dd>
<t>The value of the private key. If this is non-empty, this <t>The value of the private key. If this is non-empty, this
certificate can be used by this implementation certificate can be used by this implementation
to provide a certificate during DTLS handshaking. to provide a certificate during DTLS handshaking.
An implementation MUST NOT allow An implementation <bcp14>MUST NOT</bcp14> allow
this parameter to be read. This can be done by always providing this parameter to be read. This can be done by always providing
an empty string when read, or through permissions, or other means. an empty string when read, through permissions, or by other means.
This value can only be provided when this This value can only be provided when this
instance is created, and is not subsequently writable.</t> instance is created and is not subsequently writable.</t>
</dd> </dd>
</dl> </dl>
</section> </section>
</section> </section>
<section anchor="extending-the-information-model" numbered="true" toc="defau lt"> <section anchor="extending-the-information-model" numbered="true" toc="defau lt">
<name>Extending the Information Model</name> <name>Extending the Information Model</name>
<t>Implementations MAY extend this information model with other parameters <t>Implementations <bcp14>MAY</bcp14> extend this information model with o
or ther parameters or
objects. For example, an implementation MAY choose to expose Babel route objects. For example, an implementation <bcp14>MAY</bcp14> choose to expose Babe
l route
filtering rules by adding a route filtering object with parameters appropriate filtering rules by adding a route filtering object with parameters appropriate
to how route filtering is done in that implementation. The precise means to how route filtering is done in that implementation. The precise means
used to extend the information model would be specific to the data model used to extend the information model would be specific to the data model
the implementation uses to expose this information.</t> the implementation uses to expose this information.</t>
</section> </section>
<section anchor="security-considerations" numbered="true" toc="default"> <section anchor="security-considerations" numbered="true" toc="default">
<name>Security Considerations</name> <name>Security Considerations</name>
<t>This document defines a set of information model objects and parameters that <t>This document defines a set of information model objects and parameters that
may be exposed to be visible from other devices, and some of which may be may be exposed and visible from other devices. Some of these information model o
configured. Securing access to and ensuring the integrity of this data bjects and parameters may be configured. Securing access to and ensuring the int
egrity of this data
is in scope of and the responsibility of any data model derived from this is in scope of and the responsibility of any data model derived from this
information model. Specifically, any YANG <xref target="RFC7950" format="default "/> data model is expected information model. Specifically, any YANG <xref target="RFC7950" format="default "/> data model is expected
to define security exposure of the various parameters, and a <xref target="TR-18 1" format="default"/> data model to define security exposure of the various parameters, and a <xref target="TR-18 1" format="default"/> data model
will be secured by the mechanisms defined for the management protocol used to will be secured by the mechanisms defined for the management protocol used to
transport it.</t> transport it.</t>
<t>Misconfiguration (whether unintentional or malicious) can prevent reach ability <t>Misconfiguration (whether unintentional or malicious) can prevent reach ability
or cause poor network performance (increased latency, jitter, etc.). or cause poor network performance (increased latency, jitter, etc.).
Misconfiguration of security credentials can cause a denial of service condition Misconfiguration of security credentials can cause a denial-of-service condition
for the Babel routing protocol. for the Babel routing protocol.
The information in this model discloses network topology, which can be used The information in this model discloses network topology, which can be used
to mount subsequent attacks on traffic traversing the network.</t> to mount subsequent attacks on traffic traversing the network.</t>
<t>This information model defines objects that can allow credentials (for this <t>This information model defines objects that can allow credentials (for this
device, for trusted devices, and for trusted certificate authorities) to device, for trusted devices, and for trusted certificate authorities) to
be added and deleted. Public keys may be exposed through be added and deleted. Public keys may be exposed through
this model. This model requires that private keys and MAC this model. This model requires that private keys and MAC
keys never be exposed. Certificates used by <xref target="RFC8968" format="defau lt"/> keys never be exposed. Certificates used by <xref target="RFC8968" format="defau lt"/>
implementations use separate parameters to model the public implementations use separate parameters to model the public
parts (including the public key) and the private key.</t> parts (including the public key) and the private key.</t>
<t>MAC keys are allowed to be as short as zero-length. This is <t>MAC keys are allowed to be as short as zero length. This is
useful for testing. Network operators are RECOMMENDED to follow useful for testing. It is <bcp14>RECOMMENDED</bcp14> that network operators foll
current best practices for key length and generation of ow current best practices for key length and generation of
keys related to the MAC algorithm associated with the key. keys related to the MAC algorithm associated with the key.
Short (and zero-length) keys are highly susceptible to brute force attacks Short (and zero-length) keys are highly susceptible to brute-force attacks
and therefore SHOULD NOT be used. and therefore <bcp14>SHOULD NOT</bcp14> be used.
See the Security Considerations section of <xref target="RFC8967" format="defaul See the security considerations as described in <xref target="RFC8967" sectionFo
t"/> rmat="of" section="7"/>
for additional considerations related to MAC keys. for additional considerations related to MAC keys; note that there are some spec
The fifth paragraph of <xref target="RFC8967" format="default"/> Security Consid ific key value recommendations in the fifth paragraph.
erations
makes some specific key value recommendations that should be noted.
It says that if it is necessary to derive keys from a human-readable It says that if it is necessary to derive keys from a human-readable
passphrase, "only the derived keys should be communicated to the routers" passphrase, "only the derived keys should be communicated to the routers"
and "the original passphrase itself should be kept on the host used to and "the original passphrase itself should be kept on the host used to
perform the key generation" (which would be the management system in the perform the key generation" (which would be the management system in the
case of a remote management protocol). It also recommends that keys "should case of a remote management protocol). It also recommends that keys "should
have a length of 32 octets (both for HMAC-SHA256 and BLAKE2s), and be have a length of 32 octets (both for HMAC-SHA256 and BLAKE2s), and be
chosen randomly".</t> chosen randomly".</t>
<t>This information model uses key sets and certification sets to provide <t>This information model uses key sets and certification sets to provide
a means of grouping keys and certificates. This makes it easy to use a means of grouping keys and certificates. This makes it easy to use
a different set per interface, the same set for one or more interfaces, a different set per interface, use the same set for one or more interfaces, have
have a default set in case a new interface is instantiated and to a default set in case a new interface is instantiated, and
change keys and certificates as needed.</t> change keys and certificates as needed.</t>
</section> </section>
<section anchor="iana-considerations" numbered="true" toc="default"> <section anchor="iana-considerations" numbered="true" toc="default">
<name>IANA Considerations</name> <name>IANA Considerations</name>
<t>This document has no IANA actions.</t> <t>This document has no IANA actions.</t>
</section> </section>
<section anchor="Acknowledgements" numbered="true" toc="default">
<name>Acknowledgements</name>
<t>Juliusz Chroboczek, Toke Hoeiland-Joergensen, David Schinazi,
Antonin Decimo,
Acee Lindem, and Carsten Bormann have been very helpful in
refining this information model.</t>
<t>The language in the Notation section was mostly taken from <xref target
="RFC8193" format="default"/>.</t>
</section>
</middle> </middle>
<back> <back>
<references> <references>
<name>References</name> <name>References</name>
<references> <references>
<name>Normative References</name> <name>Normative References</name>
<reference anchor="RFC2104" target="https://www.rfc-editor.org/info/rfc2
104"> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2104.
<front> xml"/>
<title>HMAC: Keyed-Hashing for Message Authentication</title> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2119.
<author initials="H." surname="Krawczyk" fullname="H. Krawczyk"> xml"/>
<organization/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4868.
</author> xml"/>
<author initials="M." surname="Bellare" fullname="M. Bellare"> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.3339.
<organization/> xml"/>
</author> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7468.
<author initials="R." surname="Canetti" fullname="R. Canetti"> xml"/>
<organization/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7693.
</author> xml"/>
<date year="1997" month="February"/> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8174.
<abstract> xml"/>
<t>This document describes HMAC, a mechanism for message authentic <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8966.
ation using cryptographic hash functions. HMAC can be used with any iterative cr xml"/>
yptographic hash function, e.g., MD5, SHA-1, in combination with a secret shared <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8967.
key. The cryptographic strength of HMAC depends on the properties of the under xml"/>
lying hash function. This memo provides information for the Internet community. <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8968.
This memo does not specify an Internet standard of any kind</t> xml"/>
</abstract>
</front>
<seriesInfo name="RFC" value="2104"/>
<seriesInfo name="DOI" value="10.17487/RFC2104"/>
</reference>
<reference anchor="RFC2119" target="https://www.rfc-editor.org/info/rfc2
119">
<front>
<title>Key words for use in RFCs to Indicate Requirement Levels</tit
le>
<author initials="S." surname="Bradner" fullname="S. Bradner">
<organization/>
</author>
<date year="1997" month="March"/>
<abstract>
<t>In many standards track documents several words are used to sig
nify the requirements in the specification. These words are often capitalized.
This document defines these words as they should be interpreted in IETF document
s. This document specifies an Internet Best Current Practices for the Internet
Community, and requests discussion and suggestions for improvements.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="14"/>
<seriesInfo name="RFC" value="2119"/>
<seriesInfo name="DOI" value="10.17487/RFC2119"/>
</reference>
<reference anchor="RFC4868" target="https://www.rfc-editor.org/info/rfc4
868">
<front>
<title>Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with IPsec
</title>
<author initials="S." surname="Kelly" fullname="S. Kelly">
<organization/>
</author>
<author initials="S." surname="Frankel" fullname="S. Frankel">
<organization/>
</author>
<date year="2007" month="May"/>
<abstract>
<t>This specification describes the use of Hashed Message Authenti
cation Mode (HMAC) in conjunction with the SHA-256, SHA-384, and SHA-512 algorit
hms in IPsec. These algorithms may be used as the basis for data origin authent
ication and integrity verification mechanisms for the Authentication Header (AH)
, Encapsulating Security Payload (ESP), Internet Key Exchange Protocol (IKE), an
d IKEv2 protocols, and also as Pseudo-Random Functions (PRFs) for IKE and IKEv2.
Truncated output lengths are specified for the authentication-related variants
, with the corresponding algorithms designated as HMAC-SHA-256-128, HMAC-SHA-384
-192, and HMAC-SHA-512-256. The PRF variants are not truncated, and are called
PRF-HMAC-SHA-256, PRF-HMAC-SHA-384, and PRF-HMAC-SHA-512. [STANDARDS-TRACK]</t>
</abstract>
</front>
<seriesInfo name="RFC" value="4868"/>
<seriesInfo name="DOI" value="10.17487/RFC4868"/>
</reference>
<reference anchor="RFC3339" target="https://www.rfc-editor.org/info/rfc3
339">
<front>
<title>Date and Time on the Internet: Timestamps</title>
<author initials="G." surname="Klyne" fullname="G. Klyne">
<organization/>
</author>
<author initials="C." surname="Newman" fullname="C. Newman">
<organization/>
</author>
<date year="2002" month="July"/>
<abstract>
<t>This document defines a date and time format for use in Interne
t protocols that is a profile of the ISO 8601 standard for representation of dat
es and times using the Gregorian calendar.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="3339"/>
<seriesInfo name="DOI" value="10.17487/RFC3339"/>
</reference>
<reference anchor="RFC7468" target="https://www.rfc-editor.org/info/rfc7
468">
<front>
<title>Textual Encodings of PKIX, PKCS, and CMS Structures</title>
<author initials="S." surname="Josefsson" fullname="S. Josefsson">
<organization/>
</author>
<author initials="S." surname="Leonard" fullname="S. Leonard">
<organization/>
</author>
<date year="2015" month="April"/>
<abstract>
<t>This document describes and discusses the textual encodings of
the Public-Key Infrastructure X.509 (PKIX), Public-Key Cryptography Standards (P
KCS), and Cryptographic Message Syntax (CMS). The textual encodings are well-kn
own, are implemented by several applications and libraries, and are widely deplo
yed. This document articulates the de facto rules by which existing implementat
ions operate and defines them so that future implementations can interoperate.</
t>
</abstract>
</front>
<seriesInfo name="RFC" value="7468"/>
<seriesInfo name="DOI" value="10.17487/RFC7468"/>
</reference>
<reference anchor="RFC7693" target="https://www.rfc-editor.org/info/rfc7
693">
<front>
<title>The BLAKE2 Cryptographic Hash and Message Authentication Code
(MAC)</title>
<author initials="M-J." surname="Saarinen" fullname="M-J. Saarinen"
role="editor">
<organization/>
</author>
<author initials="J-P." surname="Aumasson" fullname="J-P. Aumasson">
<organization/>
</author>
<date year="2015" month="November"/>
<abstract>
<t>This document describes the cryptographic hash function BLAKE2
and makes the algorithm specification and C source code conveniently available t
o the Internet community. BLAKE2 comes in two main flavors: BLAKE2b is optimize
d for 64-bit platforms and BLAKE2s for smaller architectures. BLAKE2 can be dir
ectly keyed, making it functionally equivalent to a Message Authentication Code
(MAC).</t>
</abstract>
</front>
<seriesInfo name="RFC" value="7693"/>
<seriesInfo name="DOI" value="10.17487/RFC7693"/>
</reference>
<reference anchor="RFC8174" target="https://www.rfc-editor.org/info/rfc8
174">
<front>
<title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</ti
tle>
<author initials="B." surname="Leiba" fullname="B. Leiba">
<organization/>
</author>
<date year="2017" month="May"/>
<abstract>
<t>RFC 2119 specifies common key words that may be used in protoco
l specifications. This document aims to reduce the ambiguity by clarifying tha
t only UPPERCASE usage of the key words have the defined special meanings.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="14"/>
<seriesInfo name="RFC" value="8174"/>
<seriesInfo name="DOI" value="10.17487/RFC8174"/>
</reference>
<reference anchor="RFC8966" target="https://www.rfc-editor.org/info/rfc8
966">
<front>
<title>The Babel Routing Protocol</title>
<author initials="J." surname="Chroboczek" fullname="J. Chroboczek">
<organization/>
</author>
<author initials="D." surname="Schinazi" fullname="D. Schinazi">
<organization/>
</author>
<date year="2021" month="January"/>
<abstract>
<t>Babel is a loop-avoiding, distance-vector routing protocol that
is robust and efficient both in ordinary wired networks and in wireless mesh ne
tworks. This document describes the Babel routing protocol and obsoletes RFC 61
26 and RFC 7557.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="8966"/>
<seriesInfo name="DOI" value="10.17487/RFC8966"/>
</reference>
<reference anchor="RFC8967" target="https://www.rfc-editor.org/info/rfc8
967">
<front>
<title>MAC Authentication for the Babel Routing Protocol</title>
<author initials="C." surname="Dô" fullname="C. Dô">
<organization/>
</author>
<author initials="W." surname="Kolodziejak" fullname="W. Kolodziejak
">
<organization/>
</author>
<author initials="J." surname="Chroboczek" fullname="J. Chroboczek">
<organization/>
</author>
<date year="2021" month="January"/>
<abstract>
<t>This document describes a cryptographic authentication mechanis
m for the Babel routing protocol that has provisions for replay avoidance. This
document obsoletes RFC 7298.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="8967"/>
<seriesInfo name="DOI" value="10.17487/RFC8967"/>
</reference>
<reference anchor="RFC8968" target="https://www.rfc-editor.org/info/rfc8
968">
<front>
<title>Babel Routing Protocol over Datagram Transport Layer Security
</title>
<author initials="A." surname="Décimo" fullname="A. Décimo">
<organization/>
</author>
<author initials="D." surname="Schinazi" fullname="D. Schinazi">
<organization/>
</author>
<author initials="J." surname="Chroboczek" fullname="J. Chroboczek">
<organization/>
</author>
<date year="2021" month="January"/>
<abstract>
<t>The Babel Routing Protocol does not contain any means to authen
ticate neighbours or provide integrity or confidentiality for messages sent betw
een them. This document specifies a mechanism to ensure these properties using
Datagram Transport Layer Security (DTLS).</t>
</abstract>
</front>
<seriesInfo name="RFC" value="8968"/>
<seriesInfo name="DOI" value="10.17487/RFC8968"/>
</reference>
<reference anchor="ISO.10646"> <reference anchor="ISO.10646">
<front> <front>
<title>Information Technology - Universal Multiple-Octet Coded Chara cter Set (UCS)</title> <title>Information technology - Universal Coded Character Set (UCS)< /title>
<author> <author>
<organization>International Organization for Standardization</orga nization> <organization>International Organization for Standardization</orga nization>
</author> </author>
<date year="2014"/> <date year="2014"/>
</front> </front>
<seriesInfo name="ISO Standard" value="10646:2014"/> <seriesInfo name="ISO Standard" value="10646:2014"/>
</reference> </reference>
<reference anchor="libpcap" target="https://wiki.wireshark.org/Developme
nt/LibpcapFileFormat"> <reference anchor="libpcap" target="https://gitlab.com/wireshark/wiresha
rk/-/wikis/Development/LibpcapFileFormat">
<front> <front>
<title>Libpcap File Format</title> <title>Libpcap File Format</title>
<author> <author>
<organization>Wireshark</organization> <organization>GitLab</organization>
</author> </author>
<date year="2015"/> <date year="2020" month="November"/>
</front> </front>
<refcontent>Wireshark Foundation</refcontent>
</reference> </reference>
</references> </references>
<references> <references>
<name>Informative References</name> <name>Informative References</name>
<reference anchor="RFC6241" target="https://www.rfc-editor.org/info/rfc6
241"> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.6241.
<front> xml"/>
<title>Network Configuration Protocol (NETCONF)</title> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.7950.
<author initials="R." surname="Enns" fullname="R. Enns" role="editor xml"/>
"> <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8193.
<organization/> xml"/>
</author>
<author initials="M." surname="Bjorklund" fullname="M. Bjorklund" ro
le="editor">
<organization/>
</author>
<author initials="J." surname="Schoenwaelder" fullname="J. Schoenwae
lder" role="editor">
<organization/>
</author>
<author initials="A." surname="Bierman" fullname="A. Bierman" role="
editor">
<organization/>
</author>
<date year="2011" month="June"/>
<abstract>
<t>The Network Configuration Protocol (NETCONF) defined in this do
cument provides mechanisms to install, manipulate, and delete the configuration
of network devices. It uses an Extensible Markup Language (XML)-based data enco
ding for the configuration data as well as the protocol messages. The NETCONF p
rotocol operations are realized as remote procedure calls (RPCs). This document
obsoletes RFC 4741. [STANDARDS-TRACK]</t>
</abstract>
</front>
<seriesInfo name="RFC" value="6241"/>
<seriesInfo name="DOI" value="10.17487/RFC6241"/>
</reference>
<reference anchor="RFC7950" target="https://www.rfc-editor.org/info/rfc7
950">
<front>
<title>The YANG 1.1 Data Modeling Language</title>
<author initials="M." surname="Bjorklund" fullname="M. Bjorklund" ro
le="editor">
<organization/>
</author>
<date year="2016" month="August"/>
<abstract>
<t>YANG is a data modeling language used to model configuration da
ta, state data, Remote Procedure Calls, and notifications for network management
protocols. This document describes the syntax and semantics of version 1.1 of
the YANG language. YANG version 1.1 is a maintenance release of the YANG langua
ge, addressing ambiguities and defects in the original specification. There are
a small number of backward incompatibilities from YANG version 1. This documen
t also specifies the YANG mappings to the Network Configuration Protocol (NETCON
F).</t>
</abstract>
</front>
<seriesInfo name="RFC" value="7950"/>
<seriesInfo name="DOI" value="10.17487/RFC7950"/>
</reference>
<reference anchor="RFC8193" target="https://www.rfc-editor.org/info/rfc8
193">
<front>
<title>Information Model for Large-Scale Measurement Platforms (LMAP
s)</title>
<author initials="T." surname="Burbridge" fullname="T. Burbridge">
<organization/>
</author>
<author initials="P." surname="Eardley" fullname="P. Eardley">
<organization/>
</author>
<author initials="M." surname="Bagnulo" fullname="M. Bagnulo">
<organization/>
</author>
<author initials="J." surname="Schoenwaelder" fullname="J. Schoenwae
lder">
<organization/>
</author>
<date year="2017" month="August"/>
<abstract>
<t>This Information Model applies to the Measurement Agent within
an LMAP framework. As such, it outlines the information that is configured or p
reconfigured on the Measurement Agent or exists in communications with a Control
ler or Collector within an LMAP framework. The purpose of such an Information M
odel is to provide a protocol- and device-independent view of the Measurement Ag
ent that can be implemented via one or more Control and Report Protocols.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="8193"/>
<seriesInfo name="DOI" value="10.17487/RFC8193"/>
</reference>
<reference anchor="TR-181" target="http://cwmp-data-models.broadband-for um.org/"> <reference anchor="TR-181" target="http://cwmp-data-models.broadband-for um.org/">
<front> <front>
<title>Device Data Model</title> <title>Device Data Model</title>
<author> <author>
<organization>Broadband Forum</organization> <organization>Broadband Forum</organization>
</author> </author>
<date/> <date month="November" year="2020"/>
</front> </front>
<refcontent>Issue: 2 Amendment 14</refcontent>
</reference> </reference>
</references> </references>
</references> </references>
<section anchor="Acknowledgements" numbered="false" toc="default">
<name>Acknowledgements</name>
<t><contact fullname="Juliusz Chroboczek"/>, <contact fullname="Toke Høila
nd-Jørgensen"/>, <contact fullname="David Schinazi"/>,
<contact fullname="Antonin Décimo"/>, <contact fullname="Roman Danyliw"/>, <cont
act fullname="Benjamin Kaduk"/>, <contact fullname="Valery Smyslov"/>, <contact
fullname="Alvaro Retana"/>, <contact fullname="Donald Eastlake"/>, <contact full
name="Martin Vigoureux"/>,
<contact fullname="Acee Lindem"/>, and <contact fullname="Carsten Bormann"/> hav
e been very helpful in
refining this information model.</t>
<t>The language in the <xref target="notation" format="none">"Notation"</x
ref> section was mostly taken from <xref target="RFC8193" format="default"/>.</t
>
</section>
</back> </back>
<!-- ##markdown-source:
H4sIACPASmAAA+0923Ibx5Xv8xVddNWa9AKQKMmyRCeppSg5YiJKWlHKpRyX
awA0iDEHM8hcRMEK93/2D/KeH9tz69tMDwi6omRTcSrZpTB9OX369Ln36fF4
nNRNWsy/T/Oy0EeqqVqdZOuK/qqbe3fvPr57L5mXsyJdwed5lS6acaabxXia
TnU+zopFWa3SJiuL8aqcwy+HD5JZ2hwp/JKss6NEqbqpshn89PlG15/Dv5ty
FvxjrtfNEn55gP+uN6tKL2rXoC6rJvxlVq7WqT9g3U7db0X5edJkTQ7gPkEY
1amDUZ0hjEla6fRIvSnbJisukqsL07LiX9S6KgGsMk8ur+RTMk8bGPDe3XuH
Sdo2y7I6SsawRoDqyUQ9n6jzJq0uARTG05O0mqZVan8tK5jj+O1/vGVsaI2A
0lKyZgNfmjwtmnSkfn0Mv1X6AkA1DQBg+2dbNBU0f3cO/1ovacPoi16lWX6k
pjzrpMZZ/yttmglgxYB5NlG/gf/qZpkWsOFpkVloz9KlrpfdbwTz786uAFlx
qOlPA+xJmmeA5iJLbwn06gdv2v+6wB8JbNjyI/XxOil4795rpKQ335zcO7z7
wP55+Fj+fPDo4SP58/79++bXrx7YX796+Pi+/Pno8CszwqPHDx+6P79yf1K3
0/NXk8O7Dx9QE6BUJiqfnN7q2bIo8/Jio8bqXQFQVnWaq7M2b7J1rsevZo1u
1AmgY65OlrA38O9KncNv++9Ozg9oWENO+PeYsX5aQLOCpoDRXlUXgJofeUaY
G6kKsFXN5TfqaegTjh/+s9ZVpms8gzwwLcZ2PFK8LGmeZ9P1LF0Hq3zBv6lv
slyrb2jBQ9D+PquAfJjQPUC+5OHS6gLpZtk06/rozp2r7DKbXJkeExjgzlP9
XufleqWL5o5Mi7PKpIllMZYEHt57cGi29fGXd+228g6/fTM+fHQYLAZmyGZa
PU2bVDjAwFKeVGU6nwKScMntylvQIs1r3VsRLGh2tVqPoU3K/K+eTM0Y4wWO
QUtMkvF4rNIpnCIggSR5u8zqIe6E3Od9Ntc1nrl21rQVEA9OoHSuEUl1gkSQ
Sv9steafeYhKr4FfIhPLmlrN2qqCTzASLELhulbpJknzvLyCXV9lDQw9K4tF
dtFW3L9cAMNdaWCps2U464Sh9ji+ohWrWVqoqVZtDYOlNQA2TWtoiEDOgNES
MDhSwghSbTGHQ/A+rbKyrXkO+oLtkJ2sdD1R3bm4syqLfAM/z/IWEbSGE7XS
cFZqWpv9Jwyet/AdQFq0OUKSrIDFXOAMjLUSTqo6ff3+4YS3ZpXN57lOks/w
7FXlHPCOkyaCY1xVXpbrcfq+zOa0oAzl5kyP3+tZAyvtig4114usAIxkRfLx
o7Ca6+uJMv/46vpa2uDgtYatAq6arICjwGmvVwq4YqNoqwypgIC71LCrTYn4
nlWbdVNeVOl6mc2g3YYEE+wU/Av2dUQoMbM9is6m7GzJTbNNy2apgglofF0Q
GHou1AGaQovUApPVsyqb4nRFhGaQOHiafd5NotiAlOukrfFXkBhwOBkAoE6A
oNaRFdQHjDGfGgF0okCtaPtp7MTtkKW8Wu0TvRP1vnz29uTVy28YdchqAHV/
PH75a/4BGQ7i0vY9AAp62mqcC0BTNS4iQwEpwBpsyqwj6FU35lsPMQkdnBlB
H5zmcBRVrnVl5AMdbt5uoOoNHOwGuB5MwZsKI8IRr4GjICNZoQQAgt0gwBbh
tB+4USEzmeUpMAlQkVC7yjOkd3WVwT40UU4AWhCyDu9UArchUjUsZprrSfK8
vAKOX42AQyFw7drgLsrQrpagH8BhhTbMt9JiY+kgkaMg48P6ELysIOYXDjRR
v4dhNKM9nGJe6hr0DKH/PkNkknPLIsjPjv8ImM9y4H/LsqyJAPSHdYlALfUK
aQlIbz5GjjVBjq8jrB6WvwZRCJAA6EzuqVpmsLfVjE61kwHCEi2s0I+4IHRw
xIislymHdqg/4aIqV3YiULE0iocszRPY/5Lw7CZMhhj+rZhw4piwGmTCvDYe
fQmYK0pvWIRNGHq91rNskc0Q2XIEeqM9GCkgL8RA2V4sfeZLyBM2CMtfoZY2
S+E0XgD3XpOYgK0gVoQryYHF6wL/BbO5xmlRgE47Y6GIqMY5kf0hdcEqcl3D
/8kuQaABYcyRgKZACZfAf9ScGQXgDk8kDt8kIbnhxPAZOuBGdgjVYy7Zwskm
xgRy5Pwq3fA20B55CH7TFoXFVWI/AA38uUVtjP8F7ALPB4jiS5WnG13RWIQ2
pLlC63mSzqFzkyF4QIOL7IOGA4HiD1ubb4KcSj19foID0zlNhNZhgTRNoZur
EpRAUDaLy3FeIr0TGLCmK+BXsIK6XSMHxGlXJYpd0uRq5AqVZRg1HjwQw8zx
hflP1Muy0SQTkg65BTKC1JTuiSdhg/ua4PoZUbhCUIKSzz5TbxhpvMgXaXHR
wubyGb/UGwWLmtdq7+zd+du9Ef9/9fIV/f3m2X+/O33z7Cn+ff78+MUL+0ci
Lc6fv3r34qn7y/U8eXV29uzlU+4Mv6rgp2QPONIei4G9V6/fnr56efxij1Ht
C+a00oKlDK0M2BKinDoxEhvpTz05eQ22AYs8NLPg8PBBAtsJ/gb0FyNHZ/xP
2FLQQdZrnVY4RIqsMV1nDWjOI2SH9bK8KhRuHGMR9odVu47qANuCchhkHSg3
K5Q/QIuM4zGeKyRF3ilYh5xmJCfosEbqA54j4rWc/gBkUQ9K24k6hu1eixyV
/hsiKOBuwMrnyRRo8M8tIm1asUI0Un/6Vn3Hq0+JSQQ9M2AgrB9BV6BvVbSr
KXIxRElxkQcD/WI1mRS/Ggk5r2znmuCFpWcrAIxHwEXRbEYhHxFxFt1O6Yds
1a6kk+p2moCBhGrKZjUFNeJPXxD9g3at04L6Axi42KK0CizZCTXLFD087LMU
FCjLtAk0Rr+TFKmFVY7ZXlXuIZPYq672JvwvC4g3FsomGcoXqtRNOmTu2xXo
hSAtv2GNhjuOvE+y1qxgBd5Sh0whvIH1xjlCB4SiScM9XUR0JLQNUG0QdZN0
gSTQrVIG1AlGXzUYiS5FDJbPXrh4PpZEo6JGCKC0PxlpynhkSPSrZrMmOkj5
oJs9TFGrJOX+KEk+gu0KlHgKZljR/PLzw3ufXyfTrEirTXKkjhX/SU47OHn7
NfA6jYofoKlEd0aNGu+0LHNAI3XAOVFTZebOqsUT/q720aGISCT7+YDlOPRH
o7oBS29wgLkxWLGVaCyImF+DhVhWoIrCRuUavRkTImg7oFJ8yBWxXeTs8E/c
GuBeCn1DzMjwL2Bk55oMPfXlBC3BDAy8+RzAqIfgQmmvpI1oLdRK5FTtJIcy
kgMgkg4kPqzmPrh0ECwouYCpzPQcFDFcaa6sgpYyxF1jh1ypqGFl6zZH5AXG
O3avN6BwrKD9Mn2flRUCIxrgbHgfbAtSwAsGwWekeECc/inzkfsQe5AvgTux
6IYB67KtZkgETGKDUy9bWM0YTwraDYYgRXMiyxDOo9oHlbvOpiCFoC85mvX8
gH3CtSZD612RoUOSN+T81Z3TZyfs/wJKsC4+oIWZcdAhZlqQjsNE0AIMF2zd
N/oCFsdsMeK2UIIYq0NZ9RMV+KzmY42Oh1egnrzP9NUWW8G3DPKN7x8KDnjy
P/Cf5D/HY9Vz0qMHy/sQsLIxei97bXSB2De/sZ43zubmh1rnizHwiKIMuwHz
gr0Yo+E4TnM8ss1yVYdtjBE/dlpeOEY6G+w7b/J6PAOhOyaW1xkYFlR3IPe/
4F424QckK5AHDY30F/9LO1+PEbrehxWaA2OyHTpoRcVqkc50fzD7aeyO3nAb
t4KBBoJli6QtTWuwHJrxEtr9yFscWctSAwm53RxsQaMCK+/jao18ePg77ujQ
ohb0FfRnACCyDfgRCDRbbHqfiBaGh3WkEh2YP4P2oud0UgYaYP81bVqvAXvK
wIC5GILCtYgBSEQpH/4SHpCi8RF/QxvG/mCjdoeB2l0GOn3+LvYN+JnO3gMW
xXPYW2qhs4vlFCSPfFGxj1YCR9ow9QlCQAiU1Wa4WXtTs+bDrKyb2BcwJwdP
RK9hu0vDWzfqHKGgXTUIuPnda0tma28r6Ocx2+9bP45BybpolgNtAnEQ+W42
dai7oRjmYwOtQNjNSKW5oV2cbxlAPiDzWw98XugUdYj+wTUj5+Re6IunrewK
RH3a5s0YbOK8z7Wke5TQzdAYn932HRQ/PJLzm9oEjDPaihTzbQ26MibaCEit
Q3995tv/3MNTfATTO6R4HNqgKfrRriz6FbWHwY/rKnuP8gyWxjoVmE5pRU4r
wAdogL/cy/Wi2btOkjP06vuu0Er7puo3pJxRkAN9G9aoe6/ZjhYb1BvA2nCo
NIqXzvi37MCo7CVfKJY6d+ZZTZoy+/jgdzZi77ABK96ys+MT9VsNyiNux0Cb
E3SjLMipYNt15kCZhWr4DKMLea4lXvaFOhFF6ki9e/pakeIU/ErOtI7rFVuc
Gk3lKLoc69O2Gk2n0xmxBuXINPx8juqPMupP+A2XiDuAqKETGX7mw6MMs6Jm
RsT1BsJxZg59HAZF85ziJk/fvjjv9MFvrH2Q3aCAUemipvhX2JCVj4p8EnN2
wXgTseW/HZEMtEItBNrBMoj/HHVIACQ85g6ETdCtad2l5MP1MBBpBnQqaPPa
4er5JA/OSbbPwh6W3oFyx6DSYPkU6KiiA04+SDoYR4nARNBIEEJmV3KiZZsT
6yJm2irFBFNCZwXmbZDTfWN9pjYZgV314hg3P5KTqDGhAAxVAfJhreu0mGEo
rLnSuuhMRl4OdGHoJs1yoYMw7O37erKCbVt0yzQYCKWfyf2qgD5gfwj6cJIJ
mZhRw5J8sU/tBOT+7uV2ldMfjF0p7qePzDXFKo/8pyq3Wplfc39xJMX6XwUW
qGnP3qlt85FJajUT7vct2vOxXt1+pER8/d3Oi4vbub84nEy++NXXO4/St4R/
cdeN8O0ucAS2ssz/3c7dO+Z02H+HPfItbtPNerpiM/fMcYPzjjmOlNcF1n78
2u/iTN1IF2eS+4gNlDzXK+jJCnSwHT31z/a1+PB1Q+n7nd85UIuku+0c6ky2
+3X8XH59k2qSbDuGR8kRsQVUoUwKQW3j3lk3ih5PapiYOZgAcMzfIztGf3uD
oSEQvTZGX7uQPgdtOKOhXpZtPkcey4OgTkve4wNyMbIIm6t9diRP4OsxsXsO
aeNQlYQ4kQMa5o2uSTQAdRglSZSfM5DOMdKCuVnE11mewEKjcFJwqA8gSgED
Ww8yP1sjBpFMhC7czlTprGnJ12cW15kxm+gJJ1J0ltdLELEqpowuKPR8tyQH
rZ8SZFbOmoUnhFH6G0gowuNmSZRbWk2OaRcBIUJKawqH1RrHC4YlSHqBFUyw
kHCKcskVPFY8lqL2MYR0YKkxFASG0u0PrKlglI71So4HxSmcQcgwYoJKTdbg
2C6Z6+H1Na7f5jyZBQMW0mqaAWW5iAqM/0giKSGkJHoMlDZzz4RfJPAmwTQK
FNFKFDtrZG+MtQ9y4AIkZeMtsIBNNg5qtEEOH44Bsp4r28IUl2wI3wuxWKyw
Uuh3oLTsVjbPdZio1+ygx22UNA5ZhNq7NwaAx+VifN9Erp+9/cMe0oP/CeH1
o9Pw2UP8yOhA6nhyb3JInXGU2/S65+1EVxLHVxxJQHMr7awTIQJ9dI9TP+Zi
V/FQOKqfEkhIQFV1T0huS/tH19dutwL5H4cZdeKbNskozMpt0nPU78+fH9/7
8iFmHjx5cfzbZ/fq8eG9R/EVLcjf4wb3QuJAtN5iLfAd7WOAxrrGzlZ8/2Hy
5d3He4zON+nV63YK3Azs3kGQlYkjRKH1Ue3rOgjqaZePx43jIcnRFW2q5NwJ
p7JQ6hrSr3QfAS+UEJg3k+DAuAxmoLJVNBXi4AoT1ch+mXHeCseMCjA/TJ4n
dqRsfQx1Jz39DFdK2RJGqSNxQZ8oAt53Z/vOjFL9qKuS2Y8vnUy2V1YAVVKM
s23wL184JB2t74jD1BE9kU0T28NhkLuIeR5TFyVTxHZlRhrp5nRF0wV9G2C4
SdYCd1SXBea6UF4jLZiYr39WjXIYmaKrWNqJThdmOJcOYYUmkkWGzjebPp7O
ZpiK1vi5dLBh5Ek1KZfIEvqs7PYCWQDaJo1DrTay7r5O/ClXTu6AT770Ids6
oNu4ZR1YrNY2MNFIMUVcxkJgfbjIpGc3BHPuajWY+XC/jEPPOIEimZIur1vY
ygSXj95d5Ky1evjw8cPJ31fZU7fRaRxicEFn/QzQgXX5GaDEUvs5oA/tUhGW
xeLuvaOjw6OHf3/ldthf43G0OE25bI6YqRsJThuLN+YBsOTWDVhvdZ9EenWj
2LecNIhsGzM76u9x3pJuOO723UyAbreencD4Vs9K4EQIXSrx/btysneL3+HG
qdhhu1t7L+S+M2wDbo1dZ/NC9FsdWxE3CrvObzNjL6S/fZVlr1vo7jFakfH0
lB1tKXR+2VB4p7WNnxtv1HXs5O/sD+qfduSJb8KEL6eGGkEXu2WDTBM5ZqJM
mITjPGuT6ZrWNhdxuhE/h+d62NeTi8mod81mpJ48wYs4fKXv+pq4vQGQ1N8N
MNQPVrv1rweEM4gKwX550seM7tFdH4iR92mW455LbqbzTKWGpfHFGqP3y3rc
SORMc94FzVfe8g2Z//baAufj9bXVf5wXrR9U+9mv9rNf7Ua/2rDkDs1hSkfn
sGzU7aBa/7JSQIPoAmN6oTReoGe6BoioRmBJMbPJ0vFwleGmcT+WW+qnx1Kg
oMQ9BkJ3dIPQj1TT7YSVufyd1SbVl6KdJjEGqYZXWUewCcRoTx6Vd1AeUd88
GaLnfGurXZxs9ydfTR58Kkz3tLmbnagUdqcraZ5W/xxHqDm8PUCVtzM0Qk2x
C5X5PQqOAJOoIXAwrdl4bdArDZgui3l9OzA7aukuEKKrx7ic90ObaA4T0b8O
PinQTi2On6Vhv8auLrhPxhKsgl5bJ4hxdFolrDbai12tSY+QnKC1pCOIR8TD
LqkLgc5moxp4C5ivtIw8b10nhc3diaFslYFMNrWHiNvzfYoUkqABGB3Inz/Z
aXeJwOhCMjdNFnl6Ya8XAUM01ACUQOkQeOdy5d2ktjmq3cSSqTZ3cvmKF3ym
6TK8UyiOKA9U+AfjY8Q+c57Ed6r6gy9TTBxBhpyRP/5TIcmzz4YPyYAL7P/B
Ken7Cm86JmGPT3dievmM0TPTT2v8Jx+argU9TBTc6PswFw3poNY6KCdxvF6j
q+yDOj7gjCMXmDzJM4D9uWSa4yk6BzmiK/rFeQZR1NgpwjFYpzapm/aMfVr0
OFfBjhGoES7WZuOtLW0GGmxtVVi+wkwabKKiOmwnEBYqqW8NkRjVjBzcpVz3
ItWRsPy9B+f3kt/q0LxtH5kYU9k/VkEm6ne8CpuQ6m5x4+Y2CtgvYqrwz050
UdZXjhe3Es8bOfdaukE4Lw4mQKaJU4GKXIz1ag3MKp6ka09XFztiAc5oXT38
+ETYW74hkZ5HKH6EXI7lhWT7/lRDvDcvh0ycAwoTS6ucL+ujr0YtsFYTu2dM
SCql+5OA0NUar/LS/RMkVRFPNqcVcW10ttDxP2yfffwohaOAiGhquXhJfHBC
1aPoZ4ddudE+1d6h4mixQxv1AebwwmLQBT7VHYe56WbIVYfwnYalZJgwsHwB
XdIFKl60aP1zWRjx9a8oiLTSK6yOYrw3DrDaF1DktcMNOY+GeoXOKawc31br
y4sEwgL/n4tMDvr9PefitkiSl20YXiv6+sZmrPBva9fuNly743Cnz98NfO7e
MvK8oB4ednWCdlHBu0FhcOPYcTfeO8aZPUVDBmN/Dl74jpNw41vN0u64ErHT
fsI62l3XYab4CauAzd86NHzfdbwutWwdN7AMHG+MjT50Fv2jGz2LYcC269k3
30wEzE92to0jt+BstGFLhzbSoRNkNh34ZtzX25pEr8jd2KN3DS6Wne2CZjtF
6aLNt0bnHC/hdW5tIy2uIxu8K5Pp7i5pDlgioJR6NIYiuCgON6aYSm2pEX3e
lqojFGBcN10eJZ99tzv7GkUlGuJpoFXxDf4t241+SE0GLp8U9nyb+hHG53Zl
y25R5TNsXDS5d5/G2Alcx4cKJUghwb3DPbXO05lTkxGzYxpnmjUjVjUY1Ck6
lupltuB7ehVgsVH7lP91d4+/ylDmFgb342XTd6qP6GC0gHFxtA1ibRxCXR9I
RiV7WF30BdSUNRZQkqpeMMhSf4BfL3Ce/T99e3f8OB0vjsfffAcjnHsaeSc1
8bCz521sz0NuPrjjEsGI8/7IfveO38+7/Q/bbebAtMFVWtSrrCYFmvJseXYb
BMtxM51IdJjGFnTKMflXuMpIURk2LhHEA/n5kDgeDrUsc668UglCgkEoaQ82
D51aW9Zzf/IAE2tv49qNshnEwjNT4KvLr7qu/XKB0V0wOeS7uTDp4SRcDPn0
BrigeAfx7JgKY4RAKs1S15LN7TqbwyS3wmy6pvidjB/g5bsXL3bCy9fGEeJF
E7E6FvTFdEq1f/eAr8IZkxxHNl4HunjYGbAe9WPv6D1B534KBLvggoD8mUxj
ry4oRiJNi4w9L+ZwWWjwUPHyki2MJNjRkB/195N200RndtzPOI+TvSR3yOBu
mq7b9tLsJIz077SX0X3cMc4W7IgNa4lPdsvmuYTmqaakCeg2Mlzt3/FAxbTc
XeJ2u27A3yNCV1np9QYO6rqxosuVcuhLlUC2Er9sa87RmOvKP+w6VHSwel42
W7pas6sp5RmRtlBK/gfif6RMkV8va36VZuQqc7k6rvgle6h5Mbjwmitbka/N
ykJAscbSdyA2b5CF92+HRKsAGJjwB8qk4mQKHyH20oa3HFtkUwBtyGnJfmK3
/kvYHmlKgtNvrNJp2XJSQmX3EVgkk9DIXly2hVRCwCyT9uz1XVEwZF/b9Ptb
GNd+OZOtFmqk7kns1nGnfeemcZhj22lr8LsDGJ3aKDv06NVJ2aGPb7Zvw56p
nxK7td1pamqp7NDU1FVxPjy7v7va1v6e4Wl5TX+pfWdbZH7NPvFRHxD7Yb4h
yhlfpkOytPVtJ7FJhDAoQkR/uQQwmjkceIdht1xQlJGluC5JDu9inxu/M6Kh
sl46p4vJWPczRUo3wo0dtyCphoLKFfsdnK5DqdYTwZlfxIZ7CLlKfYzAbMJ8
b2Gn2IES5ZuZ9MKCRDSwOqNercsqrTL42BYVsmpibRQGO7fc+cvJlxwZ8bi3
sfbsQii2JDqfUSTccji5z9dLUx+dU+Ck2OxCF1KtuVlWWKFayiNSVdKJOvbj
aWTMbD3iEl7dsh1WScLgmVGUnqfvUZmiYpXep6CUMj8yweszheT9eFGivDoU
gF2fwP89VLGBPREfs1N1ZCOsxsOHSD0vr0TsSgPMOHC9enfvxya9eaLO/JOR
+Al9IU3e+lyYQH9wMnrnAj0/IZ1up1Ihl5+p9J9HpYG91rXTduHRt7QAAq3B
FpmQf1tpbIpMyImg8U0MnwL9SNt+G3NftDtSZ2KjgxztlCIWCmrTFzfKu7YA
aoR/KA77hyKJqTY/BQKv3Jwkopt2XOZazLx8IzaxLcwE/7vCd6E4i5ydrNzE
7eO2G2Sdm6dRHTt2bya4RhSkPQV1VszwnXInJiWye6ulA82uGmEPhltsga1Y
bnPAkAhgkIwzB1LKIuhdQXNJYCNUZGR2ykNYmOxAE0N02WVuXLK8eqP6Ncrl
YQYqhg1/bNhAN+lpU/McBzufM/vCQvRemE00Q+Ao/yQGHb2H4lYegy8Jst+W
VNgqBO1T5oBSxbHh29Nh7sQNBD9E7P4Fs15tH7zlEzFyeu1MkcZd28o9vL7l
GS/aGKky1Ru2e7WyU5opbIxFHL2Ip4ejG49gH0G8Q22RgcThe1FWDTIl2mIX
ykylFRGW2MyWNAvP6EjVGZk30sz4j8TT69Xml8KJgZ/JvM1hBQ7JTwSGyI5y
gelS+dwQeOaTvZck6t8Z4tMT6B14iQsVrIPO7RY4CpgZ2Dbl2FkGIPIk5kCv
vcg7KHQUzTGLgdArMGAobyjbM6tDlNlHs9iPA3Ie9khMDFMOhHYLt05YDGk9
lDmRmDQuvHKCLbq1AvkpKnERmZL+AsNgxqdc3HNAhiyL+jK+BXrnh2L45cEd
Ah5r51l4fZ/UJ2RS3pm+7T7Ysq3x5HWhZEHBcCeL/i4mIxgW3Bscg6pFe913
OsrEnL5Hr68S/5HnwbQhkbTowvGp0U3LMBqnu/kkIEGLaP0BwweIX5j4gpu4
xz6EX83R/AHxKy8vMbNgKQwNmKMIZ7YFKsm3YYx/YMQS3K1H7o0HdgYYjTu8
CLcrQxr5BSqjvKgzQVbziwrs4IIu3Mr6htK6LmdZyorpgHwRtYKa22t+qIW6
d8m0es6FiAp+vwDRL+8M3X1wfW3sI4HCrNrYOXf5UkahgCECoihr0xp+JhlZ
hqizH+3eS10ZGXWf0xSC0kZhEz4H9+9JpS62BLwHkghifHWW/EQvygJfgeCu
tXB1Mj1Nmiu6f0wkq9AYb0SxLifSvU5oHulAM4d9A+k0y/F6BlCgERB4D5k3
Bwx7QEdpXGRyjXpqfqZqytKL39SQ81BhG/MMHB5jCrFIXR9805bEtXGtlasV
3/oNyzehPcRXR07kfUFOtj0wHCVRIREEpaNGN+/y/XvkGGxMZaeaqq7aV+A4
ZMPXxR8+vt8phhXWrPaKHHrMoHMT1T1tiFwiid1CJbKiUom1u5GKl63blVl+
Ek/tDwt0ffrrp742F6/dJK99epyRsB4ihuQpLlzXjbnrr4VuN8iL5i2l6juP
DBwjoBiw5k+xphODz4qbnR4PQtp5aIif0/L8X6x67IMgKg0mJcGcuFTQ+8Ay
qeBns4e9J5u8FADvkVBWF+iZuN5Q7gmiHvNjCjHBsCHGiICgi5mZjHF8OJyQ
W8UYqd4zWVKdmK7WB8gBrtFQ2WjWBnFU/NVeMhAmSPff5tmcOA91cfe3Bu2i
XimmnV0B3fobw94AN8dQ+dOeR6AH1q4+gT4oPzsF7PV0737Ov75nwC1ma4Wx
oLoYK3Tmygy5m/0S7omXAteBF68YieOXHNHufWT4KgHyksqRrZETkupMGh6W
jfOrxJPo2eGCE6idzI/ds7G2gGkIWh+enc77rTwh9vGFbT4I9wjDja3Q373N
79FFR4wz7O6msNBv8VEEV/5u9lP4zXfwV1i9uylLlZd0Tu0LpubRXJnCbOJO
3gsUNIP+i528F924ifNf7Oi9YBH70/wXjmRsZlOI2NfPzowywPrfA67Q+ckN
pqRDrUcRzbJ7TdQJe6IEb/LJ31XDvPnyKM/0U7xbt8WNd0ijprj3DoO7VE/D
CwO0SbM+Nv3DF2d7fIBkVahPer3nLfEduvW+hOXUy/RSlMR/SYfAJ9vH5DP1
DO9szs2jm5E3I7oXLJEV0EXPueEx3VfDXT6eX/kI9FQrh/HJVv0hxZFHkZdW
nXLgqQbsEKPQWbLIchgTga7aHA4AbsN8Lu9YUnDNtRCuzFcKvFdG1viWb4Ve
DnzEdVle9XpmNW9yJrp595n5t5wLNMtqzduWGGFh8RN5ilhdmcsEw0XMkqZv
y9BjyR1NyRucd3PAUO8+vMyhTrRDbG203tPvpkaa/9I73w1PJAGTITEe9/cZ
V2h2qo95w5tJkR8IXQQ5nImrITYR2HEPbVFX7KeLuq0MfVL0mRZoWC0iLcn4
sZRZyTzYWGigOa0RD+JYoS8bPx7fyTfN8O3m3svR57JNmKE6ohG61ev8Ib2U
hcS9Wm1rbxDO8KnX0rhiq6xsPX5Tm/emXTE8nzBsATwc0KWyutrkNoxt7GTP
5WTrohkHeoNXTujud4bFlM+yOnwgfd+YR6AyYUE4KYdGGVso8AHyA+JOcAze
4wySXkL4xtecZymmO6xLvJfEb8Aj2yMUI7vapyrV5DFEa7eYAYJ/wBp41Ujp
ZjYBbb8HExZqMNiEzqQzgQFDYPB0+OpWkSGcCyqUgI/RYm4zqcKJwYvjJ+Sx
tg9cvO0cWqPdCcUAOPheeG3X05TrMi8vbHay/1IvFpOlG6jeOz5p06SzS67f
VaULOv9VSo9xCJHLyBM5tf2zaY6vOaNWXyURFmBl3yi4CR/GEdNF1ZJWERxQ
/4MvTdG2QNdGpmtMgUlQD5zPJcHIPJmtuO46PbekuvyBBV7i0Gjy7Wg1UjVH
luG/22S8VAn9o9Dor3Hjdgwroyt4FS+SrCO7kDoi5fOo6K9U8IPfaSUJfMY7
Xday9r4hcAeWy/gaDpwheVqMXV9BTDKlCpMVVZDGLB5JMLVPNSSeLYBeOFRZ
1EshM/YflfI+1ptnJ6/Ozp69fPrsKQ7O72gl5lbAVNNT9fh+9Eyyk9CkFBcs
wm1cxXSeGL2ReuHOOegiAi7uQ+s9pwXRfTxvSQcOBcvsYklmQU155SghEBsV
idqyQpciH4hE8FnpBdZ2lAoSYvNwfTpMuseZB6SczcEPX1qgE4/qgXCvWdjJ
W7fZO2YCi2whKsNFla6X3fcbhkTtKr3Ecnso7ayAdzE/62SX2Ynm3f1Cehp+
kpzCb6hUstqxMMaajSaQYEHRxXiWHNTwGW0g4LpeLyvgriO1R+ojKRki8qij
mxihoosjHglwNnK9RzuzR7EVzknGuKQZW15I8YaiiwYSAFrihQojbYTz2wC+
I8I9lDTIPK1uFA+WyPWFGc5LvmF5QT0i4zA2gZ7vunQ4F4TS0vcY4ETqdOU2
w9tFgvbJQYTU40WP6PhIeOOAGSfqMVjqp7DBmL1h3k1q3KU8y8hWvOVi2Ip+
dpZNkrJqiZBR6XLkRJY3+s4rw1OJ/IBgQKwSocCEiZ9viBrfWleuyMHIWaL4
DddL5igIeS6yanx9I4Ms8XBS8wylLglddA96PlHjfWiYbbCHLEE15ULHV8Dv
VIDsmrMye3r88vgGRVaSBKllyu/jcd/jGT7MkOv5hZRu//hZ96frJPlNm2dt
/aM6AQk1LWc/6suRelteavX8b3/NcoBv/Ju//bUCOq2xKu/TFHZEnc+WcAR+
zEbJcdGUoBepp3/731m2KuGHGTCoF1kx1yumjJO0wrry6gkpPAUXhZti3AtE
2UYtdb5Ghp8VSUW+OpMn0ddC+b1EAOmixTo24g54WTaGapjzYSYnXnXGww6E
UDBrYLZ1yJGz/wOPFC2OCpYAAA==
</rfc> </rfc>
 End of changes. 148 change blocks. 
775 lines changed or deleted 270 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/