rfc2626.txt

来自「中、英文RFC文档大全打包下载完全版 .」· 文本 代码 · 共 1,531 行 · 第 1/5 页

   three required and one optional timers in section 6.  The Database
   Timer (6.1), the Hold down Timer (6.2), the Retransmission Time (6.3)



Nesser                       Informational                     [Page 22]

RFC 2626  The Internet and the Millennium Problem (Year 2000)  June 1999


   and the Over-Subscription Timer (6.4) are all counters, which have no
   millennium, issues.  RFC 2081 on the applicability of RIPng discusses
   deletion of routes for a variety of issues, one of which is the
   garbage- collection timer exceeds 120 seconds.  There are no Year
   2000 issues.  RFC 2080 on RIPng for IPv6, discusses various times in
   section 2.6, none of which have any millennium problems.

   RFC 1987 on Ipsilon's General Switch Management protocol there is a
   Duration field defined in section 4, which has no relevant problems.
   Section 8.2 defines the procedure for dealing with timers.  RFC 1953
   on Ipsilon's Flow Management Specification for IPv4 defines the same
   procedure in section 3.2, as well as a lifetime field in the Redirect
   Message (Section 4.1).  There are no millennium issues in either
   case.

   There is a small Year 2000 issue in RFC 1786 on the Representation of
   IP Routing Policies in the ripe-81++ Routing Registry.  In Appendices
   C the "changed" object parameter defines a format of <email-address>
   YYMMDD, and similarly in Appendix D "withdrawn" object identifier has
   he format of YYMMDD.  Since these are only identifiers there should
   be little operational impact.  Some application software may need to
   be modified.

   RFC 1771 defines the Border Gateway Protocol (BGP).  BGP does not
   have knowledge of absolute time, only relative time.  There are five
   timers defined: Hold Timer, ConnectRetry Timer, KeepAlive Timer,
   MinRoueAdvertisementInterval and MinASOriginationInterval.  There are
   no known issues regarding BGP and the millennium.

   In RFC 1584, which defines Multicast Extensions to OSPF, three timers
   are defined in section 8.2: IGMPPollingInterval, IGMPTimeout, and
   IGMP polling timer.  Section 8.4 defines an age parameter for the
   local groups database and section 9.3 outlines how to implement that
   age parameter.  It is not expected that any connections lifetime will
   be long enough to cause any issues with these timers.

   RFC 1583, OSPF, there are two types of timers defined in section 4.4,
   single-shot timers and interval timers.  There are a number of timers
   defined in Section 9 including: HelloInterval, RouterDeadInterval,
   InfTransDelay, Hello Timer, Wait Timer and RxmtInterval.  Section 10
   also defines the Inactivity Timer.  No millennium problem exists for
   any of these timers.

   RFC 1582 is an earlier version of RFC 2091.  Section 7 documents the
   same timers as noted above, with the same lack of a millennium issue.

   RFC 1504 on Appletalk Update-Based Routing Protocol defines a 10-
   second period in Section 3, and hence has no relevant issues.



Nesser                       Informational                     [Page 23]

RFC 2626  The Internet and the Millennium Problem (Year 2000)  June 1999


   RFC 1479 which specifies IDPR Version 1, defines a timestamp field in
   section 1.5.1, which is a 32 bit unsigned integer number of seconds
   since January 1, 1970.  The authors recognize the problem of
   timestamp exhaustion in 2038, but feel that the protocol will not be
   in use for that period.  Sections 1.7, 2.1, and 4.3.1 also discuss
   the timestamp field.  RFC 1478 on the IDPR Architecture, also
   discusses the same timestamp field in section 3.3.4.  RFC 1477 again
   refers to the IDPR timestamp in section 4.2.  Thus IDPR has no Year
   2000 issue, but does have a period problem in the year 2038.

   RFC 1075 on Distance Vector Multicast Routing Protocol devotes
   section 7 to time values.  None of the timers have any millennium
   issues.  RFC 1074, on the NFSNET backbone SPF IGP defines several
   hardcoded timers values in section 5.

   RFC 1058 on RIP discusses the 30-second timers in section 3.3.  There
   is no millennium issues related to RIP.

   RFC 995 on the Requirements for Internet Gateways has extensive
   discussions of timers in section 7.1 and throughout A.1 and A.2.
   None of these timers suffer from the millennium problem.

   RFC 911 on EGP on Berkeley Unix recommend timer values of 30 and 120
   seconds.

   RFC 904 which defines the Exterior Gateway Protocol (EGP).  There are
   a number of timers discussed in sections 4.1.1 and 4.1.4.  None of
   these timers suffer from any relevant problems.

   RFCs 2103, 2092, 2073, 2072, 2042, 2008, 1998, 1997, 1992, 1966, 1955,
   1940, 1930, 1925, 1923, 1863, 1817, 1812, 1793, 1787, 1774, 1773,
   1772, 1765, 1753, 1745, 1723, 1722, 1721, 1716, 1702, 1701, 1668,
   1656, 1655, 1654, 1587, 1586, 1585, 1581, 1520, 1519, 1517, 1482,
   1476, 1439, 1403, 1397, 1388, 1387, 1383, 1380, 1371, 1370, 1364,
   1338, 1322, 1268, 1267, 1266, 1265, 1264, 1254, 1246, 1245, 1222,
   1195, 1164, 1163, 1142, 1136, 1133, 1126, 1125, 1124,1104, 1102, 1092,
   1009, 985, 981, 975, 950, 898, 890, 888, 875, and 823 contain no date
   or time references.

20. Security

20.1 Summary

   The RFC's which were categorized into this group were kerberos
   authentication protocol, Remote Authentication Dial In User Service
   (RADIUS), One Time Password System (OTP), Privacy Enhanced Mail
   (PEM), security extensions to a variety of protocols including (but
   not limited to) RIPv2, HTTP, MIME, PPP, IP, Telnet and FTP.



Nesser                       Informational                     [Page 24]

RFC 2626  The Internet and the Millennium Problem (Year 2000)  June 1999


   Encryption and authentication algorithms are also examined.

   RFC 1507 on Distributed Authentication Security Services (DASS)
   discusses time and secure time in an expository manner in Sections
   1.2.2, 1.4.4 and 2.1.  Section 3.6 defines absolute time as an UTC
   time with a precision of 1 second, and Section 4.1 discusses ANS.1
   encoding of time values.  Because of the imprecision of the UTC time
   definition there could be problems with this protocol.

   RFCs 1421-1424 specifies that PEM uses UTC time formats which could
   have a Millennium issue since the year specification only provides
   the last two digits of the year.

20.2 Specifics

   RFC 2082 on RIP-2 MD5 Authentication requires storage of security
   keys for a specified lifetime in sections 4.1 and 4.2.  There are no
   millennium issues in this protocol.

   RFC 2078 on the GSSAPI Version 2 defines numerous calls that use
   timers for inputs and outputs.  Sections 2.1.1, 2.1.3, 2.1.4, 2.1.5,
   2.2.1, 2.2.2, 2.2.5 and 2.2.6 all use the lifetime_rec field, which
   is defined as an integer counter in seconds.  There should be no
   relevant problems with this protocol.

   RFC 2069 on Digest Authentication for HTTP, defines a 'date' and a
   1123 formats which is not subject to millennium issues.  Section 3.2
   discusses dates and times in the context of thwarting replay attacks,
   but have no relevant issues.

   RFC 2065 on DNS Security extensions first discusses time in section
   2.3.3.  The SIG RDATA format is defined in Section 4.1 discusses
   "time signed" field and defines it to be a 32 bit unsigned integer
   number of seconds since January 1, 1970.  There will be a period
   problem in 2038 because of rollover.  Section 4.5 on the file
   representations of SIG RRs specifies the time field is expressed as
   YYYYMMDDHHMMSS which is clearly Year 2000 compliant.

   RFC 2059 on RADIUS account formats defines a "time" attribute, which
   is optional which is a 32 bit unsigned integer number of seconds
   since January 1, 1970.  Likewise RFC 2058 on RADIUS also defines this
   optional attribute in the same way.  There will be a potential period
   problem that occurs on 2038.

   RFC 2035 on the Simple Public Key GSSAPI Mechanism talks about secure
   timestamps in the background and overview sections only in an
   expository manner.




Nesser                       Informational                     [Page 25]

RFC 2626  The Internet and the Millennium Problem (Year 2000)  June 1999


   RFC 1969 on the PPP DES Encryption Protocol uses time as an example
   in Section 4 when discussing how to encrypt the first packet of a
   stream.  It is suggested that the first 32 bits be used for the
   number of seconds since January 1, 1970.  There could thus be a
   potential operations problem in 2038.

   RFC 1898 on the CyberCash Credit Card Protocol provides an example
   message in Section 2.7 which uses a date field of the form
   YYYYMMDDHHMM that is clearly Y2K compliant.

   RFC 1510, which defines Kerberos Version 5, makes extensive use of
   times in the security model.  There are discussions in the
   Introduction, as well as Sections 1.2, and 3.1.3.  Kerberos uses
   ASN.1 definitions to abstract values, and hence defines a base
   definition for KerberosTime which is a generalized time format in
   Section 5.2.  >From the text: "Example: The only valid format for UTC
   time 6 minutes, 27 seconds after 9 p.m. on 6 November 1985 is
   19851106210627Z."  A side note is that the MIT reference
   implementation of the Kerberos, by default set the expiration of
   tickets to December 31, 1999.  This is not protocol related but could
   have some operational impacts.

   RFC 1509 on GSSAPI C-bindings makes a single reference that all
   counters are in seconds and assigned as 32 bit unsigned integers.
   Hence GSSAPI mechanisms may have problems in 2038.

   RFC 1507 on Distributed Authentication Security Services (DASS)
   discusses time and secure time in an expository manner in Sections
   1.2.2, 1.4.4 and 2.1.  Section 3.6 defines absolute time as an UTC
   time with a precision of 1 second, and Section 4.1 discusses ANS.1
   encoding of time values.  Because of the imprecision of the UTC time
   definition there could be problems with this protocol.

   RFC 1424 on PEM Part IV defines a self-signed certificate request in
   Section 3.1.  The validity period start and end times are both
   suggested to be January 1, 1970.  RFC 1422 on PEM Part II defines the
   validity period for a certificate in Section 3.3.6.  It is
   recommended that UTC Time formats are used, and notes the lack of a
   century so that comparisons between different centuries must be done
   with care.  No suggestions on how to do this are included.  Sections
   3.5.2 also discusses validity period in PEM CRLs.  RFC 1421 on PEM
   Part I discusses validity periods in an expository way.  PEM as a
   whole could have problems after December 31, 1999 based on its use of
   UTC Time.

   RFCs 1113, 1114, and 1115 specify the original version of PEM and
   have been obsoleted bye 1421, 1422, 1423, & 1424.




Nesser                       Informational                     [Page 26]

RFC 2626  The Internet and the Millennium Problem (Year 2000)  June 1999


   RFCs 2104, 2085, 2084, 2057, 2040, 2015, 1984, 1968, 1964, 1961, 1949,
   1948, 1938, 1929, 1928, 1858, 1852, 1851, 1829, 1828, 1827, 1826,
   1825, 1824, 1760, 1751, 1750, 1704, 1675, 1579, 1535, 1511, 1492,
   1457, 1455, 1423, 1416, 1412, 1411, 1409, 1408, 1321, 1320, 1319,
   1281, 1244, 1186, 1170, 1156, 1108, 1004, 972, 931, 927, 912, and 644
   contain no date or time references.

21. Virtual Terminal

21.1 Summary

   The RFC's which were categorized into this group were Telnet and its
   many extensions, as well as the Secure SHell (SSH) protocol.  The X
   window system was not considered since it is not an IETF protocol.
   Official acknowledgement by the trustee's of the X window system was
   given that they will examine the protocol.

   Unencrypted Telnet and TN3270 have both been found to be Year 2000
   Compliant.  The SSH protocols are also Year 2000 compliant.

   21.2 Specifics

   RFC 1013 on the X Windows version 11 alpha protocol defines are 32
   bit unsigned integer timestamp in Section 4.

   RFCs 2066, 1647, 1576, 1572, 1571, 1372, 1282, 1258, 1221, 1205, 1184,
   1143, 1116, 1097, 1096, 1091, 1080, 1079, 1073, 1053, 1043, 1041,
   1005, 946, 933, 930, 929, 907, 885, 884, 878, 861, 860, 859, 858, 857,
   856, 855, 854, 851, 818, 802, 782, 779, 764, 749, 748, 747, 746, 736,
   735, 734, 732, 731, 729, 728, 727, 726, 721, 719, 718, 701, 698, 658,
   657, 656, 655, 654, 653, 652, 651, 647, 636, 431, 399, 393, 386, 365,
   352, 340, 339, 328, 311, 297, 231, and 215 contain no date or time
   references.


   RFCs 703, 702, 688, 679, 669, 659, 600, 596, 595, 587, 563, 562, 560,
   559, 513, 495, 470, 466, 461, 447, 435, 377, 364, 318, 296, 216, 206,
   205, 177, 158, 139, 137, 110, 97 were unavailable.

22.  Other

22.1 Summary

   This grouping was a hodge-podge of informational RFCs, April Fool's
   Jokes, IANA lists, and experimental RFCs.  None were found to have
   any millennium issues.





Nesser                       Informational                     [Page 27]

RFC 2626  The Internet and the Millennium Problem (Year 2000)  June 1999


22.2 Specifics

   RFCs 2123, 2036, 2014, 2000, 1999, 1958, 1935, 1900, 1879, 1855, 1822,
   1814, 1810, 1799, 1776, 1718, 1715, 1700, 1699, 1640, 1627, 1610,
   1607, 1601, 1600, 1599, 1594, 1580, 1578, 1574, 1550, 1540, 1539,
   1527, 1499, 1463, 1462, 1438, 1410, 1402, 1401, 1391, 1367, 1366,
   1360, 1359, 1358, 1349, 1340, 1336, 1325, 1324, 1300, 1291, 1287,
   1261, 1250, 1249, 1206, 1200, 1199, 1177, 1175, 1174, 1152, 1149,
   1140, 1135, 1127, 1118, 1111, 1100, 1099, 1077, 1060, 1039, 1020,
   1019, 999, 997, 992, 990, 980, 960, 945, 944, 943, 939, 909, 902, 900,
   899, 873, 869, 846, 845, 844, 843, 842, 840, 839, 838, 837, 836, 835,
   834, 833, 832, 831, 820, 817, 800, 776, 774, 770, 766, 762, 758, 755,
   750, 745, 717, 637, 603, 602, 590, 581, 578, 529, 527, 526