Diameter Support for the EAP Re-authentication Protocol (ERP)
draft-ietf-dime-erp-04.txt

Abstract

The EAP Re-authentication Protocol (ERP) defines extensions to the Extensible Authentication Protocol (EAP) to support efficient re-authentication between the peer and an EAP Re-authentication (ER) server through a compatible authenticator. This document specifies Diameter support for ERP. It defines a new Diameter ERP application to transport ERP messages between an ER authenticator and the ER server, and a set of new AVPs that can be used to transport the cryptographic material needed by the re-authentication server.

Status of This Memo

This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.

Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at http://datatracker.ietf.org/drafts/current/.

Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as “work in progress.”

This Internet-Draft will expire on March 10, 2011.

Copyright Notice

Copyright (c) 2010 IETF Trust and the persons identified as the document authors. All rights reserved.

This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (http://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.

Table of Contents

1.  Introduction
2.  Terminology
    2.1.  Requirements Language
3.  Assumptions
4.  Protocol Overview
5.  Bootstrapping the ER Server
    5.1.  Bootstrapping During the Initial EAP authentication
    5.2.  Bootstrapping During the First Re-authentication
6.  Re-Authentication
7.  Application Id
8.  AVPs
    8.1.  ERP-RK-Request AVP
    8.2.  ERP-Realm AVP
    8.3.  Key AVP
        8.3.1.  Key-Type AVP
        8.3.2.  Keying-Material AVP
        8.3.3.  Key-Name AVP
        8.3.4.  Key-Lifetime AVP
9.  Open issues
10.  Acknowledgements
11.  IANA Considerations
    11.1.  Diameter Application Identifier
    11.2.  New AVPs
12.  Security Considerations
13.  References
    13.1.  Normative References
    13.2.  Informative References

1.  Introduction

RFC 5296 (Narayanan, V. and L. Dondeti, “EAP Extensions for EAP Re-authentication Protocol (ERP),” August 2008.) [RFC5296] defines the EAP Re-authentication Protocol (ERP). It consists of the following steps:

Bootstrapping

A root key for re-authentication is derived from the Extended Master Session Key (EMSK) created during EAP authentication [RFC5295] (Salowey, J., Dondeti, L., Narayanan, V., and M. Nakhjiri, “Specification for the Derivation of Root Keys from an Extended Master Session Key (EMSK),” August 2008.). This root key is transported from the EAP server to the ER server.

Re-authentication

A one-round-trip exchange between the peer and the ER server, resulting in mutual authentication. To support the EAP reauthentication functionality, ERP defines two new EAP codes - EAP-Initiate and EAP-Finish.

This document defines how Diameter transports the ERP messages during the re-authentication process. For this purpose, we define a new Application Identifier for ERP, and re-use the Diameter EAP commands (DER/DEA).

This document also discusses the distribution of the root key during bootstrapping, in conjunction with either the initial EAP authentication (implicit bootstrapping) or the first ERP exchange (explicit bootstrapping). Security considerations for this key distribution are detailed in RFC 5295 (Salowey, J., Dondeti, L., Narayanan, V., and M. Nakhjiri, “Specification for the Derivation of Root Keys from an Extended Master Session Key (EMSK),” August 2008.) [RFC5295].

2.  Terminology

This document uses terminology defined in RFC 3748 (Aboba, B., Blunk, L., Vollbrecht, J., Carlson, J., and H. Levkowetz, “Extensible Authentication Protocol (EAP),” June 2004.) [RFC3748], RFC 5295 (Salowey, J., Dondeti, L., Narayanan, V., and M. Nakhjiri, “Specification for the Derivation of Root Keys from an Extended Master Session Key (EMSK),” August 2008.) [RFC5295], RFC 5296 (Narayanan, V. and L. Dondeti, “EAP Extensions for EAP Re-authentication Protocol (ERP),” August 2008.) [RFC5296], and RFC 4072 (Eronen, P., Hiller, T., and G. Zorn, “Diameter Extensible Authentication Protocol (EAP) Application,” August 2005.) [RFC4072].

"Root key" (RK) or "bootstrapping material" refer to the rRK or rDSRK derived from an EMSK, depending on the location of the ER server in home or foreign domain.

We use the notation "ERP/DER" and "ERP/DEA" in this document to refer to Diameter-EAP-Request and Diameter-EAP-Answer commands with the Application Id set to "Diameter ERP Application" Section 11.1 (Diameter Application Identifier); the same commands are denoted "EAP/DER" and "EAP/DEA" when the Application Id in the message is set to "Diameter EAP Application" [RFC4072] (Eronen, P., Hiller, T., and G. Zorn, “Diameter Extensible Authentication Protocol (EAP) Application,” August 2005.).

2.1.  Requirements Language

The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119] (Bradner, S., “Key words for use in RFCs to Indicate Requirement Levels,” March 1997.).

3.  Assumptions

This document assumes the existence of at most one logical ER server entity in a domain. If several physical servers are deployed for robustness, a replication mechanism must be deployed to synchronize the ERP states (root keys) between these servers. This replication mechanism is out of the scope of this document. If multiple ER servers are deployed in the domain, we assume that they can be used interchangeably.

4.  Protocol Overview

The following figure shows the components involved in ERP, and their interactions.

                        Diameter                    +--------+
        +-------------+   ERP   +-----------+  (*)  |  Home  |
Peer <->|Authenticator|<=======>| ER server | <---> |  EAP   |
        +-------------+         +-----------+       | server |
                                                    +--------+
(*) Diameter EAP application, explicit bootstrapping scenario only.

QUESTION:

Can the ER server be located in a third domain (ex: broker's) according to ERP mechanism?

When the peer initiates an ERP exchange, the authenticator creates a Diameter-EAP-Request message [RFC4072] (Eronen, P., Hiller, T., and G. Zorn, “Diameter Extensible Authentication Protocol (EAP) Application,” August 2005.). The Application Id of the message is set to that of the Diameter ERP application (code: TBD) in the message. The generation of the ERP/DER message is detailed in Section 6 (Re-Authentication).

If there is an ER server in the same domain as the authenticator (local domain), Diameter routing MUST

QUESTION:

Should this say "SHOULD: instead of "MUST"?

be configured so that this ERP/DER message reachs this server, even if the Destination-Realm is not the local domain.

If there is no local ER server, the message is routed according to its Destination-Realm AVP content, extracted from the realm component of the keyName-NAI attribute. As specified in RFC 5296 (Narayanan, V. and L. Dondeti, “EAP Extensions for EAP Re-authentication Protocol (ERP),” August 2008.) [RFC5296], this realm is the home domain of the peer in case of a bootstrapping exchange (the 'B' flag is set in the ERP message) or the domain of the bootstrapped ER server otherwise.

NOTE:

This actually might allow the ER server to be in a third party realm.

If no ER server is available in the home domain either, the ERP/DER message cannot be delivered, and an error DIAMETER_UNABLE_TO_DELIVER is generated [RFC3588] (Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, “Diameter Base Protocol,” September 2003.) and returned to the authenticator. The authenticator may cache this information (with limited duration) to avoid further attempts for ERP with this realm. It may also fallback to full EAP authentication to authenticate the peer.

When an ER server receives the ERP/DER message, it searches its local database for a root key

FFS:

and authorization state?

matching the keyName part of the User-Name AVP. If such key is found, the ER server processes the ERP message as described in RFC 5296 (Narayanan, V. and L. Dondeti, “EAP Extensions for EAP Re-authentication Protocol (ERP),” August 2008.) [RFC5296] then creates the ERP/DEA answer as described in Section 6 (Re-Authentication). The rMSK is included in this answer.

Finally, the authenticator extracts the rMSK from the ERP/DEA as described in RFC 5296 (Narayanan, V. and L. Dondeti, “EAP Extensions for EAP Re-authentication Protocol (ERP),” August 2008.) [RFC5296], and forwards the content of the EAP-Payload AVP, the EAP-Finish/Re-Auth message, to the peer.

If the EAP-Initiate/Re-Auth message has its 'B' flag set (Bootstrapping exchange), the ER server should not possess the root key in its local database

COMMENT:

This may not be true in future RFC5296bis?

In this case, the ER server acts as a proxy, and forwards the message to the home EAP server after changing its Application Id to Diameter EAP and adding an AVP to request the root key. See Section 5 (Bootstrapping the ER Server) for more detail on this process.

5.  Bootstrapping the ER Server

The bootstrapping process involves the home EAP server and the ER server, but also impacts the peer and the authenticator. In ERP, the peer must derive the same keying material as the ER server. To achieve this, it must learn the domain name of the ER server. How this information is acquired is outside the scope of this specification, but it may involves that the authenticator is configured to advertize this domain name, especially in the case of re-authentication after a handover.

The bootstrapping of an ER server with a given root key happens either during the initial EAP authentication of the peer when the EMSK -- from which the root key is derived -- is created, during the first re-authentication, or sometime between those events. We only consider the first two possibilities in this specification, in the following sub-sections.

5.1.  Bootstrapping During the Initial EAP authentication

Bootstrapping the ER server during the initial EAP authentication (also known as implicit bootstrapping) offers the advantage that the server is immediatly available for re-authentication of the peer, thus minimizing re-authentication delay. On the other hand, it is possible that only a small number of peers will use re-authentication in the visited domain. Deriving and caching key material for all the peers (for example, for the peers that do not support ERP) is a waste of resources and SHOULD be avoided.

To achieve implicit bootstrapping, the ER server must act as a Diameter EAP Proxy as defined in the Diameter Base Protocol [RFC3588] (Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, “Diameter Base Protocol,” September 2003.), and routing must be configured so that Diameter messages of a full EAP authentication are routed through this proxy. The figure bellow illustrates this mechanism.

                         ER server &
Authenticator             EAP Proxy               Home EAP server
=============            ===========              ===============
     ------------------------->
         Diameter EAP/DER
          (EAP-Response)
                               ------------------------->
                                  Diameter EAP/DER
                                   (EAP-Response)
                                  (ERP-RK-Request)

     <==================================================>
        Multi-round Diameter EAP exchanges, unmodified

                               <-------------------------
                                   Diameter EAP/DEA
                                    (EAP-Success)
                                        (MSK)
                                   (Key AVP (rRK))
     <-------------------------
         Diameter EAP/DEA
           (EAP-Success)
               (MSK)
            [ERP-Realm]

QUESTION:

How does the ER server knows the EMSK lifetime, if there is no ERP-RK-Answer? What is the lifetime of the MSK for example?

If the ER server is successfully bootstrapped, it MAY also add the ERP-Realm AVP after removing the ERP-RK-Answer AVP in the EAP/DEA message. This could be used by the authenticator to notify the peer that ERP is bootstrapped, with the ER domain information. How this information can be transmitted to the peer is outside the scope of this document.

QUESTION:

Is this possible? It might be useful...

5.2.  Bootstrapping During the First Re-authentication

Bootstrapping the ER server during the first re-authentication (also known as explicit bootstrapping) offers several advantages: it saves resources, since we generate and cache only root keys that we actually need, and it can accomodate inter-domain handovers or ER servers that lose their state (for example after reboot).

COMMENT:

This last point might not be true currently, since the peer would not issue a bootstrapping exchange... But this might change also with RFC5296bis AFAIU

On the other hand, the first re-authentication with the ER server requires a one-round-trip exchange with the home EAP server, which adds some delay to the process (but it is more efficient than a full EAP authentication in any case). It also requires some synchronization between the peer and the visited domain: since the ERP message used is different

QUESTION:

and the root key used also?

for the explicit bootstrapping exchange than for normal re-authentication; explicit bootstrapping should not be used if implicit bootstrapping was already performed.

QUESTION:

What should we do if the ER server receives an explicit bootstrapping request but already possess the rDSRK? Can it answer without going to the home server? That would be simpler -- planned in rfc5296bis ?

The ER server receives the ERP/DER message containing the EAP-Initiate/Re-Auth message with the 'B' flag set. It proxies this message, and performs the following processing in addition to standard proxy operations:

Changes the Application Id in the header of the message to Diameter EAP Application (code 5).

Change the content of Application-Auth-Id accordingly.

QUESTION:

Is t better to leave it unmodified?

Add the ERP-RK-Request AVP, which contains the name of the domain where the ER server is located.

QUESTION:

Add the Destination-Host to reach the appropriate EAP server, the one with the EMSK. How does the ER server know this information?

Then the server forwards the EAP/DER request, which is routed to the home EAP server.

If the home EAP server does not support the ERP extensions, it replies with an error since the encapsulated EAP-Initiate/Re-auth command is not understood. Otherwise, it processes the ERP request as described in [RFC5296] (Narayanan, V. and L. Dondeti, “EAP Extensions for EAP Re-authentication Protocol (ERP),” August 2008.). In particular, it includes the Domain-Name TLV attribute with the content from the ERP-Realm AVP. It creates the EAP/DEA reply message [RFC4072] (Eronen, P., Hiller, T., and G. Zorn, “Diameter Extensible Authentication Protocol (EAP) Application,” August 2005.). including an instance of the Key AVP Section 8.3 (Key AVP).

QUESTION:

What about authorization AVPs?

The ER server receives this EAP/DEA and proxies it as follows, in addition to standard proxy operations:

Set the Application Id back to Diameter ERP (code TBD)

Extract and cache the content of the Key AVP.

QUESTION:

And authorization AVPs ?

The DEA is then forwarded to the authenticator, that can use the rMSK as described in RFC 5296 (Narayanan, V. and L. Dondeti, “EAP Extensions for EAP Re-authentication Protocol (ERP),” August 2008.) [RFC5296].

The figure below captures this proxy behavior:

Authenticator            ER server             Home EAP server
=============            =========             ===============
      ----------------------->
          Diameter ERP/DER
           (EAP-Initiate)
                              ------------------------>
                                    Diameter EAP/DER
                                     (EAP-Initiate)
                                    (ERP-RK-Request)

                              <------------------------
                                    Diameter EAP/DEA
                                      (EAP-Finish)
                                       (Key AVP)
      <----------------------
          Diameter ERP/DEA
            (EAP-Finish)
             (Key AVP)

6.  Re-Authentication

This section describes in detail a re-authentication exchange with a (bootstrapped) ER server. The following figure summarizes the re-authentication exchange.

                                                     ER server
                                                   (bootstrapped)
 Peer                 Authenticator            (local or home domain)
 ====                 =============            ======================
 [ <------------------------         ]
 [optional EAP-Initiate/Re-auth-start]

   ----------------------->
     EAP-Initiate/Re-auth
                           ===============================>
                              Diameter ERP, cmd code DER
                                User-Name: Keyname-NAI
                           EAP-Payload: EAP-Initiate/Re-auth

                           <===============================
                              Diameter ERP, cmd code DEA
                            EAP-Payload: EAP-Finish/Re-auth
                                     Key AVP: rMSK
    <----------------------
      EAP-Finish/Re-auth

The Application Id in the header is set to Diameter ERP (code TBD).

The value in Auth-Application-Id AVP is also set to Diameter ERP Application.

The keyName-NAI attribute from ERP message is used to create the content of User-Name AVP and Destination-Realm AVP.

FFS:

What about Session-ID AVP -- in case of re-auth at the same place, and in case of handover?

The Auth-Request-Type AVP content is set to [Editor's note: FFS].

QUESTION:

Do we really do authorization with Diameter ERP ? -- need to pass the authorization attrs to the ER server in that case. Idea FFS: we do authorization only for explicit bootstrapping exchanges...

The EAP-Payload AVP contains the ERP message, EAP-Initiate/Re-Auth.

Then this ERP/DER message is sent as described in Section 4 (Protocol Overview).

The ER server receives and processes this request as described in Section 4 (Protocol Overview). It then creates an ERP/DEA message following the general processing described in RFC 4072 (Eronen, P., Hiller, T., and G. Zorn, “Diameter Extensible Authentication Protocol (EAP) Application,” August 2005.) [RFC4072], with the following differences:

The Application Id in the header is set to Diameter ERP (code TBD).

The value of the Auth-Application-Id AVP is also set to Diameter ERP Application.

The EAP-Payload AVP contains the ERP message, EAP-Finish/Re-auth.

In case of successful authentication, an instance of the Key AVP containing the Re-authentication Master Session Key (rMSK) derived by ERP is included.

QUESTION:

What about all the authorization attributes? If we want to include them, they have to be present on the ER server...

When the authenticator receives this ERP/DEA answer, it processes it as described in Diameter EAP (Eronen, P., Hiller, T., and G. Zorn, “Diameter Extensible Authentication Protocol (EAP) Application,” August 2005.) [RFC4072] and RFC 5296 (Narayanan, V. and L. Dondeti, “EAP Extensions for EAP Re-authentication Protocol (ERP),” August 2008.) [RFC5296]: the content of EAP-Payload AVP content is forwarded to the peer, and the contents of the Keying-Material AVP [I‑D.ietf‑dime‑local‑keytran] (Zorn, G., Wu, W., and V. Cakulev, “Diameter Attribute-Value Pairs for Cryptographic Key Transport,” June 2010.) is used as a shared secret for Secure Association Protocol.

7.  Application Id

We define a new Diameter application in this document, Diameter ERP Application, with an Application Id value of TBD. Diameter nodes conforming to this specification in the role of ER server MUST advertise support by including an Auth-Application-Id AVP with a value of Diameter ERP Application in the of the Capabilities-Exchange-Request and Capabilities-Exchange-Answer commands [RFC3588] (Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, “Diameter Base Protocol,” September 2003.).

The primary use of the Diameter ERP Application Id is to ensure proper routing of the messages, and that the nodes that advertise the support for this application do understand the new AVPs defined in Section 8 (AVPs), although these AVP have the 'M' flag cleared.

8.  AVPs

This section discusses the AVPs used by the Diameter ERP application.

8.1.  ERP-RK-Request AVP

The ERP-RK-Request AVP (AVP Code TBD) is of type grouped AVP. This AVP is used by the ER server to indicate its willingness to act as ER server for a particular session.

This AVP has the M and V bits cleared.

      ERP-RK-Request ::= < AVP Header: TBD >
                         { ERP-Realm }
                       * [ AVP ]

8.2.  ERP-Realm AVP

The ERP-Realm AVP (AVP Code TBD) is of type DiameterIdentity. It contains the name of the realm in which the ER server is located.

FFS:

We may re-use Origin-Realm here instead? On the other hand, ERP-Realm may be useful if the ER server is in a third-party realm, if this is possible.

This AVP has the M and V bits cleared.

8.3.  Key AVP

The Key AVP [I‑D.ietf‑dime‑local‑keytran] (Zorn, G., Wu, W., and V. Cakulev, “Diameter Attribute-Value Pairs for Cryptographic Key Transport,” June 2010.) is of type "Grouped" and is used to carry the rMSK and associated attributes. The usage of the Key AVP and its constituent AVPs in this application is specified in the following sub-sections.

8.3.1.  Key-Type AVP

The value of the Key-Type AVP MUST be set to 3 for rRK.

8.3.2.  Keying-Material AVP

The Keying-Material AVP contains rRK sent by the home EAP server to the ER server, in answer to a request containing an ERP-RK-Request AVP. How this material is derived and used is specified in RFC 5296 (Narayanan, V. and L. Dondeti, “EAP Extensions for EAP Re-authentication Protocol (ERP),” August 2008.) [RFC5296].

8.3.3.  Key-Name AVP

This AVP contains the EMSKname which identifies the keying material. The derivation of this name is specified in RGC 5296 (Narayanan, V. and L. Dondeti, “EAP Extensions for EAP Re-authentication Protocol (ERP),” August 2008.) [RFC5296].

8.3.4.  Key-Lifetime AVP

The Key-Lifetime AVP contains the lifetime of the keying material in seconds. It MUST NOT be greater than the remaining lifetime of the EMSK from which the material was derived.

9.  Open issues

This document does not address some known issues in Diameter ERP mechanism. The authors would like to hear ideas about how to address them.

The main issue is the use of ERP for authentication after a handover of the peer to a new authenticator (or different authenticator port). Diameter ERP is not meant to be a mobility protocol. A number of issues appear when we try to do handover in Diameter ERP (alone): how to manage the Session-Id AVP; how does the ER server provide the Authorization AVPs; how does the peer learn the ERP domain of the new authenticator; how does the home server reachs the peer to for example terminate the session; and so on... Therefore, the management of the session for a mobile peer is not (yet) addressed in this document. It must be studied how Diameter ERP can be for example used in conjunction with a mobility application (Diameter MIP4, Diameter MIP6) to support the optimized re-authentication in such situation.

Another issue concerns the case where the home realm contains several EAP servers. In multi rounds full EAP authentication, the Destination-Host AVP provides the solution to reach the same server across the exchanges. Only this server possess the EMSK for the session. In case of explicit bootstrapping, the ER server must therefore be able to reach the correct server to request the DSRK. A solution might consist in saving the Origin-Host AVP of all successful EAP/DEA in the ER server, which is a bit similar to the implicit bootstrapping scenario described here -- only we save the server name instead of the root key, and we must then be able to match the DSRK with the user name.

Finally, this document currently lacks a description of what happens when a Re-Auth-Request is received for a peer on the authenticator.

10.  Acknowledgements

Hannes Tschofenig wrote the initial draft for this document and provided useful reviews.

Vidya Narayanan reviewed a rough draft version of the document and found some errors.

Lakshminath Dondeti contributed to the early versions of the document.

Many thanks to these people!

11.  IANA Considerations

This document requires IANA registration of the following new elements in the Authentication, Authorization, and Accounting (AAA) Parameters registries.

11.1.  Diameter Application Identifier

This specification requires IANA to allocate a new value "Diameter ERP" in the "Application IDs" registry using the policy specified in Section 11.3 of RFC 3588 (Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, “Diameter Base Protocol,” September 2003.) [RFC3588].

11.2.  New AVPs

This specification requires IANA to allocate new values from the "AVP Codes" registry according to the policy specified in Section 11.1 of RFC 3588 (Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, “Diameter Base Protocol,” September 2003.) [RFC3588] for the following AVPs:

ERP-RK-Request

ERP-Realm

These AVPs are defined in Section 8 (AVPs).

12.  Security Considerations

The security considerations from the following documents also apply here:

• RFC 3588 (Calhoun, P., Loughney, J., Guttman, E., Zorn, G., and J. Arkko, “Diameter Base Protocol,” September 2003.) [RFC3588]
• RFC 4072 (Eronen, P., Hiller, T., and G. Zorn, “Diameter Extensible Authentication Protocol (EAP) Application,” August 2005.) [RFC4072]
• RFC 5247 (Aboba, B., Simon, D., and P. Eronen, “Extensible Authentication Protocol (EAP) Key Management Framework,” August 2008.) [RFC5247]
• RFC 5295 (Salowey, J., Dondeti, L., Narayanan, V., and M. Nakhjiri, “Specification for the Derivation of Root Keys from an Extended Master Session Key (EMSK),” August 2008.) [RFC5295]
• [RFC5296] (Narayanan, V. and L. Dondeti, “EAP Extensions for EAP Re-authentication Protocol (ERP),” August 2008.)

FFS:

Do we really respect these security considerations with the mechanism we describe here? Is it safe to use ERP-RK-Request / Answer AVPs? What is the worst case?

EAP channel bindings may be necessary to ensure that the Diameter client and the server are in sync regarding the key Requesting Entity's Identity. Specifically, the Requesting Entity advertises its identity through the EAP lower layer, and the user or the EAP peer communicates that identity to the EAP server (and the EAP server communicates that identity to the Diameter server) via the EAP method for user/peer to server verification of the Requesting Entity's Identity.

QUESTION:

What does this paragraph actually mean?

13.  References

13.1. Normative References

13.2. Informative References

Authors' Addresses