[Search] [txt|pdf|bibtex] [Tracker] [WG] [Email] [Nits]

Versions: 00 02 rfc2284                                                 
Network Working Group                                          L J Blunk
                                                          J R Vollbrecht
Internet Draft                                       Merit Network, Inc.
expires September 1995                                        March 1995


              PPP Extensible Authentication Protocol (EAP)
                   <draft-ietf-pppext-eap-auth-00.txt>



Status of this Memo

   This document is the product of the Point-to-Point Protocol
   Extensions Working Group of the Internet Engineering Task Force
   (IETF).  Comments should be submitted to the ietf-ppp@merit.edu
   mailing list.

   Distribution of this memo is unlimited.

   This document is an Internet-Draft.  Internet-Drafts are working
   documents of the Internet Engineering Task Force (IETF), its areas,
   and its working groups.  Note that other groups may also distribute
   working documents as Internet-Drafts.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is not appropriate to use Internet-Drafts as reference
   material or to cite them other than as ``work in progress.''

   To learn the current status of any Internet-Draft, please check the
   ``1id-abstracts.txt'' listing contained in the Internet-Drafts
   Shadow Directories on ftp.is.co.za (Africa), nic.nordu.net (Europe),
   munnari.oz.au (Pacific Rim), ds.internic.net (US East Coast), or
   ftp.isi.edu (US West Coast).

Abstract

   The Point-to-Point Protocol (PPP) [1] provides a standard method for
   transporting multi-protocol datagrams over point-to-point links.

   PPP also defines an extensible Link Control Protocol, which allows
   negotiation of an Authentication Protocol for authenticating its peer
   before allowing Network Layer protocols to transmit over the link.

   This document defines the PPP Extensible Authentication Protocol.





Vollbrecht & Blunk       expires in six months                  [Page i]


DRAFT                           PPP EAP                       March 1995


                           Table of Contents


     1.     Introduction ..........................................    1
        1.1       Specification of Requirements ...................    1
        1.2       Terminology .....................................    2

     2.     PPP Extensible Authentication Protocol (EAP) ..........    3
        2.1       Configuration Option Format .....................    5
        2.2       Packet Format ...................................    6
           2.2.1  Request and Response ............................    7
           2.2.2  Success and Failure .............................    9

     3.     Initial EAP Request/Response Types ....................   10
        3.1       Identity ........................................   11
        3.2       Notification ....................................   12
        3.3       Nak .............................................   13
        3.4       Password ........................................   14
        3.5       MD5-Challenge ...................................   15
        3.6       MD4-S/Key and MD5-S/Key .........................   16
        3.7       Echoed User Input and Non-echoed User Input .....   17
        3.8       Kerberos V4 and Kerberos V5 .....................   18
        3.9       Vendor specific .................................   19

        REFERENCES ................................................   21

        ACKNOWLEDGEMENTS ..........................................   21

        CHAIR'S ADDRESS ...........................................   21

        AUTHOR'S ADDRESS ..........................................   21



















Vollbrecht & Blunk       expires in six months                  [Page ii]


DRAFT                           PPP EAP                       March 1995


1.  Introduction

   In order to establish communications over a point-to-point link, each
   end of the PPP link must first send LCP packets to configure the data
   link during Link Establishment phase.  After the link has been
   established, PPP provides for an optional Authentication phase before
   proceeding to the Network-Layer Protocol phase.

   By default, authentication is not mandatory.  If authentication of
   the link is desired, an implementation MUST specify the
   Authentication-Protocol Configuration Option during Link
   Establishment phase.

   These authentication protocols are intended for use primarily by
   hosts and routers that connect to a PPP network server via switched
   circuits or dial-up lines, but might be applied to dedicated links as
   well.  The server can use the identification of the connecting host
   or router in the selection of options for network layer negotiations.

   This document defines the PPP Extensible Authentication Protocol
   (EAP).  The Link Establishment and Authentication phases, and the
   Authentication-Protocol Configuration Option, are defined in The
   Point-to-Point Protocol (PPP) [1].


1.1.  Specification of Requirements

   In this document, several words are used to signify the requirements
   of the specification.  These words are often capitalized.

   MUST      This word, or the adjective "required", means that the
             definition is an absolute requirement of the specification.

   MUST NOT  This phrase means that the definition is an absolute
             prohibition of the specification.

   SHOULD    This word, or the adjective "recommended", means that there
             may exist valid reasons in particular circumstances to
             ignore this item, but the full implications must be
             understood and carefully weighed before choosing a
             different course.

   MAY       This word, or the adjective "optional", means that this
             item is one of an allowed set of alternatives.  An
             implementation which does not include this option MUST be
             prepared to interoperate with another implementation which
             does include the option.




Vollbrecht & Blunk       expires in six months                  [Page 1]


DRAFT                           PPP EAP                       March 1995


1.2.  Terminology

   This document frequently uses the following terms:

   authenticator
             The end of the link requiring the authentication.  The
             authenticator specifies the authentication protocol to be
             used in the Configure-Request during Link Establishment
             phase.

   peer      The other end of the point-to-point link; the end which is
             being authenticated by the authenticator.

   silently discard
             This means the implementation discards the packet without
             further processing.  The implementation SHOULD provide the
             capability of logging the error, including the contents of
             the silently discarded packet, and SHOULD record the event
             in a statistics counter.

   displayable message
             This is interpreted to be human readable string of
             characters, and MUST NOT affect operation of the protocol.
             It is recommended that the message contain displayable
             ASCII characters 32 through 126 decimal.  Mechanisms for
             extension to other character sets are the topic of future
             research.
























Vollbrecht & Blunk       expires in six months                  [Page 2]


DRAFT                           PPP EAP                       March 1995


2.  PPP Extensible Authentication Protocol (EAP)

   The PPP Extensible Authentication Protocol (EAP)  is a general
   protocol for PPP authentication which supports multiple
   authentication mechanisms.  EAP does not select a specific
   authentication mechanism at Link Control Phase, but rather postpones
   this until the Authentication Phase.  This allows the authenticator
   to request more information before determining the specific
   authentication mechanism.  This also permits the use of a "back-end"
   server which actually implements the various mechanisms while the PPP
   authenticator merely passes through the authentication exchange.

   1. After the Link Establishment phase is complete, the authenticator
      sends one or more Requests to authenticate the peer.  The Request
      has a type field to indicate what is being requested.  Examples of
      Request types include "identity", "password", "MD5-challenge",
      "generic user input" (for token cards), "s/key", etc.  The
      "password" and "MD5-challenge" requests correspond closely to the
      "PAP" and "CHAP" authentication protocols, respectively.
      Typically, the authenticator will send an initial "identity"
      Request followed by one or more Requests for authentication
      information.   However, an initial "identity" Request is not
      required, and may be bypassed in cases where the identity is
      presumed (leased lines, dedicated dial-ups, etc.).

   2. The peer sends a Response packet in reply to each Request.  The
      Response will vary with each Request type.

   3. The authenticator terminates the authentication phase with a
      Success or Failure reply.  On a Success reply, the authenticator
      will proceed to the Network Phase.  On a Failure reply, the link
      will be terminated.



















Vollbrecht & Blunk       expires in six months                  [Page 3]


DRAFT                           PPP EAP                       March 1995


Advantages

   The EAP protocol can support multiple authentication mechanisms
   without having to pre-negotiate a particular one during LCP Phase.

   Certain devices (e.g. a NAS) do not necessarily have to understand
   each request type and may be able to simply act as a passthrough
   agent for a "back-end" server on a host.  The device only need look
   for the success/failure code to terminate the authentication phase

Disadvantages

   EAP does require the addition of a new authentication type to LCP and
   thus PPP implementations will need to be modified to use it.  It also
   strays from the previous PPP authentication model of negotiating a
   specific authentication mechanism during LCP.



































Vollbrecht & Blunk       expires in six months                  [Page 4]


DRAFT                           PPP EAP                       March 1995


2.1.  Configuration Option Format

   A summary of the Authentication-Protocol Configuration Option format
   to negotiate the EAP Authentication Protocol is shown below.  The
   fields are transmitted from left to right.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Type      |    Length     |     Authentication-Protocol   |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


   Type

      3

   Length

      4

   Authentication-Protocol

      ???? (Hex) for PPP Extensible Authentication Protocol (EAP)



























Vollbrecht & Blunk       expires in six months                  [Page 5]


DRAFT                           PPP EAP                       March 1995


2.2.  Packet Format

   Exactly one PPP EAP packet is encapsulated in the Information field
   of a PPP Data Link Layer frame where the protocol field indicates
   type hex ???? (PPP EAP).  A summary of the EAP packet format is shown
   below.  The fields are transmitted from left to right.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Code      |  Identifier   |            Length             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |    Data ...
   +-+-+-+-+


   Code

      The Code field is one octet and identifies the type of EAP packet.
      EAP Codes are assigned as follows:

         1       Request
         2       Response
         3       Success
         4       Failure


   Identifier

      The Identifier field is one octet and aids in matching responses
      with requests.

   Length

      The Length field is two octets and indicates the length of the EAP
      packet including the Code, Identifier, Length and Data fields.
      Octets outside the range of the Length field should be treated as
      Data Link Layer padding and should be ignored on reception.

   Data

      The Data field is zero or more octets.  The format of the Data
      field is determined by the Code field.








Vollbrecht & Blunk       expires in six months                  [Page 6]


DRAFT                           PPP EAP                       March 1995


2.2.1.  Request and Response

   Description

      The Request packet is sent by the authenticator to the peer.  Each
      Request has a type field which serves to indicate what is being
      requested.  The authenticator MUST transmit an EAP packet with the
      Code field set to 1 (Request).  Additional Request packets MUST be
      sent until a valid Response packet is received, or an optional
      retry counter expires.  Retransmitted Requests MUST be sent with
      the same Identifier value in order to distinguish them from new
      Requests.  The contents of the data field is dependent on the
      Request type.  The peer MUST send a Response packet in reply to a
      Request packet.  Responses MUST only be sent in reply to a
      received Request and never retransmitted on a timer.  The
      Identifier field of the Response MUST match that of the Request.

   A summary of the Request and Response packet format is shown below.
   The fields are transmitted from left to right.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Code      |  Identifier   |            Length             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Type      |  Type-Data ...
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-


   Code

      1 for Request;

      2 for Response.

   Identifier

      The Identifier field is one octet.  The Identifier field MUST be
      the same if a Request packet is retransmitted due to a timeout
      while waiting for a Response.  Any new Requests MUST modify the
      Identifier field.  If a duplicate Response is received, it must be
      silently discarded.

   Type

      The Type field is one octet.  This field indicates the Type of
      Request or Response.  Only one Type may be specified per EAP
      Request or Response.  Normally, the Type field of the Response



Vollbrecht & Blunk       expires in six months                  [Page 7]


DRAFT                           PPP EAP                       March 1995


      will be the same as the Type of the Request.  However, there is a
      specific Response Type for indicating that a Request type is
      unacceptable.   This Response Type will indicate an acceptable
      Request type for authentication.  An initial specification of
      Types follows in a later section of this document.

   Type-Data

      The Type-Data field varies with the Type of Request and the
      associated Response.









































Vollbrecht & Blunk       expires in six months                  [Page 8]


DRAFT                           PPP EAP                       March 1995


2.2.2.  Success and Failure

   Description

      The Success packet is sent by the authenticator to the peer to
      acknowledge successful authentication.  The authenticator MUST
      transmit an EAP packet with the Code field set to 3 (Success).

      If the authenticator cannot authenticate the peer (unacceptable
      Responses to one or more Requests) then the implementation MUST
      transmit an EAP packet with the Code field set to 4 (Failure).  An
      authenticator may with to issue multiple Requests before sending a
      Failure response in order to allow for human typing mistakes.

         Implementation Note: Because the Success and Failure packets
         are not acknowledged, they may be potentially lost.  A peer
         MUST allow for this circumstance.  The peer can use a Network
         Protocol packet as an alternative indication of Success.
         Likewise, the receipt of a LCP Terminate-Request can be taken
         as a Failure.

   A summary of the Success and Failure packet format is shown below.
   The fields are transmitted from left to right.

    0                   1                   2                   3
    0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
   |     Code      |  Identifier   |            Length             |
   +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+


   Code

      3 for Success;

      4 for Failure.

   Identifier

      The Identifier field is one octet and aids in matching replies to
      Responses.  The Identifier field MUST match the Indentifier field
      of the Response packet that it is sent in response to.

   Length

      4





Vollbrecht & Blunk       expires in six months                  [Page 9]


DRAFT                           PPP EAP                       March 1995


3.  Initial EAP Request/Response Types

   This section defines the initial set of EAP Types used in
   Request/Response exchanges.  More Types may be defined in follow-on
   documents.  The Type field is one octet and identifies the structure
   of an EAP Request or Response packet.  The first 3 Types are
   considered special case Types.  The remaining Types define
   authentication exchanges.  The Nak Type is valid only for Response
   packets, it may not be sent in a Request.  The Nak Type may only be
   sent in repsonse to a Request with an authentication Type.

   The initial EAP Types are assigned as follows:

      1       Identity
      2       Notification
      3       Nak (Response only)
      4       Password
      5       MD5-Challenge
      6       MD4-S/Key
      7       MD5-S/Key
      8       Echoed user input
      9       Non-echoed user input
      10      Kerberos V4
      11      Kerboros V5
      240-255 Vendor Specific (reserved)


























Vollbrecht & Blunk       expires in six months                 [Page 10]


DRAFT                           PPP EAP                       March 1995


3.1.  Identity

   Description

      The Identity Type is used to query the identity of the peer.
      Generally, the authenticator will issue this as the initial
      Request.  An optional displayable message may be included to
      prompt the peer.  A Response MUST be sent to this Request with a
      Type of 1 (Identity).


   Type

      1

   Type-Data

      This field MAY contain a displayable message in the Request.  The
      Response uses this field to return the Identity.  If the Identity
      is unknown, this field should be zero bytes in length.  The field
      SHOULD NOT be null terminated.  The length of this field is
      derived from the Length field of the Request/Response packet.





























Vollbrecht & Blunk       expires in six months                 [Page 11]


DRAFT                           PPP EAP                       March 1995


3.2.  Notification

   Description

      The Notification Type is optionally used to convey a displayable
      message from the authenticator to the peer.   The peer SHOULD
      display this message to the user or log it if it cannot be
      displayed.  It is intended to provide an acknowledged notification
      of some imperative nature.  Examples include a password with an
      expiration time that is about to expire, an S/Key id which is
      nearing 0, an authentication failure warning, etc.   In most
      circumstances, notification should not be required.


   Type

      2


   Type-Data

      The Type-Data field in the Request contains a displayable message
      greater than zero octets in length.  The length of the message is
      determined by Length field of the Request packet.  The message
      SHOULD NOT be null terminated.  A Response MUST be sent in reply
      to the Request with a Type field of 2 (Notification).  The Type-
      Data field of the Response is zero octets in length.   The
      Response should be sent immediately (independent of how the
      message is displayed or logged).






















Vollbrecht & Blunk       expires in six months                 [Page 12]


DRAFT                           PPP EAP                       March 1995


3.3.  Nak

   Description

      The Nak Type is valid only in Response messages.  It is sent in
      reply to a Request where the desired authentication Type is
      unacceptable.   Authentication Types are numbered 4 and above.
      The Response contains the authentication Type desired by the peer.

   Type

      4


   Type-Data

      This field MUST contain a single octet indicating the desired
      authentication type.

































Vollbrecht & Blunk       expires in six months                 [Page 13]


DRAFT                           PPP EAP                       March 1995


3.4.  Password

   Description

      The Password Type is analagous to the PPP PAP protocol [3].  The
      Request may contain an optional displayable message to prompt the
      peer.  A Repsonse MUST be sent in reply to the Request.  The
      Response MAY be either of Type 4 (Password) or Type 3 (Nak).   The
      Nak reply indicates the peer's desired authentication mechanism
      Type.


   Type

      4


   Type-Data

      This field MAY contain a displayable message in the Request.  The
      Response uses this field to return the Password.  The field SHOULD
      NOT be null terminated.  The length of this field is derived from
      the Length field of the Request/Response packet.




























Vollbrecht & Blunk       expires in six months                 [Page 14]


DRAFT                           PPP EAP                       March 1995


3.5.  MD5-Challenge

   Description

      The MD5-Challenge Type is analagous to the PPP CHAP protocol [3]
      (with MD5 as the specified algorithm).  The PPP Authentication
      Protocols RFC [3] should be referred to for further implementation
      specifics.  The Request contains a "challenge" message to the
      peer.  A Repsonse MUST be sent in reply to the Request.  The
      Response MAY be either of Type 5 (MD5-Challenge) or Type 3 (Nak).
      The Nak reply indicates the peer's desired authentication
      mechanism Type.


   Type

      5


   Type-Data

      The contents of the Type-Data  field is summarized below.  For
      reference on the use of this fields see the PPP Authentication
      Protocols RFC [3].

       0                   1                   2                   3
       0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |  Value-Size   |  Value ...
      +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
      |  Name ...
       +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+



















Vollbrecht & Blunk       expires in six months                 [Page 15]


DRAFT                           PPP EAP                       March 1995


3.6.  MD4-S/Key and MD5-S/Key

   Description These protocols are defined in "The S/KEY One-Time
   Password System" [4].  The Request contains a displayable message
   consisting of the S/Key count and a seed. A Repsonse MUST be sent in
   reply to the Request.  The Response MAY be either of Type 6 or 7
   (MD4-S/key or MD5-S/key) or Type 3 (Nak).  The Nak reply indicates
   the peer's desired authentication mechanism Type.


Type

   6 for MD4-S/key;

   7 for MD5-S/key.


Type-Data

   The Type-Data field contains the S/Key "challenge" (count and seed)
   as a displayable message in the Request.  This field is used for the
   6 words (displayable text) from the S/Key dictionary [4] in the
   Response.  The messages SHOULD NOT be null terminated.  The length of
   the field is derived from the Length field of the Request/Reply
   packet.


























Vollbrecht & Blunk       expires in six months                 [Page 16]


DRAFT                           PPP EAP                       March 1995


3.7.  Echoed User Input and Non-echoed User Input

   Description

      The user Input type are used where a user must provide physical
      input.  The typical application would be for "Token" cards where a
      challenge or time-based token is retrieved from the card and
      entered by the user.  The non-echoed Type would be used in cases
      where the entered data is potentially sensitive and thus should be
      hidden. A Repsonse MUST be sent in reply to the Request.  The
      Response MAY be either of Type 8 or 9 (User Input) or Type 3
      (Nak).  The Nak reply indicates the peer's desired authentication
      mechanism Type.


   Type

      8 for Echoed User Input;

      9 for Non-echoed User Input.


   Type-Data

      The Type-Data field contains a displayable message in the Request.
      The peer must then prompt the user for input in response to the
      Request.   This field is then used to return the input in the
      Response.  The message SHOULD NOT be null terminated.   The length
      of the data is derived from the Length field of the
      Request/Response packet.





















Vollbrecht & Blunk       expires in six months                 [Page 17]


DRAFT                           PPP EAP                       March 1995


3.8.  Kerberos V4 and Kerberos V5

These protocols are to be defined in a later document.
















































Vollbrecht & Blunk       expires in six months                 [Page 18]


DRAFT                           PPP EAP                       March 1995


3.9.  Vendor specific

   Description

      These Type field are reserved for Vendor Specific authentication
      mechanism.













































Vollbrecht & Blunk       expires in six months                 [Page 19]


DRAFT                           PPP EAP                       March 1995


   Security Considerations

      Security issues are the primary topic of this RFC.

      The interaction of the authentication protocols within PPP are
      highly implementation dependent.  This is indicated by the use of
      SHOULD throughout the document.

      For example, upon failure of authentication, some implementations
      do not terminate the link.  Instead, the implementation limits the
      kind of traffic in the Network-Layer Protocols to a filtered
      subset, which in turn allows the user opportunity to update
      secrets or send mail to the network administrator indicating a
      problem.

      There is no provision for re-tries of failed authentication.
      However, the LCP state machine can renegotiate the authentication
      protocol at any time, thus allowing a new attempt.  It is
      recommended that any counters used for authentication failure not
      be reset until after successful authentication, or subsequent
      termination of the failed link.

      There is no requirement that authentication be full duplex or that
      the same protocol be used in both directions.  It is perfectly
      acceptable for different protocols to be used in each direction.
      This will, of course, depend on the specific protocols negotiated.

      In practice, within or associated with each PPP server, there is a
      database which associates "user" names with authentication
      information ("secrets").  It is not anticipated that a particular
      named user would be authenticated by multiple methods.  This would
      make the user vulnerable to attacks which negotiate the least
      secure method from among a set (such as PAP rather than EAP).
      Instead, for each named user there should be an indication of
      exactly one method used to authenticate that user name.  If a user
      needs to make use of different authentication methods under
      different circumstances, then distinct user names SHOULD be
      employed, each of which identifies exactly one authentication
      method.












Vollbrecht & Blunk       expires in six months                 [Page 20]


DRAFT                           PPP EAP                       March 1995


   References

      [1]   Simpson, W. A., "The Point-to-Point Protocol (PPP)", RFC
            1661.

      [2]   Reynolds, J., and J. Postel, "Assigned Numbers", RFC 1700,
            USC/Information Sciences Institute, October 1994.

      [3]   Lloyd, B., and Simpson, W.,  "PPP Authentication Protocols",
            RFC 1334, October 1992.

      [4]   Haller, N., "The S/KEY One-Time Password System", RFC 1760,
            Bellcore, February 1995.


   Acknowledgments

      This protocol derives much of its inspiration from Dave Carrel's
      AHA draft as well as the PPP CHAP protocol [3].  Bill Simpson
      provided much of the boilerplate used throughout this document.
      Al Rubens (Merit) also provided valuable feedback.


   Chair's Address

      The working group can be contacted via the current chair:

         Fred Baker
         cisco Systems, Inc.

         EMail: fbaker@cisco.com


   Author's Address

      Questions about this memo can also be directed to:

         Larry J Blunk                   John R Vollbrecht

         EMail: ljb@merit.edu            EMail: jrv@merit.edu











Vollbrecht & Blunk       expires in six months                 [Page 21]