• Home
  • Raw
  • Download

Lines Matching full:this

12 This Internet Draft provides the high level specification for a Commercial
13 IP Security Option (CIPSO).  This draft reflects the version as approved by
14 the CIPSO IETF Working Group.  Distribution of this memo is unlimited.
16 This document is an Internet Draft.  Internet Drafts are working documents
28 directory to learn the current status of this or any other Internet Draft.
37 IP datagrams to be labeled with security classifications.  This option
54 to support multiple security policies.  This Internet Draft provides the
76 This option permits security related information to be passed between
81 and their human readable equivalent.  This authority will distribute that
87 This option MUST be copied on fragmentation.  This option appears at most
89 transmitted in network byte order.  The format of this option is as follows:
104 This field is 1 octet in length.  Its value is 134.
109 This field is 1 octet in length.  It is the total length of the option
111 restriction of 40 octets the value of this field MUST not exceed 40.
116 This field is an unsigned 32 bit integer.  The value 0 is reserved and MUST
122 represented by numbers rather than their ASCII equivalent.  This requires
152 octet boundary.   The tag types defined in this document contain alignment
167 Tag type 0 is reserved. Tag types 1, 2, and 5 are defined in this
179 In the three tag types described in this document, the length and count
182 restrictions specified in this document may increase to use the full area
189 and support the same security policy.  The three tags defined in this
207 This is referred to as the "bit-mapped" tag type.  Tag type 1 is included
208 in the MAC Sensitivity tag type class.  The format of this tag type is as
223 This field is 1 octet in length and has a value of 1.
228 This field is 1 octet in length.  It is the total length of the tag type
230 restriction of 40 bytes the value within this field is between 4 and 34.
235 This field is 1 octet in length and always has the value of 0.  Its purpose
236 is to align the category bitmap field on an even octet boundary.  This will
242 This field is 1 octet in length.  Its value is from 0 to 255.  The values
249 The length of this field is variable and ranges from 0 to 30 octets.  This
254 shows this ordering.  Bit N is binary 1 if category N is part of the label
293 This is referred to as the "enumerated" tag type.  It is used to describe
295 Sensitivity tag type class.  The format of this tag type is as follows:
309 This field is one octet in length and has a value of 2.
314 This field is 1 octet in length. It is the total length of the tag type
316 restriction of 40 bytes the value within this field is between 4 and 34.
321 This field is 1 octet in length and always has the value of 0.  Its purpose
322 is to align the category field on an even octet boundary.  This will
339 This field is 1 octet in length. Its value is from 0 to 255.  The values
346 In this tag, categories are represented by their actual value rather than
348 octets.  Up to 15 categories may be represented by this tag.  Valid values
355 This is referred to as the "range" tag type.  It is used to represent
358 class.  The format of this tag type is as follows:
372 This field is one octet in length and has a value of 5.
377 This field is 1 octet in length. It is the total length of the tag type
379 restriction of 40 bytes the value within this field is between 4 and 34.
384 This field is 1 octet in length and always has the value of 0.  Its purpose
385 is to align the category range field on an even octet boundary.  This will
402 This field is 1 octet in length. Its value is from 0 to 255.  The values
413 label.  This tag may contain a maximum of 7 category pairs.  The bottom
446 provide this capability the following minimal set of configuration
449 HOST_LABEL_MAX - This parameter contains the maximum sensitivity label that
451 greater than this maximum MUST be rejected by the CIPSO host.  This
452 parameter does not apply to CIPSO gateways or routers.  This parameter need
467 HOST_LABEL_MIN - This parameter contains the minimum sensitivity label that
469 than this minimum MUST be rejected by the CIPSO host.  This parameter does
470 not apply to CIPSO gateways or routers.  This parameter need not be defined
474 PORT_LABEL_MAX - This parameter contains the maximum sensitivity label for
476 outgoing datagrams that have a label greater than this maximum MUST be
477 rejected by the CIPSO system.  The label within this parameter MUST be
478 less than or equal to the label within the HOST_LABEL_MAX parameter.  This
481 PORT_LABEL_MIN - This parameter contains the minimum sensitivity label for
483 outgoing datagrams that have a label less than this minimum MUST be
484 rejected by the CIPSO system.  The label within this parameter MUST be
486 This parameter does not apply to CIPSO hosts that support only one network
489 PORT_DOI - This parameter is used to assign a DOI identifier value to a
491 going out this port MUST use the specified DOI identifier.  All CIPSO
492 hosts and gateways MUST support either this parameter, the NET_DOI
495 NET_DOI - This parameter is used to assign a DOI identifier value to a
498 CIPSO hosts and gateways MUST support either this parameter, the PORT_DOI
501 HOST_DOI - This parameter is used to assign a DOI identifier value to a
504 hosts and gateways MUST support either this parameter, the PORT_DOI
507 This list represents the minimal set of configuration parameters required
508 to be compliant.  Implementors are encouraged to add to this list to
545 only required to support a NET_LABEL parameter.  This parameter contains
553 This section describes the processing requirements for incoming and
569 receiving port.  Without this label the host, gateway, or router will not
570 have the information it needs to make security decisions.  This security
573 datagrams.  This label will be compared against the PORT (if appropriate)
616 ignored.  This capability is an allowable enhancement, not a
623 incoming  datagrams.  For this configuration a CIPSO label must be
625 datagrams.  This capability might be used for single level networks or
640 the current set of defined tag types, this means that CIPSO labels at
647 If this condition is not satisfied the datagram MUST be discarded.
682 efficiency purposes this capability is only a desired feature for CIPSO
710 Much of the material in this RFC is based on (and copied from) work
731 To be added to or deleted from this distribution, send mail to: