rfc9847.original.xml   rfc9847.xml 
<?xml version='1.0' encoding='utf-8'?> <?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc [ <!DOCTYPE rfc [
<!ENTITY nbsp "&#160;"> <!ENTITY nbsp "&#160;">
<!ENTITY zwsp "&#8203;"> <!ENTITY zwsp "&#8203;">
<!ENTITY nbhy "&#8209;"> <!ENTITY nbhy "&#8209;">
<!ENTITY wj "&#8288;"> <!ENTITY wj "&#8288;">
]> ]>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?> <?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.29 (Ruby 3.4. <!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.29 (Ruby 2.5.
4) --> 9) -->
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft <rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft
-ietf-tls-rfc8447bis-15" category="std" consensus="true" submissionType="IETF" u -ietf-tls-rfc8447bis-latest" category="std" consensus="true" submissionType="IET
pdates="8447" tocInclude="true" sortRefs="true" symRefs="true" version="3"> F" number="9847" updates="8447" tocInclude="true" sortRefs="true" symRefs="true"
<!-- xml2rfc v2v3 conversion 3.30.0 --> version="3">
<!-- xml2rfc v2v3 conversion 3.31.0 -->
<link href="https://datatracker.ietf.org/doc/draft-ietf-tls-rfc8447bis-latest"
rel="prev"/>
<front> <front>
<title abbrev="(D)TLS IANA Registry Updates">IANA Registry Updates for TLS a <title abbrev="TLS and DTLS IANA Registry Updates">IANA Registry Updates for
nd DTLS</title> TLS and DTLS</title>
<seriesInfo name="Internet-Draft" value="draft-ietf-tls-rfc8447bis-15"/> <seriesInfo name="RFC" value="9847"/>
<author initials="J." surname="Salowey" fullname="Joe Salowey"> <author initials="J." surname="Salowey" fullname="Joe Salowey">
<organization>Venafi</organization> <organization>CyberArk</organization>
<address> <address>
<email>joe@salowey.net</email> <email>joe@salowey.net</email>
</address> </address>
</author> </author>
<author initials="S." surname="Turner" fullname="Sean Turner"> <author initials="S." surname="Turner" fullname="Sean Turner">
<organization>sn3rd</organization> <organization>sn3rd</organization>
<address> <address>
<email>sean@sn3rd.com</email> <email>sean@sn3rd.com</email>
</address> </address>
</author> </author>
<date year="2025" month="July" day="21"/> <date year="2025" month="October"/>
<area>Security</area> <area>SEC</area>
<workgroup>Transport Layer Security</workgroup> <workgroup>TLS</workgroup>
<keyword>Internet-Draft</keyword>
<abstract> <abstract>
<?line 41?> <?line 38?>
<t>This document updates the changes to TLS and DTLS IANA registries <!-- [rfced] FYI - We will do the following when we convert the file to RFCXML:
made in RFC 8447. It adds a new value "D" for discouraged
to the Recommended column of the selected TLS registries and - Update relevant URLs to be clickable in the HTML and PDF outputs
-->
<t>This document updates the changes to the TLS and DTLS IANA registries
made in RFC 8447. It adds a new value, "D" for discouraged,
to the "Recommended" column of the selected TLS registries and
adds a "Comment" column to all active registries that do not adds a "Comment" column to all active registries that do not
already have a "Comment" column. Finally, it updates the already have a "Comment" column. Finally, it updates the
registration request instructions.</t> registration request instructions.</t>
<t>This document updates RFC 8447.</t> <t>This document updates RFC 8447.</t>
</abstract> </abstract>
<note removeInRFC="true">
<name>About This Document</name>
<t>
Status information for this document may be found at <eref target="https
://datatracker.ietf.org/doc/draft-ietf-tls-rfc8447bis/"/>.
</t>
<t>
Discussion of this document takes place on the
Transport Layer Security Working Group mailing list (<eref target="mailt
o:tls@ietf.org"/>),
which is archived at <eref target="https://mailarchive.ietf.org/arch/bro
wse/tls/"/>.
Subscribe at <eref target="https://www.ietf.org/mailman/listinfo/tls/"/>
.
</t>
<t>Source for this draft and an issue tracker can be found at
<eref target="https://github.com/tlswg/rfc8447bis"/>.</t>
</note>
</front> </front>
<middle> <middle>
<?line 52?> <?line 54?>
<section anchor="introduction"> <section anchor="introduction">
<name>Introduction</name> <name>Introduction</name>
<t>This document instructs IANA to make changes to a number of the IANA <t>This document instructs IANA to make changes to a number of the IANA
registries related to Transport Layer Security (TLS) and Datagram registries related to Transport Layer Security (TLS) and Datagram
Transport Layer Security (DTLS). These changes update the changes made Transport Layer Security (DTLS). These changes update the changes made
in <xref target="RFC8447"/>.</t> in <xref target="RFC8447"/>.</t>
<aside> <t>This specification adds a new value, "D" for discouraged, to the "Recom
<t>RFC EDITOR NOTE: Please remove the note that follows.</t> mended"
</aside>
<aside>
<t>NOTE for IANA: This document specifies changes to the registry to upd
ate
the changes made in <xref target="RFC8447"/>.</t>
</aside>
<t>This specification adds a new value "D" for discouraged to the Recommen
ded
column of the selected TLS registries and adds a "Comment" column to all column of the selected TLS registries and adds a "Comment" column to all
active registries that do not already have a "Comment" column.</t> active registries that do not already have a "Comment" column.</t>
<t>This specication also updates the registration request instructions.</t > <t>This specification also updates the registration request instructions.< /t>
</section> </section>
<section anchor="terminology"> <section anchor="terminology">
<name>Terminology</name> <name>Terminology</name>
<t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14 >REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL <t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14 >REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECO MMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECO MMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be i nterpreted as "<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be i nterpreted as
described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they
appear in all capitals, as shown here.</t> appear in all capitals, as shown here.</t>
<?line -18?> <?line -18?>
</section> </section>
<section anchor="updating-recommended-columns-values"> <section anchor="updating-recommended-columns-values">
<name>Updating "Recommended" Column's Values</name> <name>Updating "Recommended" Column's Values</name>
<t>The instructions in this document update the Recommended column, <t>The instructions in this document update the "Recommended" column,
originally added in <xref target="RFC8447"/> to add a third value, "D", originally added in <xref target="RFC8447"/> to add a third value, "D",
indicating that a value is "Discouraged". The permitted values indicating that a value is discouraged. The permitted values
of the "Recommended" column are:</t> of the "Recommended" column are:</t>
<dl> <dl>
<dt>Y:</dt> <dt>Y:</dt>
<dd> <dd>
<t>Indicates that the IETF has consensus that the <t>Indicates that the IETF has consensus that the
item is <bcp14>RECOMMENDED</bcp14>. This only means that the associated item is <bcp14>RECOMMENDED</bcp14>. This only means that the associated
mechanism is fit for the purpose for which it was defined. mechanism is fit for the purpose for which it was defined.
Careful reading of the documentation for the mechanism is Careful reading of the documentation for the mechanism is
necessary to understand the applicability of that mechanism. necessary to understand the applicability of that mechanism.
The IETF could recommend mechanisms that have limited The IETF could recommend mechanisms that have limited
applicability, but will provide applicability statements that applicability but will provide applicability statements that
describe any limitations of the mechanism or necessary constraints describe any limitations of the mechanism or necessary constraints
on its use.</t> on its use.</t>
</dd> </dd>
<dt>N:</dt> <dt>N:</dt>
<dd> <dd>
<t>Indicates that the item has not been evaluated by <t>Indicates that the item has not been evaluated by
the IETF and that the IETF has made no statement about the the IETF and that the IETF has made no statement about the
suitability of the associated mechanism. This does not necessarily suitability of the associated mechanism. This does not necessarily
mean that the mechanism is flawed, only that no consensus exists. mean that the mechanism is flawed, only that no consensus exists.
The IETF might have consensus to leave an items marked as "N" on The IETF might have consensus to leave an item marked as "N" on
the basis of its having limited applicability or usage constraints.</t> the basis of the item having limited applicability or usage constraints.</t>
</dd> </dd>
<dt>D:</dt> <dt>D:</dt>
<dd> <dd>
<t>Indicates that the item is discouraged. This marking could be used to identify <t>Indicates that the item is discouraged. This marking could be used to identify
mechanisms that might result in problems if they are used, such as mechanisms that might result in problems if they are used, such as
a weak cryptographic algorithm or a mechanism that might cause a weak cryptographic algorithm or a mechanism that might cause
interoperability problems in deployment. When marking a registry entry as interoperability problems in deployment. When marking a registry entry as
“D”, either the References or the Comments Column <bcp14>MUST</bcp14> include sufficient "D", either the "Reference" or the "Comment" column <bcp14>MUST</bcp14> includ e sufficient
information to determine why the marking has been applied. Implementers and information to determine why the marking has been applied. Implementers and
users <bcp14>SHOULD</bcp14> consult the linked references associated with the item to users <bcp14>SHOULD</bcp14> consult the linked references associated with the item to
determine the conditions under which the item <bcp14>SHOULD NOT</bcp14> or <bc p14>MUST NOT</bcp14> be used.</t> determine the conditions under which the item <bcp14>SHOULD NOT</bcp14> or <bc p14>MUST NOT</bcp14> be used.</t>
</dd> </dd>
</dl> </dl>
<t>Setting a value to "Y" or "D" or transitioning the value from "Y" or "D " in the "Recommended" column requires <t>Setting a value to "Y" or "D" or transitioning the value from "Y" or "D " in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval <xref target="RFC8126" />. Not all items defined IETF Standards Action with Expert Review or IESG Approval <xref target="RFC8126" />. Not all items defined
in Standards Track RFCs need to be set in Standards Track RFCs need to be set
to "Y" or "D". Any item not otherwise specified is set to "N". The column is to "Y" or "D". Any item not otherwise specified is set to "N". The column is
blank for values that are unassigned or reserved unless specifically set.</t> blank for values that are unassigned or reserved unless specifically set.</t>
<section anchor="rec-note"> <section anchor="rec-note">
<name>Recommended Note</name> <name>Recommended Note</name>
<t>Existing registries have a note on the meaning of the Recommended col <t>Existing registries have a note on the meaning of the "Recommended" c
umn. For the olumn. For the
registries discussed in the subsequent sections this note is updated registries discussed in the subsequent sections, this note is updated
with a sentence describing the "D" value as follows:</t> with a sentence describing the "D" value as follows:</t>
<dl> <blockquote>
<dt>Note:</dt> <t>Note: If the "Recommended" column is set to "N", it does not necess
<dd> arily mean
<t>If "Recommended" column is set to "N", it does not necessarily me that it is flawed; rather, it indicates that the item has not
an
that it is flawed; rather, it indicates that the item either has not
been through the IETF consensus process, has limited applicability, or been through the IETF consensus process, has limited applicability, or
is intended only for specific use cases. If the "Recommended" column is intended only for specific use cases. If the "Recommended" column
is set to "D" the item is discouraged and <bcp14>SHOULD NOT</bcp14> or <bcp14>MU is set to "D", the item is discouraged and <bcp14>SHOULD NOT</bcp14> or <bcp14>M
ST NOT</bcp14> be used, UST NOT</bcp14> be used,
depending upon the situation; consult the item’s references for clarity.</t> depending upon the situation; consult the item's references for clarity.</t>
</dd> </blockquote>
</dl>
</section> </section>
</section> </section>
<section anchor="tls-extensiontype-values-registry"> <section anchor="tls-extensiontype-values-registry">
<name>TLS ExtensionType Values Registry</name> <name>TLS ExtensionType Values Registry</name>
<t>In order to reflect the changes in the Recommended column allocation, <t>In order to reflect the changes in the "Recommended" column allocation,
IANA is requested to update the TLS ExtensionType Values registry as follows:</t IANA has updated the "TLS ExtensionType Values" registry as follows:</t>
>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Adjust the registration procedure related to setting the “Recommend <t>Adjusted the registration procedure related to setting the "Recomme
ed” column as follows:</t> nded" column as follows: </t>
<t>
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval <xref target="RFC812
6"/>.</t>
</li> </li>
</ul>
<artwork><![CDATA[
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval [RFC8126].
]]></artwork>
<ul spacing="normal">
<li> <li>
<t>Add a reference to this document under the reference heading.</t> <t>Added a reference to this document under the reference heading.</t>
</li> </li>
<li> <li>
<t>Update the "Recommended" column with the changes as listed below. <t>Updated the "Recommended" column with the changes listed below. En
Entries tries
keep their existing "Y" and "N" entries except for the entries in following tabl keep their existing "Y" and "N" entries except for the entries in the following
e. table.
IANA is requested to add a reference to this document for these entries.</t> IANA has added a reference to this document for these entries.</t>
</li> </li>
</ul> </ul>
<table> <table>
<thead> <thead>
<tr> <tr>
<th align="left">Value</th> <th align="left">Value</th>
<th align="left">Extension</th> <th align="left">Extension Name</th>
<th align="right">Recommended</th> <th align="right">Recommended</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<tr> <tr>
<td align="left">4</td> <td align="left">4</td>
<td align="left">truncated_hmac</td> <td align="left">truncated_hmac</td>
<td align="right">D</td> <td align="right">D</td>
</tr> </tr>
<tr> <tr>
<td align="left">53</td>
<td align="left">connection_id (deprecated)</td>
<td align="right">D</td>
</tr>
<tr>
<td align="left">40</td> <td align="left">40</td>
<td align="left">Reserved</td> <td align="left">Reserved</td>
<td align="right">D</td> <td align="right">D</td>
</tr> </tr>
<tr> <tr>
<td align="left">46</td> <td align="left">46</td>
<td align="left">Reserved</td> <td align="left">Reserved</td>
<td align="right">D</td> <td align="right">D</td>
</tr> </tr>
<tr>
<td align="left">53</td>
<td align="left">connection_id (deprecated)</td>
<td align="right">D</td>
</tr>
</tbody> </tbody>
</table> </table>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Update note on the Recommended column with text in <xref target="re c-note"/>.</t> <t>Updated the note on the "Recommended" column with text in <xref tar get="rec-note"/>.</t>
</li> </li>
<li> <li>
<t>For the truncated_hmac, add the following link to Reference column: <t>For the truncated_hmac, added the following link to the "Reference"
https://www.iacr.org/archive/asiacrypt2011/70730368/70730368.pdf</t> column: https://www.iacr.org/archive/asiacrypt2011/70730368/70730368.pdf</t>
</li> </li>
<li> <li>
<t>For the two Reserved values above, add the following link in the Re <t>For the two Reserved values above, added the following link in the
ference column: "Reference" column: https://mailarchive.ietf.org/arch/msg/tls-reg-review/5BD62HB
https://mailarchive.ietf.org/arch/msg/tls-reg-review/5BD62HBFjo_AsW-Y8ohVuWEe1gI Fjo_AsW-Y8ohVuWEe1gI/</t>
/</t>
</li> </li>
</ul> </ul>
</section> </section>
<section anchor="tls-cipher-suites-registry"> <section anchor="tls-cipher-suites-registry">
<name>TLS Cipher Suites Registry</name> <name>TLS Cipher Suites Registry</name>
<t>Several categories of ciphersuites are discouraged for general use and <t>Several categories of cipher suites are discouraged for general use and
are marked as "D".</t> are marked as "D".</t>
<t>Ciphersuites that use NULL encryption do not provide the confidentialit y <t>Cipher suites that use NULL encryption do not provide the confidentiali ty
normally expected of TLS. Protocols and applications are often designed normally expected of TLS. Protocols and applications are often designed
to require confidentiality as a security property. These to require confidentiality as a security property. These
ciphersuites <bcp14>MUST NOT</bcp14> be used in those cases.</t> cipher suites <bcp14>MUST NOT</bcp14> be used in those cases.</t>
<t>Ciphersuites marked as EXPORT use weak ciphers and were deprecated in <t>Cipher suites marked as EXPORT use weak ciphers and were deprecated in
TLS 1.1 <xref target="RFC4346"/>.</t> TLS 1.1 <xref target="RFC4346"/>.</t>
<t>Cipher suites marked as anon do not provide any authentication and are <t>Cipher suites marked as anon do not provide any authentication, are
vulnerable to on-path attacks and are deprecated in TLS 1.1 vulnerable to on-path attacks, and were deprecated in TLS 1.1
<xref target="RFC4346"/>.</t> <xref target="RFC4346"/>.</t>
<t>RC4 is a weak cipher and is deprecated in <xref target="RFC7465"/>.</t> <t>RC4 is a weak cipher and is deprecated in <xref target="RFC7465"/>.</t>
<t>DES and IDEA are not considered secure for general use and are deprecat <t>DES and the International Data Encryption Algorithm (IDEA) are not cons
ed idered secure for general use and were deprecated in <xref target="RFC5469"/>. M
in <xref target="RFC5469"/>. Nor is MD5 or SHA-1 and these are deprecated in <xr D5 and SHA-1 are also not secure for general use and were deprecated in <xref ta
ef target="RFC9155"/>.</t> rget="RFC9155"/>.</t>
<t>In order to reflect the changes in the Recommended column allocation, <t>In order to reflect the changes in the "Recommended" column allocation,
IANA is requested to update the TLS ExtensionType Values registry as follows:</t IANA has updated the "TLS Cipher Suites" registry as follows:</t>
>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Adjust the registration procedure related to setting the “Recommend <t>Adjusted the registration procedure related to setting the "Recomme
ed” column as follows:</t> nded" column as follows: </t>
<t>
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval <xref target="RFC812
6"/>.</t>
</li> </li>
</ul>
<artwork><![CDATA[
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval [RFC8126].
]]></artwork>
<ul spacing="normal">
<li> <li>
<t>Add a reference to this document under the reference heading.</t> <t>Added a reference to this document under the reference heading.</t>
</li> </li>
<li> <li>
<t>Update the "Recommended" column with the changes as listed below. Entries <t>Updated the "Recommended" column with the changes listed below. En tries
keep their existing "Y" and "N" entries except for the entries in following tabl e. keep their existing "Y" and "N" entries except for the entries in following tabl e.
IANA is requested to add a reference to this document for these entries. This do IANA has added a reference to this document for these entries. This document doe
cument does not s not
make any changes to the DTLS-OK column.</t> make any changes to the "DTLS-OK" column.</t>
</li> </li>
</ul> </ul>
<table> <table>
<thead> <thead>
<tr> <tr>
<th align="left">Value</th> <th align="left">Value</th>
<th align="left">Cipher Suite Name</th> <th align="left">Description</th>
<th align="right">Recommended</th> <th align="right">Recommended</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<tr> <tr>
<td align="left">0x00,0x1E</td> <td align="left">0x00,0x1E</td>
<td align="left">TLS_KRB5_WITH_DES_CBC_SHA</td> <td align="left">TLS_KRB5_WITH_DES_CBC_SHA</td>
<td align="right">D</td> <td align="right">D</td>
</tr> </tr>
<tr> <tr>
skipping to change at line 402 skipping to change at line 374
</tr> </tr>
<tr> <tr>
<td align="left">0xC0,0xB5</td> <td align="left">0xC0,0xB5</td>
<td align="left">TLS_SHA384_SHA384</td> <td align="left">TLS_SHA384_SHA384</td>
<td align="right">D</td> <td align="right">D</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Update note on the Recommended column with text in <xref target="re c-note"/>.</t> <t>Updated the note on the "Recommended" column with text in <xref tar get="rec-note"/>.</t>
</li> </li>
</ul> </ul>
</section> </section>
<section anchor="tls-supported-groups-registry"> <section anchor="tls-supported-groups-registry">
<name>TLS Supported Groups Registry</name> <name>TLS Supported Groups Registry</name>
<t>In order to reflect the changes in the Recommended column allocation, <t>In order to reflect the changes in the "Recommended" column allocation,
IANA is requested to update the TLS Supported Groups registry as follows:</t> IANA has updated the "TLS Supported Groups" registry as follows:</t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Update the registration policy to include:</t> <t>Updated the registration policy to include: </t>
<t>
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval <xref target="RFC812
6"/>.</t>
</li> </li>
</ul>
<artwork><![CDATA[
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval [RFC8126].
]]></artwork>
<ul spacing="normal">
<li> <li>
<t>Add a reference to this document under the reference heading.</t> <t>Added a reference to this document under the reference heading.</t>
</li> </li>
<li> <li>
<t>Update the "Recommended" column with the changes as listed below. Entries <t>Updated the "Recommended" column with the changes listed below. En tries
keep their existing "Y" and "N" entries except for the entries in following tabl e. keep their existing "Y" and "N" entries except for the entries in following tabl e.
IANA is requested to add a reference to this document for these entries.</t> IANA has added a reference to this document for these entries.</t>
</li> </li>
</ul> </ul>
<table> <table>
<thead> <thead>
<tr> <tr>
<th align="left">Value</th> <th align="left">Value</th>
<th align="left">Curve</th> <th align="left">Description</th>
<th align="right">Recommended</th> <th align="right">Recommended</th>
</tr> </tr>
</thead> </thead>
<tbody> <tbody>
<tr> <tr>
<td align="left">1</td> <td align="left">1</td>
<td align="left">sect163k1</td> <td align="left">sect163k1</td>
<td align="right">D</td> <td align="right">D</td>
</tr> </tr>
<tr> <tr>
skipping to change at line 518 skipping to change at line 487
</tr> </tr>
<tr> <tr>
<td align="left">21</td> <td align="left">21</td>
<td align="left">secp224r1</td> <td align="left">secp224r1</td>
<td align="right">D</td> <td align="right">D</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Update note on the Recommended column with text in <xref target="re c-note"/>.</t> <t>Updated the note on the "Recommended" column with text in <xref tar get="rec-note"/>.</t>
</li> </li>
<li> <li>
<t>Remove the "Elliptic curve groups" note from the registration <t>Removed the "Elliptic curve groups" note from the registration
procedures table.</t> procedures table.</t>
</li> </li>
<li> <li>
<t>For each of the entries above, add the following link to the <t>For each of the entries above, added the following link to the
Comment column: "Comment" column: https://datatracker.ietf.org/meeting/118/materials/slides-118-
https://datatracker.ietf.org/meeting/118/materials/slides-118-tls-rfc8447bis-00< tls-rfc8447bis-00</t>
/t>
</li> </li>
</ul> </ul>
</section> </section>
<section anchor="tls-exporter-labels-registry"> <section anchor="tls-exporter-labels-registry">
<name>TLS Exporter Labels Registry</name> <name>TLS Exporter Labels Registry</name>
<t>This document updates the registration procedure for the TLS Exporter <t>This document updates the registration procedure for the "TLS Exporter
Labels registry and updates the Recommended column allocation. Labels" registry and updates the "Recommended" column allocation.
IANA is requested to update the TLS Exporter Labels Registry as follows:</t> IANA has updated the "TLS Exporter Labels" registry as follows:</t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Change the registration procedure from Specification Required to <t>Changed the registration procedure from Specification Required to
Expert Review and update it to include:</t> Expert Review and updated it to include: </t>
<t>
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval <xref target="RFC812
6"/>.</t>
</li> </li>
</ul>
<artwork><![CDATA[
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval [RFC8126].
]]></artwork>
<ul spacing="normal">
<li> <li>
<t>Add a reference to this document under the reference heading.</t> <t>Added a reference to this document under the reference heading.</t>
</li> </li>
<li> <li>
<t>Entries keep their existing Recommended column "Y" and "N" entries< /t> <t>Entries kept their existing "Recommended" column "Y" and "N" entrie s.</t>
</li> </li>
<li> <li>
<t>Update note on the Recommended column with text in <xref target="re c-note"/>.</t> <t>Updated the note on the "Recommended" column with text in <xref tar get="rec-note"/>.</t>
</li> </li>
<li> <li>
<t>Update the note on the role of the expert reviewer as follows.</t> <t>Updated the note on the role of the expert reviewer as follows.</t>
</li> </li>
</ul> </ul>
<dl> <blockquote>
<dt>Note:</dt> <t>Note: The role of the designated expert is described in <xref section
<dd> ="17" sectionFormat="of" target="RFC8447"/>.
<t>The role of the designated expert is described in <xref section="17
" sectionFormat="comma" target="RFC8447"/>.
Even though this registry does not require a specification, the Even though this registry does not require a specification, the
designated expert <xref target="RFC8126"/> will strongly encourage registrants designated expert <xref target="RFC8126"/> will strongly encourage registrants
to provide a link to a publicly available specification. An to provide a link to a publicly available specification. An
Internet-Draft (that is posted and never published as an RFC) Internet-Draft (that is posted and never published as an RFC)
or a document from another standards body, industry consortium, or a document from another standards body, industry consortium,
university site, etc. are suitable for these purposes. university site, etc. is suitable for these purposes.
The expert may provide more in-depth reviews, but their approval The expert may provide more in-depth reviews, but their approval
should not be taken as an endorsement of the exporter label. The should not be taken as an endorsement of the exporter label. The
expert also verifies that the label is a string consisting of expert also verifies that the label is a string consisting of
printable ASCII characters beginning with "EXPORTER". IANA <bcp14>MUST</bcp14> printable ASCII characters beginning with "EXPORTER". IANA <bcp14>MUST</bcp14>
also verify that one label is not a prefix of any other label. also verify that one label is not a prefix of any other label.
For example, labels "key" or "master secretary" are forbidden.</t> For example, labels "key" or "master secretary" are forbidden.</t>
</dd> </blockquote>
</dl>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Rename the Note column to Comment column.</t> <t>Renamed the "Note" column to "Comment".</t>
</li> </li>
</ul> </ul>
</section> </section>
<section anchor="tls-certificate-types-registry"> <section anchor="tls-certificate-types-registry">
<name>TLS Certificate Types Registry</name> <name>TLS Certificate Types Registry</name>
<t>In order to reflect the changes in the Recommended column allocation, <t>In order to reflect the changes in the "Recommended" column allocation,
IANA is requested to update the TLS Certificate Types registry as follows:</t> IANA has updated the "TLS Certificate Types" registry as follows:</t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Adjust the registration procedure related to setting the “Recommend <t>Adjusted the registration procedure related to setting the "Recomme
ed” column as follows:</t> nded" column as follows: </t>
<t>
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval <xref target="RFC812
6"/>.</t>
</li> </li>
</ul>
<artwork><![CDATA[
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval [RFC8126].
]]></artwork>
<ul spacing="normal">
<li> <li>
<t>Add a reference to this document under the reference heading.</t> <t>Added a reference to this document under the reference heading.</t>
</li> </li>
<li> <li>
<t>Entries keep their existing Recommended column "Y" and "N" entries. </t> <t>Entries kept their existing "Recommended" column "Y" and "N" entrie s.</t>
</li> </li>
<li> <li>
<t>Update note on the Recommended column with text in <xref target="re c-note"/>.</t> <t>Updated the note on the "Recommended" column with text in <xref tar get="rec-note"/>.</t>
</li> </li>
</ul> </ul>
</section> </section>
<section anchor="tls-hashalgorithm-registry"> <section anchor="tls-hashalgorithm-registry">
<name>TLS HashAlgorithm Registry</name> <name>TLS HashAlgorithm Registry</name>
<t>Though TLS 1.0 and TLS 1.1 were deprecated <xref target="RFC8996"/>, TL <t>TLS 1.0 and TLS 1.1 were deprecated <xref target="RFC8996"/>; TLS 1.2 w
S 1.2 will ill
be in use for some time. In order to reflect the changes in the Recommended be in use for some time. In order to reflect the changes in the "Recommended"
column allocation, IANA is requested to update the TLS HashAlgorithm Registry column allocation, IANA has updated the "TLS HashAlgorithm" registry
as follows:</t> as follows:</t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Update the registration procedure to include:</t> <t>Updated the registration procedure to include: </t>
<t>
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval <xref target="RFC812
6"/>.</t>
</li> </li>
</ul>
<artwork><![CDATA[
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval [RFC8126].
]]></artwork>
<ul spacing="normal">
<li> <li>
<t>Add a reference to this document under the reference heading.</t> <t>Added a reference to this document under the reference heading.</t>
</li> </li>
<li> <li>
<t>Update the TLS HashAlgorithm registry to add a "Recommended" column <t>Updated the "TLS HashAlgorithm" registry to add a "Recommended" col umn
as follows:</t> as follows:</t>
</li> </li>
</ul> </ul>
<table> <table>
<thead> <thead>
<tr> <tr>
<th align="left">Value</th> <th align="left">Value</th>
<th align="left">Description</th> <th align="left">Description</th>
<th align="right">Recommended</th> <th align="right">Recommended</th>
</tr> </tr>
skipping to change at line 689 skipping to change at line 645
</tr> </tr>
<tr> <tr>
<td align="left">8</td> <td align="left">8</td>
<td align="left">Intrinsic</td> <td align="left">Intrinsic</td>
<td align="right">Y</td> <td align="right">Y</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Add note on the Recommended column with text in <xref target="rec-n ote"/>.</t> <t>Added a note on the "Recommended" column with text in <xref target= "rec-note"/>.</t>
</li> </li>
</ul> </ul>
</section> </section>
<section anchor="tls-signaturealgorithm-registry"> <section anchor="tls-signaturealgorithm-registry">
<name>TLS SignatureAlgorithm Registry</name> <name>TLS SignatureAlgorithm Registry</name>
<t>Though TLS 1.0 and TLS 1.1 were deprecated <xref target="RFC8996"/>, TL <t>TLS 1.0 and TLS 1.1 were deprecated <xref target="RFC8996"/>, TLS 1.2 w
S 1.2 will ill
be in use for some time. In order to reflect the changes in the Recommended be in use for some time. In order to reflect the changes in the "Recommended"
column allocation, IANA is requested to update the TLS SignatureAlgorithm regist column allocation, IANA has updated the "TLS SignatureAlgorithm" registry
ry
as follows:</t> as follows:</t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Update the registration procedure to include:</t> <t>Updated the registration procedure to include: </t>
<t>
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval <xref target="RFC812
6"/>.</t>
</li> </li>
</ul>
<artwork><![CDATA[
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval [RFC8126].
]]></artwork>
<ul spacing="normal">
<li> <li>
<t>Add a reference to this document under the reference heading.</t> <t>Added a reference to this document under the reference heading.</t>
</li> </li>
<li> <li>
<t>Update the TLS SignatureAlgorithm registry to add a "Recommended" <t>Updated the "TLS SignatureAlgorithm" registry to add a "Recommended "
column as follows:</t> column as follows:</t>
</li> </li>
</ul> </ul>
<table> <table>
<thead> <thead>
<tr> <tr>
<th align="left">Value</th> <th align="left">Value</th>
<th align="left">Description</th> <th align="left">Description</th>
<th align="right">Recommended</th> <th align="right">Recommended</th>
</tr> </tr>
skipping to change at line 771 skipping to change at line 724
</tr> </tr>
<tr> <tr>
<td align="left">65</td> <td align="left">65</td>
<td align="left">gostr34102012_512</td> <td align="left">gostr34102012_512</td>
<td align="right">N</td> <td align="right">N</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Add note on the Recommended column with text in <xref target="rec-n ote"/>.</t> <t>Added a note on the "Recommended" column with text in <xref target= "rec-note"/>.</t>
</li> </li>
</ul> </ul>
</section> </section>
<section anchor="tls-clientcertificatetype-identifiers-registry"> <section anchor="tls-clientcertificatetype-identifiers-registry">
<name>TLS ClientCertificateType Identifiers Registry</name> <name>TLS ClientCertificateType Identifiers Registry</name>
<t>Though TLS 1.0 and TLS 1.1 were deprecated <xref target="RFC8996"/>, TL <t>TLS 1.0 and TLS 1.1 were deprecated <xref target="RFC8996"/>, TLS 1.2 w
S 1.2 will ill
be in use for some time. In order to refect the changes in the Recommended be in use for some time. In order to reflect the changes in the "Recommended"
column allocation, IANA is requested to update the TLS ClientCertificateType Ide column allocation, IANA has updated the "TLS ClientCertificateType Identifiers"
ntifiers
registry as follows:</t> registry as follows:</t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Update the registration procedure to include:</t> <t>Updated the registration procedure to include: </t>
<t>
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval <xref target="RFC812
6"/>.</t>
</li> </li>
</ul>
<artwork><![CDATA[
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval [RFC8126].
]]></artwork>
<ul spacing="normal">
<li> <li>
<t>Add a reference to this document under the reference heading.</t> <t>Added a reference to this document under the reference heading.</t>
</li> </li>
<li> <li>
<t>Update the TLS ClientCertificateType Identifiers registry to add a "Recommended" <t>Updated the "TLS ClientCertificateType Identifiers" registry to add a "Recommended"
column as follows:</t> column as follows:</t>
</li> </li>
</ul> </ul>
<table> <table>
<thead> <thead>
<tr> <tr>
<th align="left">Value</th> <th align="left">Value</th>
<th align="left">Description</th> <th align="left">Description</th>
<th align="right">Recommended</th> <th align="right">Recommended</th>
</tr> </tr>
skipping to change at line 873 skipping to change at line 823
</tr> </tr>
<tr> <tr>
<td align="left">68</td> <td align="left">68</td>
<td align="left">gost_sign512</td> <td align="left">gost_sign512</td>
<td align="right">N</td> <td align="right">N</td>
</tr> </tr>
</tbody> </tbody>
</table> </table>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Add note on the Recommended column with text in <xref target="rec-n ote"/>.</t> <t>Added a note on the "Recommended" column with text in <xref target= "rec-note"/>.</t>
</li> </li>
</ul> </ul>
</section> </section>
<section anchor="tls-pskkeyexchangemode-registry"> <section anchor="tls-pskkeyexchangemode-registry">
<name>TLS PskKeyExchangeMode Registry</name> <name>TLS PskKeyExchangeMode Registry</name>
<t>In order to reflect the changes in the Recommended column allocation, <t>In order to reflect the changes in the "Recommended" column allocation,
IANA is requested to update the TLS PskKeyExchangeMode registry as follows:</t> IANA has updated the "TLS PskKeyExchangeMode" registry as follows:</t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Update the registration procedure to include:</t> <t>Updated the registration procedure to include: </t>
<t>
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval <xref target="RFC812
6"/>.</t>
</li> </li>
</ul>
<artwork><![CDATA[
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval [RFC8126].
]]></artwork>
<ul spacing="normal">
<li> <li>
<t>Add a reference to this document under the reference heading.</t> <t>Added a reference to this document under the reference heading.</t>
</li> </li>
<li> <li>
<t>Entries keep their existing Recommended column "Y" and "N" entries. </t> <t>Entries kept their existing "Recommended" column "Y" and "N" entrie s.</t>
</li> </li>
<li> <li>
<t>Update note on the Recommended column with text in <xref target="re c-note"/>.</t> <t>Updated note on the "Recommended" column with text in <xref target= "rec-note"/>.</t>
</li> </li>
</ul> </ul>
</section> </section>
<section anchor="tls-signaturescheme-registry"> <section anchor="tls-signaturescheme-registry">
<name>TLS SignatureScheme Registry</name> <name>TLS SignatureScheme Registry</name>
<t>In order to reflect the changes in the Recommended column allocation, <t>In order to reflect the changes in the "Recommended" column allocation,
IANA is requested to update the TLS SignatureScheme registry as follows:</t> IANA has updated the "TLS SignatureScheme" registry as follows:</t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>Update the registration procedure to include:</t> <t>Updated the registration procedure to include: </t>
<t>
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval <xref target="RFC812
6"/>.</t>
</li> </li>
</ul>
<artwork><![CDATA[
Setting a value to "Y" or "D" or transitioning the value from
"Y" or "D" in the "Recommended" column requires
IETF Standards Action with Expert Review or IESG Approval [RFC8126].
]]></artwork>
<ul spacing="normal">
<li> <li>
<t>IANA is requested to add a reference to this document under the ref erence heading.</t> <t>Added a reference to this document under the reference heading.</t>
</li> </li>
<li> <li>
<t>Entries keep their existing Recommended column "Y" and "N" entries. </t> <t>Entries kept their existing "Recommended" column "Y" and "N" entrie s.</t>
</li> </li>
<li> <li>
<t>Update note on the Recommended column with text in <xref target="re c-note"/>.</t> <t>Updated note on the "Recommended" column with text in <xref target= "rec-note"/>.</t>
</li> </li>
</ul> </ul>
</section> </section>
<section anchor="adding-comment-column"> <section anchor="adding-comment-column">
<name>Adding "Comment" Column</name> <name>Adding "Comment" Column</name>
<t>IANA is requested to add a "Comment" column to the following registries :</t> <t>IANA has added a "Comment" column to the following registries:</t>
<ul spacing="normal"> <ul spacing="normal">
<li> <li>
<t>TLS ExtensionType Values</t> <t>TLS ExtensionType Values</t>
</li> </li>
<li> <li>
<t>TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs</t> <t>TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs</t>
</li> </li>
<li> <li>
<t>TLS CachedInformationType Values</t> <t>TLS CachedInformationType Values</t>
</li> </li>
skipping to change at line 967 skipping to change at line 911
<li> <li>
<t>TLS EC Curve Types</t> <t>TLS EC Curve Types</t>
</li> </li>
<li> <li>
<t>TLS Supplemental Data Formats (SupplementalDataType)</t> <t>TLS Supplemental Data Formats (SupplementalDataType)</t>
</li> </li>
<li> <li>
<t>TLS UserMappingType Values</t> <t>TLS UserMappingType Values</t>
</li> </li>
<li> <li>
<t>TLS Signature Algorithm</t> <t>TLS SignatureAlgorithm</t>
</li> </li>
<li> <li>
<t>TLS Hash Algorithm</t> <t>TLS HashAlgorithm</t>
</li> </li>
<li> <li>
<t>TLS Authorization Data Formats</t> <t>TLS Authorization Data Formats</t>
</li> </li>
<li> <li>
<t>TLS Heartbeat Message Types</t> <t>TLS Heartbeat Message Types</t>
</li> </li>
<li> <li>
<t>TLS Heartbeat Modes</t> <t>TLS Heartbeat Modes</t>
</li> </li>
skipping to change at line 995 skipping to change at line 939
<t>TLS PskKeyExchangeMode</t> <t>TLS PskKeyExchangeMode</t>
</li> </li>
<li> <li>
<t>TLS KDF Identifiers</t> <t>TLS KDF Identifiers</t>
</li> </li>
<li> <li>
<t>TLS SSLKEYLOGFILE Labels</t> <t>TLS SSLKEYLOGFILE Labels</t>
</li> </li>
</ul> </ul>
<t>This list of registries is all registries that do not already have a <t>This list of registries is all registries that do not already have a
"Comment" or "Notes" column or that were not orphaned by TLS 1.3.</t> "Comment" or "Note" column or that were not orphaned by TLS 1.3.</t>
<t>IANA is requested to rename the "Note" column to "Comment" column in
TLS Exporter Labels registry.</t>
</section> </section>
<section anchor="expert-review-of-current-and-potential-ietf-and-irtf-docume nts"> <section anchor="expert-review-of-current-and-potential-ietf-and-irtf-docume nts">
<name>Expert Review of Current and Potential IETF and IRTF Documents</name > <name>Expert Review of Current and Potential IETF and IRTF Documents</name >
<t>The intent of the Specification Required choice for TLS code points <t>The intent of the Specification Required choice for TLS codepoints
is to allow for easy registration for code points associated with is to allow for easy registration for codepoints associated with
protocols and algorithms that are not being actively developed inside protocols and algorithms that are not being actively developed inside
IETF or IRTF. When TLS-based technologies are being developed inside the IETF or IRTF. When TLS-based technologies are being developed inside
the IRTF/IETF they should be done in coordination with the TLS WG in the IETF or IRTF, they should be done in coordination with the TLS WG in
order to provide appropriate review. For this reason, unless the TLS WG order to provide appropriate review. For this reason, unless the TLS WG
chairs indicate otherwise via email, designated Chairs indicate otherwise via email, designated
experts should decline code point registrations for documents which experts should decline codepoint registrations for documents that
have already been adopted or are being proposed for adoption by IETF have already been adopted or are being proposed for adoption by IETF
working groups or IRTF research groups.</t> working groups or IRTF research groups.</t>
</section> </section>
<section anchor="registration-requests"> <section anchor="registration-requests">
<name>Registration Requests</name> <name>Registration Requests</name>
<t>Registration requests <bcp14>MUST</bcp14> be submitted in one of two wa ys:</t> <t>Registration requests <bcp14>MUST</bcp14> be submitted in one of two wa ys:</t>
<ol spacing="normal" type="1"><li> <ol spacing="normal" type="1"><li>
<t>By sending email to iana@iana.org; this email <bcp14>SHOULD</bcp14> <t>By sending email to iana@iana.org; this email <bcp14>SHOULD</bcp14>
use an appropriate subject (e.g., "Request to register value in TLS use an appropriate subject (e.g., "Request to register value in TLS
bar registry").</t> bar registry").</t>
</li> </li>
<li> <li>
<t>Using the online form at <t>Using the online form at https://www.iana.org/form/protocol-assignm
https://www.iana.org/form/protocol-assignment.</t> ent.</t>
</li> </li>
</ol> </ol>
<t>Specification Required <xref target="RFC8126"/> registry requests are r egistered after <t>Specification Required <xref target="RFC8126"/> registry requests are r egistered after
a three-week review period on the advice of one or more designated a three-week review period on the advice of one or more designated
experts. However, to allow for the allocation of values prior to experts. However, to allow for the allocation of values prior to
publication, the designated experts may approve registration once they publication, the designated experts may approve registration once they
are satisfied that such a specification will be published.</t> are satisfied that such a specification will be published.</t>
</section> </section>
<section anchor="security-considerations"> <section anchor="security-considerations">
<name>Security Considerations</name> <name>Security Considerations</name>
skipping to change at line 1047 skipping to change at line 988
in cryptanalysis. Implementers and users need to check that the in cryptanalysis. Implementers and users need to check that the
cryptographic algorithms listed continue to provide the expected level cryptographic algorithms listed continue to provide the expected level
of security.</t> of security.</t>
<t>Designated experts ensure the specification is publicly available. The y may <t>Designated experts ensure the specification is publicly available. The y may
provide more in-depth reviews. Their review should not be taken as an provide more in-depth reviews. Their review should not be taken as an
endorsement of the cipher suite, extension, supported group, etc.</t> endorsement of the cipher suite, extension, supported group, etc.</t>
</section> </section>
<section anchor="iana-considerations"> <section anchor="iana-considerations">
<name>IANA Considerations</name> <name>IANA Considerations</name>
<t>This document is entirely about changes to TLS-related IANA registries. </t> <t>This document is entirely about changes to TLS-related IANA registries. </t>
<t>IANA is requested to modify the note applied to all TLS Specification
Required registries instructing where to send registration requests as
follows:</t>
<aside>
<t>RFC EDITOR: Please replace "This RFC" in the following with the RFC n
umber
assigned to this specification.</t>
</aside>
<t>Requests for assignments from the registry's Specification Required
range should be sent to the mailing list described in [This RFC, Section 16].
If approved, designated experts should notify IANA within three weeks. For
assistance, please contact iana@iana.org.</t>
</section> </section>
</middle> </middle>
<back> <back>
<references anchor="sec-normative-references"> <references anchor="sec-normative-references">
<name>Normative References</name> <name>Normative References</name>
<reference anchor="RFC8447"> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.844
<front> 7.xml"/>
<title>IANA Registry Updates for TLS and DTLS</title> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.211
<author fullname="J. Salowey" initials="J." surname="Salowey"/> 9.xml"/>
<author fullname="S. Turner" initials="S." surname="Turner"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.817
<date month="August" year="2018"/> 4.xml"/>
<abstract> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.812
<t>This document describes a number of changes to TLS and DTLS IANA 6.xml"/>
registries that range from adding notes to the registry all the way to changing <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.434
the registration policy. These changes were mostly motivated by WG review of the 6.xml"/>
TLS- and DTLS-related registries undertaken as part of the TLS 1.3 development <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.746
process.</t> 5.xml"/>
<t>This document updates the following RFCs: 3749, 5077, 4680, 5246, <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.546
5705, 5878, 6520, and 7301.</t> 9.xml"/>
</abstract> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.915
</front> 5.xml"/>
<seriesInfo name="RFC" value="8447"/> <xi:include href="https://bib.ietf.org/public/rfc/bibxml/reference.RFC.899
<seriesInfo name="DOI" value="10.17487/RFC8447"/> 6.xml"/>
</reference>
<reference anchor="RFC2119">
<front>
<title>Key words for use in RFCs to Indicate Requirement Levels</title
>
<author fullname="S. Bradner" initials="S." surname="Bradner"/>
<date month="March" year="1997"/>
<abstract>
<t>In many standards track documents several words are used to signi
fy the requirements in the specification. These words are often capitalized. Thi
s document defines these words as they should be interpreted in IETF documents.
This document specifies an Internet Best Current Practices for the Internet Comm
unity, and requests discussion and suggestions for improvements.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="14"/>
<seriesInfo name="RFC" value="2119"/>
<seriesInfo name="DOI" value="10.17487/RFC2119"/>
</reference>
<reference anchor="RFC8174">
<front>
<title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</titl
e>
<author fullname="B. Leiba" initials="B." surname="Leiba"/>
<date month="May" year="2017"/>
<abstract>
<t>RFC 2119 specifies common key words that may be used in protocol
specifications. This document aims to reduce the ambiguity by clarifying that on
ly UPPERCASE usage of the key words have the defined special meanings.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="14"/>
<seriesInfo name="RFC" value="8174"/>
<seriesInfo name="DOI" value="10.17487/RFC8174"/>
</reference>
<reference anchor="RFC8126">
<front>
<title>Guidelines for Writing an IANA Considerations Section in RFCs</
title>
<author fullname="M. Cotton" initials="M." surname="Cotton"/>
<author fullname="B. Leiba" initials="B." surname="Leiba"/>
<author fullname="T. Narten" initials="T." surname="Narten"/>
<date month="June" year="2017"/>
<abstract>
<t>Many protocols make use of points of extensibility that use const
ants to identify various protocol parameters. To ensure that the values in these
fields do not have conflicting uses and to promote interoperability, their allo
cations are often coordinated by a central record keeper. For IETF protocols, th
at role is filled by the Internet Assigned Numbers Authority (IANA).</t>
<t>To make assignments in a given registry prudently, guidance descr
ibing the conditions under which new values should be assigned, as well as when
and how modifications to existing values can be made, is needed. This document d
efines a framework for the documentation of these guidelines by specification au
thors, in order to assure that the provided guidance for the IANA Considerations
is clear and addresses the various issues that are likely in the operation of a
registry.</t>
<t>This is the third edition of this document; it obsoletes RFC 5226
.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="26"/>
<seriesInfo name="RFC" value="8126"/>
<seriesInfo name="DOI" value="10.17487/RFC8126"/>
</reference>
<reference anchor="RFC4346">
<front>
<title>The Transport Layer Security (TLS) Protocol Version 1.1</title>
<author fullname="T. Dierks" initials="T." surname="Dierks"/>
<author fullname="E. Rescorla" initials="E." surname="Rescorla"/>
<date month="April" year="2006"/>
<abstract>
<t>This document specifies Version 1.1 of the Transport Layer Securi
ty (TLS) protocol. The TLS protocol provides communications security over the In
ternet. The protocol allows client/server applications to communicate in a way t
hat is designed to prevent eavesdropping, tampering, or message forgery.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="4346"/>
<seriesInfo name="DOI" value="10.17487/RFC4346"/>
</reference>
<reference anchor="RFC7465">
<front>
<title>Prohibiting RC4 Cipher Suites</title>
<author fullname="A. Popov" initials="A." surname="Popov"/>
<date month="February" year="2015"/>
<abstract>
<t>This document requires that Transport Layer Security (TLS) client
s and servers never negotiate the use of RC4 cipher suites when they establish c
onnections. This applies to all TLS versions. This document updates RFCs 5246, 4
346, and 2246.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="7465"/>
<seriesInfo name="DOI" value="10.17487/RFC7465"/>
</reference>
<reference anchor="RFC5469">
<front>
<title>DES and IDEA Cipher Suites for Transport Layer Security (TLS)</
title>
<author fullname="P. Eronen" initials="P." role="editor" surname="Eron
en"/>
<date month="February" year="2009"/>
<abstract>
<t>Transport Layer Security (TLS) versions 1.0 (RFC 2246) and 1.1 (R
FC 4346) include cipher suites based on DES (Data Encryption Standard) and IDEA
(International Data Encryption Algorithm) algorithms. DES (when used in single-D
ES mode) and IDEA are no longer recommended for general use in TLS, and have bee
n removed from TLS version 1.2 (RFC 5246). This document specifies these cipher
suites for completeness and discusses reasons why their use is no longer recomme
nded. This memo provides information for the Internet community.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="5469"/>
<seriesInfo name="DOI" value="10.17487/RFC5469"/>
</reference>
<reference anchor="RFC9155">
<front>
<title>Deprecating MD5 and SHA-1 Signature Hashes in TLS 1.2 and DTLS
1.2</title>
<author fullname="L. Velvindron" initials="L." surname="Velvindron"/>
<author fullname="K. Moriarty" initials="K." surname="Moriarty"/>
<author fullname="A. Ghedini" initials="A." surname="Ghedini"/>
<date month="December" year="2021"/>
<abstract>
<t>The MD5 and SHA-1 hashing algorithms are increasingly vulnerable
to attack, and this document deprecates their use in TLS 1.2 and DTLS 1.2 digita
l signatures. However, this document does not deprecate SHA-1 with Hashed Messag
e Authentication Code (HMAC), as used in record protection. This document update
s RFC 5246.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="9155"/>
<seriesInfo name="DOI" value="10.17487/RFC9155"/>
</reference>
<reference anchor="RFC8996">
<front>
<title>Deprecating TLS 1.0 and TLS 1.1</title>
<author fullname="K. Moriarty" initials="K." surname="Moriarty"/>
<author fullname="S. Farrell" initials="S." surname="Farrell"/>
<date month="March" year="2021"/>
<abstract>
<t>This document formally deprecates Transport Layer Security (TLS)
versions 1.0 (RFC 2246) and 1.1 (RFC 4346). Accordingly, those documents have be
en moved to Historic status. These versions lack support for current and recomme
nded cryptographic algorithms and mechanisms, and various government and industr
y profiles of applications using TLS now mandate avoiding these old TLS versions
. TLS version 1.2 became the recommended version for IETF protocols in 2008 (sub
sequently being obsoleted by TLS version 1.3 in 2018), providing sufficient time
to transition away from older versions. Removing support for older versions fro
m implementations reduces the attack surface, reduces opportunity for misconfigu
ration, and streamlines library and product maintenance.</t>
<t>This document also deprecates Datagram TLS (DTLS) version 1.0 (RF
C 4347) but not DTLS version 1.2, and there is no DTLS version 1.1.</t>
<t>This document updates many RFCs that normatively refer to TLS ver
sion 1.0 or TLS version 1.1, as described herein. This document also updates the
best practices for TLS usage in RFC 7525; hence, it is part of BCP 195.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="195"/>
<seriesInfo name="RFC" value="8996"/>
<seriesInfo name="DOI" value="10.17487/RFC8996"/>
</reference>
</references> </references>
</back> </back>
<!-- ##markdown-source: <!-- ##markdown-source:
H4sIAAAAAAAAA+087XIbN5L/8RQ45sfaVyQlUpQsKblsJJGOtZZlnyjH50ql H4sIAE1NJ2kAA+087XIbN5L/8RRY5sfaVyJFUtRnUtnQFB1rLcs+UY7XlUqp
VOAMSE40HMwCM6KZyKm8xlXdVd2z3KPkSa67gZnB8EOSc065smtXYksYoNHd wBmQnGg4mAVmRDOW3+We5Z7suhuYGQw/JDnrpO72rNp1JAzQ6G70JxpAs9lk
6E80gFarxbIoi+UhPz06P+IXchKZTC/46zQUmTR8rDS/PBtykYS8Dz8wMRpp WZTF8oSf9S/6/FJOI5PpJX+bhiKThk+U5lfnIy6SkJ/CL0yMx1rentQaN49l
eXPIH/UfY/vaUSxUQSJmADTUYpy1IpmNW1lsWnoc7Pd6T0aRaXV2mclHs8iY oQoSMQfQoRaTrBnJbNLMYtPUk+Co1zscR6YZY8eMJfl8LPUJPz7qHTI1NiqW
SCXZIkUMBpdPWQAAJkovDrnJQpZbgIcchzGYdoexKNWHPNO5ybrb2wfbXSa0 0H7CcgvphGN/ZvLxPDImUkm2TBHj4dVzFkCHqdLLE26ykAFieyxKAVSmc5N1
FIe8MZRBrqNs0WBzpa8nWuUptF5qkZhU6YyfiYXUvOp1LRfQMYR5k0zqRGat 2+3jdpcJLcUJHw0HbKH0zVSrPCUC2I1cQkt4whjOc8K77e5+s9NmgUqMTExu
PmLLbmSSy0PG+f0gOLeYN97AjFEy4d/iEGyfiSiGdiD6G6S+rfQEm4UOptA8 CI5kJgNSr0WsEui0BNLMXOjs+p+5IuwSxdLohP+cqWCHG6UzLScGflvO8Zdf
zbLUHG5tYS9sim5ku+i2hQ1bI63mRm7B+C0cN4myaT6yAOeTrYqPDcZMBotz GBN5NlP6hPEm4/ATJTDo7y0+AogLuaQ2y6m/K1lrVXoqkug3kQHRJ3ywBC71
JWKVACYL4L6ZCZ1d/T1XxLlEsTQ65N9nKmhyA1RoOTbw02KGP/zAmMizqdJA 9Q19knMRxSf8VyV/MHZEK5FZbYpRi1/lOpHam2EkReK31mcwyZ4OffAGuv9A
cAsm4jxKYNDf2nwIEOdyQW12Mf+mZK0VkBVJ9JPIYAUP+XcyEeOIPkhL/Y9K ra1AzRlLlJ5D31sJPIuSifdXs9nkYgwCIIKMse/+An/+DCstw1/48/dnvMnf
fmNs/zawtzbBsM0vc2C69uAPpUj81jp8k+zo0AdvoPs31NoO1IyxROkZ9L2B Sb6I4piHimczCZIVA9ZRMuWLmUz4QnLg+q3Umf0axZJnil8+H/zj1TmCd2LF
tWNRMvZ+a7VaXIxAQkWQMXY5jQwHCc1nMsm4kzCeTSUPpiKZ4M+qJvNWyLUV tYzlrUgy/vby3GCXMYyMo+BGjGFIlNDwF1evzkk835w+5yrP0jwzgOH3jF3N
8ggYPBOhBDL4xdMTEsw2P824CEPDBU/knN+IOJe80W+Q+oSRCVSuxUSGDCDj IgMoBPlcAgwnYDQmmIlkKgkk/rku4NoKeATrPxchzQXokWy2+FnGRRgaLngi
RBcSMIbpQxnyQMX5LOFqTF+MjGWQQTPOW02JuDA3Q+OExmaNYigAFXHMgTgg F/xWxLnc4Y3TBmlQGJlA5VpMZbjDHPzGpQSOAhahDBtAe5zPE64m9M0AjUEm
1x+UTUUGlIIIZEzEoCXhgk8F9FkF0uZPowSgLJo8qjGFOXi0CgD877k0Ga4h Q0KimhbxYW6WxoAGZ+VQACuAu8B9WA9/UDYTGTI9URkTMahCuOQzAX3WgbT4
aGCAbaa9iaUle+wKzKIwjCVjX6DCaRXa4cuDC8jGch1om4nr2tIAj/PZCPTQ 8ygBKMsdHtWYwxw8EhMA/s8c1BaFDNQjwDbT2sbakkVWROZRGMaSsW/4WZJp
sQz7MY9qLWOBHMRV3KC5/BGw97FdYJGJiRYztrkvysBjkNepNBUilsia2KBY Fdrhq4MLyMZyHmibi5vaEgGfyWgULMN+zKMaxEQgB6HrlRaJSUEt+blYwoiR
gOTxn3/+FyAdKX//Hmj/SpgI5AWU8jpU8+TfGqNYBdeNr0GWkUOD/unlywt+ DHIdZUv+BNj71C6yyMRUiznb3hfl4Cko1EyaChFLZE18UDRANfjHj38B0pHy
/vJycMhfxVIYXMOZurHAYe2kXcixikGXgN1fbRHEr+8EjfBI/JA9h7zOZJPK T58K5phUBtEkCiwbHycvfJO8sEfLC79fXti98sIfkpfNdMVG1TTrMcLzDb+S
IBojszy+4my6sOTwu6UQbdwSjZxo9EisEKJpHPTAisxD9IKv6gV7sF7wu/WC eh4lKlbTJYKVHKwzR/NseOPV29FVY8f+l1+8pt8vh//59uxyeIq/j170z8/L
3akX/D698GkqKIqNqtmNh6jIF/xS6lmUqFhNFghUcnBAHD2Q4Y0Xr4eXjab9 X5jrMXrx+u35afVbNXLw+tWr4cWpHQytvNbEGq/67+ELsq/x+s3V2euL/nnD
F5cOf74Y/Pvr04tBH38ePjs6Oyt/YK7H8NnL12f96qdq5MnLFy8G5307GFp5 2hZfSsGvOAMUJZnUqZa4BgI8nzSBjsbwB4x5Nnjz3//V6TmB6HY6x58+FdLR
rYk1Xhy9hS/IvMbLV5enL8+Pzhq4rFlNTMCxIhNHuOLgIlMtcQUE+HdpAh2N OezBH2gA7WwqiZfuT2Dckok0lUIjFNTtQKRRBtyFvsDzmVokfCa1BO79x8/I
4BcYc3zy6n//p9NzYt/tdA7evy90oPOkB7/MpzKxs6kkXrhfgXELJtJUCo1Q mV9O+HfjIO30vncNSHCtseBZrZF4tt6yNtgycUPThmlKbtbaVzhdx7f/vvZ3
0IIFIo0y4C70BY5PQaL5VGoJ3PvX75EzPxzyr0ZB2ul97RqQ4FpjwbNaI/Fs wXev8bu/xVEiebNz9Dew5CAy5BLQhdSN6YCE86+G/4RqZaw0+fK2vpSeIm8y
tWVlsGXimqY105TcrLUvcbqO79Hb2u8F373Gr/4aR4nkrc7+X0GXQGQonsK4 zDtM6WhqbSNqlF3Zjx9LDSd1CmHxEa4OPYXeAWMQkmoAnqRbwn7lOH+l6GRa
ouFpRoOfkGj+xfDvUKGMlSZf3laX0jNXq86nyZSOJtb+ozbZdfVUnFQphKVH eIpKkKEY3VrcnYZv9BYgf+AZ358wiIXsHIX6kkWE8AgU1/Aymim/2RAhk3PE
qDq0itxETW6CwQtJMQBL0ivh1Bxmb/QrFW+QAeUpKkGGYnRjcXf6XSfQKTDI wVsQxAFaSArn4Pk9aMIYFURoUmnwXKK9iwxBmICzQLOF/dJcp8pI+nsxi4IZ
H3jvt4cMYzSapVBesvsQLoLagg0DimVi8uqbjTMyOUMsvAVpWztIUjiD8MGD epIFYBHKCSxe2KLhA0B9ksccrQvyxVFZLIe1FAVIfy4bychAGiMg1ASu58AS
JoxRQYSOgwbPJFq8yBCEcZSRxcJ+aa5TBSYaf59Po2CK/nIOWIRyDIsXtmn4 TQGaxTNNIRgQ4yhGq01wgYIShJ3+qmAPMD8OAQvH26qfo5zsXhzBkji66+DH
CaA+zmOOtgU546gslsNaigKkP5cNh2QgjRHODANLNMV4Fs80jYEToyhG30Rw eWZjmlSr2yhcnR2wAh4DPRYaAShMA6j70kIWViQdCypigfqKUFxDsKBgZywL
gYIShJ3+smAPcD8OAQvH26qfo5ysXhzBkji6a+CbfJQDcRGoZqrVDbqa+vSA gD0RgM0Nav/FFgmgFUYJQFM+lhBlSZQq8otjG2CWgmL5tyo6FOckqqIEQjwI
FjAZCLLgCEJhG0DfFxa0sDLpeFBRC+RXlOIiggkFQ2N5APyJAGxuUP3PN4gA p0oZMjng7/PaFxSP69y5d2lxKeiK4qWTJpFUs9dlKxYL9IIkk9QF0KkkWn4A
LTGKAFrykZQJlyhW5P5HNkgtJcUycFl2yJ8lqqIEAkWVV0JkcsDfZ7YvKR7b z2JWVnUeTWdu7TzZVzyW5MYSyxgI4W/IXIMHaAD8kh9jYaJyPRwPb1FKnSCs
CwcrLS4FXVG8cOIkkmr2unDFYi7DphVK6gLoVCIt34FrMUvLOosmU7d4nvAr ypiGZQAN9tcIFuX0vkVZV/3IEEI4jRVKEBFYXQpgQLKSLJos65rnYFpitTR5
DtEDerGEGGMoLiCDDT6gAROUDBmBv6YFQRYDGBRRJwXLAqZhCUB//fWBBenf jE4VRRECYfgaEQFL8lIICRKSHNRRWAESEHGLGx7oZZopCH1S0FVwMpBKRdmM
tSDIiErxHWsQF5zGSiSIB6ws+X2QqiSLxou62jmYllAtTR6jR0UxHMVIWkRr hE94C+HNFAgA5nIMcHoKLFbBiWrqBOQ8jdUSRabF32GAX1AninBgyeEj/OsQ
sSAXhZAgoclBF4UVHsHnUlzzQC/STEF0l4KigoeBvBLyKBI84S2CN1MgAJjL QlPJJUwudWHxJuDckkA2uDMEazEM+bgoCeIcxNTkEwhBIvjusHPZiaJYJwTf
UsDjKTBXBSeqqROQ8TRWCxSXNn8D3qykTlQRFHyEvx1Cv/36X/3ffv3vJpeA jPEFJCGzpRUzhxDKOSkHLSuuxtk8jUnawbBQzI3wgGr4yzk8XGrkN8IBn4Ry
gNTODo/BuSUgKNwZAhd7GGfgObm4KAniHITU5GOIqSL47vBzGY6iQCcE14zh pAt0ja8CCyCoWvZMORtQ4EKBowIhsTaAbJkzm+WgysciHwq3XsgHSNpIZpnl
hQSjtLBC5lBCKSfVoIXF9TidpTHJOtgVSiwQHtANvzl/h4uNHEc44JJQiHSF rPUrQG3jPTEN40nkHQa1NIX1QdJ1nGg197u65Gmjr8GwLQIpY6RhI7S3AkOz
racAcyCnWvhMOQtQ4EKRowIxsRaATJmzmuWgysUiGwqvXkgIyNpQZpnlrXUs PnlUS+fwQ4r526W8jSCmBaBnw9GPvJ+idRRxGfN0DyAi5hcUXsZEY+kdMHCu
QG3jbQM7YySJrMPInaawTki6jmOtZn5XcoobXA1GbRHIGSP9GqK5FRiZHZFD YEMwHtxgAgFWQ1pVGGOwm7EaiS3eB1tKvELjolCEFhH4IBeWorM2OIw4c9Gw
tXQO3oE4ZLBuNxEEsxhaD4bf8qMUbaOIy5CnuwcxMT+n2DJ2muicA2YHFWzI ntbRBS5lHIvkhryN9bnOS6PaJLCU0RQQw6mAeqlv4fc8icF8VVEvBgUAHqPY
OIJrzAHAZkirDCOMdDNWI7HNj8CSEq/QtCgUoHkELqiI4kPUOBhGnDl3jtbR b7jHPKRR8o/fgH9pAmbyE2NDtFe4Cl7A7YJr7IF23ZpAkXh+cdOKQK5m1cLP
BR5lFIvkmpyNdbnOTaPiJLCU0QQQw6mAeqlv4Oc8icF4VWE8RgUAHoPYL2rR etCo5MbY8IQyg3xsMOAGy22kDX52bOhD00VFChMyWkEBvUDsQYoLR1VIDMqH
wznmJj9/Ae6lhWnKe8YGaK1wFbxo20XWlMioxBlAkXhucTUigXTU6oSf2KFR lRphXO5uIPj4eEKbIJ/Y90QsWLx74pXaKlCKuckjEPGM1gB6lC7gWw4JBKws
yY2x0QklBfnIYLSNGY10kQ+FPTRXVCRpIaPlE9AJZB5EuPBRhbigcFiREaZI jYvud3aM9DmbaZVPZ5VHq5wBSCTOt0MDNpp18DiaRYaMHK0lOSAUkmLZUf3A
syDwQPLgHzB04/VCU2M7Jc7rHABRy4jp0KO0+F9ySBhgKWlctMGUOnPhXBwj GhppWvw+splHNtq4LU6APPD9ur4DiUUKsHFN8tSJCih2Tlbu25pVwhn+anyr
Pc6mWuWTaeXHKhcAkojTNmnAWoMOfkazyJB5I36T20HhKJYb1Q7soJGmzZHy hLgHscBstkXRMyaLww9AHm6pXS1T6eLlciePsTNIMTXaJEAeQGGWWUt277MY
TSrDPOqBfxusP7ndu1W8CelECqBxNfLUSQjoc07G7cuaMcIZfvv1P41vjhD5 oBbKZoQ7jLJ45LWTNjtqGwKNykXUhK3J++GvuSnG19JKWtEw19LP/I2zjNtx
IBaYq7cpasYUcfAO6MOtxctFKl2cXO5TMnYKiaVGYwTYAyjMLWtprhOwNfs0 9MGjaf6XbKn1Y59pT3HM77epPzuL+kvLsgclVVSrbjcPaokOuRjLvqLTzEbh
oA3K5oFNRjsUkSlSPqvCXqS9EZHSSdTkrcWPwh9zk63mlLSuYa6lv7lhnF3E rWqXLdyOeOnRChmII1qRsQQ2giYME7tFxiF/lyn2jLQN0yhRA+5QWg0hl7Q9
3uBfPFzB05To+hP88ssvZKD/XxaVIHyoVcUxv9+yfu/s6g9tIoEYFZKvdUJg 4WMg0yqDKJod96p9wgx3+DDUK6VJPEyvg2pKuEDlHYkZv6uEj1+IueTbf+5q
9w9q+Q65GsvIotPUBuO4HeV2qjdjXjq2QiJIoWiNRxLYCboxSOxuIIdEXqbY Zv2O3Z008cf954GfO/+PExjcA4CQiyZowcLr2VwEm2Ysfk5xvl6b310W/mcr
OdI2XKOMDThE+TVEXtL2hI+BTKtUomiOErdGxGwBUQaGe2uFS9xHt4NtSuhA kvUhB589ZH+P34ERSaynuI5C/gQsDrgvRPTppiErEuP7sHukR37IbP5cesZP
7S1JHb+tZJHf8+e2Jvm37PawhX/cP/f8ufV/OYTBPQAIqWmCBi68ms5EsG7G JHzOo/E6c3bcOtelAcMub2+sjBXtRCd8lmWpOdndXSwWrUgEuqX0dFfoYBbd
4k8f59vd4beg94m16ldRyB+BkQBHgyAerx3S2+a3F4UL20hXfcjehw6pJMd3 yl2I8AWFvt12p7N72D7ca+8dHJW/tNJwUsNnoXjJShckQCJ0K+9BrVL+rajh
Z2vMhJUf+S6zmXTpIt+T9DnnxutcadLyYnslDhh94SqXwaKb4JAVNYT5fN6O FrvDqIXVkRLF3bmZ7lKpRE7h/6j6u/vPTg+6L549/1Vd98275vsjNfspfzeU
RKDL2kF0I3E/TlD0293udLaebD/Z2d7Z2y9/aKfhuIbHHGdwjHBRAuRBN3Ij nenZbmnOB1GK8fMI0rKaHR/JWwjTcQeJqiWoXhBaBLa3sb0x4PH9EWrOVCY0
SqWB3ITW5tLGzEy2qBgkJ/A/avzW7nF/r/vs+OmP6urIvGm93VfT7/I3A9mZ Dl0dbT5r6edNEHsxNqhBIX+M3S/enp+DzhGXUcPcjmKRKbvId2JzG4Eu1xYX
nG6VJv0kStEXDiEjq9nyobyBKB13j6hyhBoFcUVAvY3tjMGO75RQSyYyoWHo MJiSYPRoPxOQBLJa/I1WmQL2uS1N66htzIwoqQnoMUYsFKsxclZkXlenQKwx
7mh3XUs/YYK4i7ETHwh5Zux9/vrsDNSL+IvK5HYSixTZBb1jm9gI9Lq2NoFx xnGbuimlL+AP7bYuqzNk1f3aJVWl118lvWLM8B9vXl9eERtslkX9LPILiXwu
lARLR/uYgCIQ1eavtMoUMM9tZVpfbUMZxEiNQWUxXqEwjZG7Ipu6PAUijRGO tQqAMly5TqvjAuTeXu+A9GEbdJGssxN3E7DKhJQ6p4ucYbd5jCs4ttUUlTRT
27ROKXcBj2i3rVmNHcse2K6mKv3+EuEVVwb/8erlxSUxwSZYthuhPpfI5FJJ gWFelkFkbXa2IMQdQmwFoctBD4MW4RNFINDg1gDYgYe9g30aeDoc8WKD5gzT
ASbDVeu0Oy4y7u309kj+3UKuQBfJKjNxEwELVEhnsf2KfNKS3eQxriCYS1QQ qoRQBMHCjXdwGaWU9MsM9MnZ6bD/lJYXCcXYBgjVAJ+WT26Sz020WFT2ewfH
lbRSgVFelkFUbYpedYy4w4gtYXRx0kNTK3yqCAKa1hoAO/BJb2+XBvYHtkx0 mHW8Ot13gVa/2SHgtFuNM/wesMedfUvhHx8o1VT7a4T0NUIiofri0RGvF+KK
2h8c0XSIOwYsgLuGEbQecp28LSFX1Q12e3sHNoHQOP2L/i46xOGzo1bH7WGg BA3gUgUO7cxKobSBlbHm65deUeiOFxHWKWWRVrcf/tkSZj0yztoYcGG8xdsf
dV8lzY4+6OxazD5HOJ8jnH+SCGepuFXkYFSFv7YmZKnMhRW91svnVY3nlhcx 2u2d9ofOEGYAZK9fXj7bv353dvXiGizT9eDZ4BrswWpcdMq5N7bbXhsL5vC6
ku9l+LmYyd8TKD0wUlobMmHExLffbW83t991BjAD4Hr1/OJ49+rN6eWzK7A4 0z16xNjO2lg0bo+cuLsVaTRm94/tbUX64bH725GuD94w9sAfa71hHfVe21J+
VyfHJ1dgEJbDlD7n3tju9spYMHNXne7+A8Z2VsaihXvgxN2NSKMxu3tsbyPS ZwPPcuDhtoGXg64/cHXc0fZxvW1jjh+BJFK6Oq7/CBw3jXv2AI6bxgzcmDej
94/d3Yx0ffCasXv+WOvm6qj3ti3ltzZ0LAc+2TTw4qTrD1wet795XG/TmIMH l7YvhlWbqDnqr/b0xXOl87P2NrDd/YO1zp1tnfeOel7nAXZuFys/HJy+GOK/
IImULo87egCO68Yd34PjujEnbsyr4XPbF6OlddTsHy339MVzqfPx9iaw3d29 o/5WxO2Iw20jNhNAgzrt2qDLhybpdDb3v2eKvb3akAfYaoccbx6yDau9/v39
lc6dTZ139nte5xPsvF2s/OCk/2yAfw+PNiJuRzzZNGI9ATSos10bdHHfJJ3O 64thhzy7f8iGJXlWGAELcQvgZ/tVLwBSh/UlszyXqYzyFI9ZAMQf8TzWn7vp
+v53TLGzUxtyD1vtkIP1QzZhtXN0d//6Ytghx3cPWbMkx4URsBA3AD7erXoB tDr59nDKJ7seTSlIQagA6eoPX8Oj/w/h0bbYZkPkgv+z4QcYH9x87xzs3XRK
kDqsj5KnubxjmKd4LATG0OmuT7ONtILEpgDLc/v1AEtBYkEFRVdQ+Bwt/XNG vUO37lp11brntXbL1l7Reuz33fdaq74HrrW75892WLV6EI7K1mOvb8cBTjsH
S7VgJ4eMf10Qg//ZSATsEO6td/Z2rjulCqKHd626at3xWrtla69oPfD77nqt bb/5oGr2YHQOveYKjc5R0Xzc9YEcV80eEIqusLnb7fk86lTNZe8vu+V0Kefq
Vd8919rd8Wd7UrV6EPbL1gOvb8cBTjt7237zXtXsweg88ZorNDr7RfNB1wdy thDXYRzjegYcMsFbyafOONAUVCxbNQMgT2VaZQoZcxtHUgSzooBTiORDm0Y2
UDV7QCjQwuZut+fzqFM1l70/0v7RRXU+rDGI4yiF5JgHtJh0aNU0LHyqgC2b pAaoq6XOatMIKBd4yPJG6mrTaC4lasdup3O0OwfW6AjS2l0TQ8ZsmtC4eu62
ApClMtsyhXy5zSApgmlRlSnE8e6NIBtRA0xXvFzZCAJqBZ68vJa62giaSYla 3fYqAGQKNT8XoIG+Hd5+VHJLXlkoYMOHyyxc38SC+vrQHjDkrXurBzXkt9vx
sdXp7G/NgB06ErHZMjGkzaYFjcunhbe3vZ19MoSanwnQPN8abz7YuSHVLBTP Admae7NiWuBR7STbpbWxoS3c1i1pRUWIFamvjmDVETg7DlY8zdas+CZCNpj2
B8sc2Mq+gtL6sO405u0HZszrSVi25Sdka+6kABd4WDtvd2FtbGirsXVLWtGC NY/yL2r7NlBaxbLUVcsnu+2KG1ylJLU21DuvVkbbTUiaxAGizTHvPODHjyO7
RafPvmC9L3CGfK0ZX7P6ayz7x9Jzzyv5cLSKZamllj12IxV3rUx1UNRVMA+p v46mE0Z5p0SHt1S2dFXLyFTiXBZKi41NUT90SWVFtj65X3O3R5UAnEqmuMma
IOwPsvuJtM3ixtNGl3eorzz81cSDsLQaHTrrObihEqSrQEaeopS1z2KHUtRP uK3eUiHwcBEsc7mnWNokwdN8DPEOHn67xU1r3E+szY81eGa39mTWPMUD//yJ
gtKRP7Y6tV83t4eNAJxKJrhbmrgt21L+8XgQLGi5PVgaIcHTfAQhDp5gu8G9 reEaiJXIwePaJrgRbaGZWbGdiSx4yujISeV6URtFQsV8bkqBHqsQDycnYU5s
Z9wXrM2PdXRWP+vPH9myrIHwiHQV1zHB/WQLzUyLnUks0z9mdHCk8q2ofCKh wV1BMABRPt9heRIBbEMHr6IMrKzMghbVnOmQUiw9d+5OqcGKXlUrPhfLkva5
gjw3pfCOVIinqJMwJ7bgbiBoe5TPmixPIoBt6OhUlIFRlVnQpr08e84olp7D 0nhksBmC8M6cLJgdOvBlRVk4vWFmRsd17BErcAE3MnFUgWAqbeyxqUq2rL2K
difNYB0vq3WeiUVJ/ExpPPbXCiGImDoJMPbMlpVa4ZSEmSmdurGnpMDkX8vE 0V616MwSc9PTRiRQgCcWvLo29bTbrljkp/NBYDesHqkJS6HNktcfDc7OMKrC
kQXCqLSxJ58qibLWKUbr1KZjR8xNT0dfgQR7eLisVVNPu4OKtXo65gNGwqqM I/i43TyGdU3IupBWNGzOObxstFwYhDvcrJrXHbBSiTcrnQIGtshJ9AGpwA0g
GrMU2ix5R8OT01MMovAsPm4dj2BhEzIlpAoNm2YOLhptF/LgZjWr5nVnpFTi uyiWBEau7oPAIzM7ts3wxo1cWts1FwbJBR+uZSY0tArrKMYRWJjEuWC8muCs
zUrneIEtchy9Qypwx8euiiWBkWt7J/DcS9O2Gd64lgtrqGbCILngq7XMhIZW OmqVf0a5dIStssYBzLJyJzkWjf/c1GFt9q9bsV9dzFp2+0KYWVXK8EIqKqy0
YZ3DKApDmTiPi3cUiFg69VAdMa77vXZZrQB2WdEDm79IP1H1eRWLzxuzf373 CYei6rNaXHAm+/gYTPa3rleXbDejk+ZUlaCDKGoOPIvmssV/j9yzdbnn2+W+
0v6o+e0zYaZH5dk4P5wiI29LJtuEQ1HQWa71OBN+cAAmvOl6dcmWMzo8TkUP RlEl8+zR+XIp8n9spPR/Uo7fPpLb1SnzjQeNeN1EPDpTxXs5fGWPfe3QAscU
OmSiUImimWzzD1cCtqoE67OiJSXYQOBDE+dSAf74eOlPKtGv7+K3f6XEpqtr LUHfcMffc5fW8nm4X23iUko7EyvZ7Ex0u9WmVM810Q7U+yqPnQm73fS+SmJn
TxPxur2octQ+hSW20rp+u53zpe32lRMIHFO0BH3GLX/LXVrLZ+FutZ9LKe1U Yr/TLZswn8QrQxGIQuBaPe5/kT0pCp5ARr+E6u78r1HddbK+6u8frL/3sXyL
LGWzU9HtVvtTPddEm1Fvqzx2KuzO09sqiZ2K3U63bMJ8Ei89RSAJgWt1jP8I EgNNm/z83eN1eLVMtlmF8fTAcq5yc8cvSjXWRpSKhioX0t8XpRLLIPR64I6P
+1MUT4GA/kMr8Roq9WdN/oM1+Q6mb1BnIGmd+799uDYv187WKzOeFVjMVG5u DLv7+7SbU6mnDHu9o0qHUZ2nEPrrvV6n3W13utdW6y3Yg/21z1bdL76gYruI
+Xmp0NqIUuVQ+UL6/bxUZxmEXg/c+5Fhd3eX9nUqRZVhr7dfaTMq9gSyA73T McZT4V7kRmcNz+yp+ggj5X8HNX+Qygb7/F3ur1r/GVr/8Ao8aAQ2moDP8OOP
62x3tzvdK6v/Fuze7spnq/jnH0XFXSwZ47FvL5ajSvupPTgfYRT9qRT+j9P3 MAJO369xq2BF6U3RWGk+9oTUT4bX4az80HO91z7suxEynUHeq0UMH68vh6Ph
e2lmH7wD/ln9P1D975e7+6zBWlvwAa79AdbAKf4Vbissab8pGisTgD0hS5Th 5U/D09oWNQ6/vxftCU8wXf7tN3Edzs0GQL3CNtWpOdivYQ49KhQPDsoxm74e
VTgtP/Rc75UPu26ETKeQImsRw8eri8FwcPHdoF/btcbhd/eibeIxZtY//SSu OqtEAGv26sj/8keZqjfm5qVcDj9Ys/BKhfJPzW7Xp/89pbGvRuNPTFm/gNCV
wplZA6hXGKk6NXu7NcyhR4Xi3l45Zt3XJ848EcCa4dr3v3x8m/XKXD+Xi8E7 0cooQIX8c0ux9bm/itu/t7gBSTR1Wd6yd7UZWyvLbnqwoF4xq+49kYBsu03i
axleqFB+kgR4DRqf7cY/bkq7FBEPA9TIT1OwXcLhs9QtS93vK2j+iUQR1Ioq PvWrQ8NN+7ZDcaiYX8ipyiIrTU/6528unlbfzk4LAAMBEhqeVdcK1+fwNwcB
v+WTAvZaH1svP859rnnEoF51qy5EkfxsOoHpPh1VB4pb9l2L4sAxP5cTlUVW fQgY6bka71SrB+6hYKHo55/7LNoU3krKcERB+IC/UREIxHPCzlTNAypl0lal
2h4dnb06f1x9O+0XAE4EyG94Wt02XJ3D32QE9CG+pEd9eJU0eODuDetaq4e9 a8TTD/Z+Y3EA1w3iT/xP+AWHPXXD3hqpX4k0BdavU76e8LgPtZ2MYinoORz3
izaFl5YyHFEQfsJfqQik4ilhZ6pmW9mmLU/XiCco7LVHkEZ89aMYxB/5n/AL 6EwNg2KQFDobS5HxV3grbFrH3/sKDmoNA2tIXOu6Q3MfXp4+38Ds0ej85fD9
Dnvshr02Ur8QaQqsX6W8VPKKVvcF90BWGo/opR33ok0Nh2KUFDobSZHxF3h7 +esfn5+dD11R0RVC8ZQCboB7t+1wUz6OH/d2BqvkGe1JbZubyhIwkPIMusKo
bFKnwPsKfmwFB2toXOuq33MfnvefrmH3cHj2fPD27OW3T0/PBq4s6QqqeMoB U8CXbmm79GKPtGfFekxwcTXdysanblRmz7lXF7rPLuGXU2cryncQMq8gsaXe
N9W9i3i40R/HD3tRg1USjdYGN89NKdxU64CRlJnQ5UadAsJ0e9slJDvtDfqi GcxUFMjy9acA+JYqunweGfdyiFrQZynMsm6P6Z5ZOWD1MixL60f5C9Hwbl3a
qx15guprzIoWucPoy4XXwiiTui4ZsDHKkKYb4WAfXqnMHrWvLpOfXsAPfWeX UgrZbXqcJF5C8gX/USkV0PAYOKOT5EgmmlCg0l0yxpOoY0HXpmUwo8dEIne1
ykcYMq+SsqEwG0xVFMjyaa0Ag5JU0c33yLhXS9ScvkthFnW/QLfdqhHLl3FZ wUJ8EJB9eIO7qs4Y3yRIKKcLFHjCyB5cr86wIHfe/YiH+Es/6b0FoFWqI/to
Wr9PUEigd+vTVoHIedDLKPECkkL4R6VU+sOj6/YWLNpwoNFdccYjsyNBl7Zl Ea5YcWWTCnvCYDrnrpJWoNhgJiJtyhuO3nXW20jYZ5l2vCqjqx6ZAuNQBvRI
MKV3TCJ3tcJCWwGCLEAAWwQtw+varhA1wqcQEsoxAwUOOUpE5UgKD/rmW1y2 RrkCtcWxtwAL7+GeJbAC6qTV3oQOVZrZS68V65AaZdzFEOqBnAAJpXe48GUt
0l17LxBolWok2dW8isuiJCHCYIbprrBWoBgoQqRNedHSu0Z7Ewn7pFTTq4u6 7GXPTBTcpDuzeKPFtZMUX/rScmmfgwHhrDW7V2LcJYwxXWR1D2PAWuCSoAAv
gpcpMA5lQG9zVKyvLYu9hVg4KWPvODOrAU4d7B3sUKWZvW5bMQ7pUcZdS6Ee FF+IJZr/Tos/w0u49nIkcYnCAZGIH/AfPCXxrWW9/WhvWjJ7wr+2VjDTrxjn
yAvQAHoQbe6eFrMHO4pFodu6eJ3GtZMEX/iCcmGVBQSz1ux0yF0CGdElWvci PJGtaQtfi3EP1lAIhChKXTzgQQLHxkKXUUvjKZDYbYGxLAIKldB6oNfg+KJE
B6wGLgoK71zxuVigh+m0+TFe/7X3M4lPFJGIRHyDf+Fxji8t8+1He9mT2WsO 7VqSRWwXP+4WitG0d47p6jxjWxTUPj1iy7plxFQyTWhZ4orOdILnMPBpEi1l
tdWCmX7EgOuRbE/a+EyNeymHlBlRlLp4O4TEjY2ELlW08RhI3GmDPS7iGZXQ cyHljRNIfG4kUmHhz0V4i1oPnCUGa1sFXZe1Fn+hFljI3anbAoJRRn0Ix92V
iqBj4iJbug9lEdvCj1uFSrTsbWe6ts/YBuW0hW9bjC5jtpJpQssSVywNj/HE As7iZ8VsGbmqWK+Xyw2VYW11dSXQUxQB0bM4gJaBRkOXu8lw2LcNVl4iooL3
CL6KoqVszaW8diKJ75xEKixCBxHeoMYDZ4nB2pZuV6WtzZ+pOZafm3UzQDDK WFb1ZpK/8k2ngbtTYlUDJbBKqD3D5LgJsZwtWG+7KGKfxcDtHs9PuKu5s4Jh
ABThuEtawFn8rJgtfld19tUSv6HasS0JL8WaiiIteo8HS9HQaOhaOZkM+67C Wx5csNYwFVrM8XEAwwrUx1phRRlfU5FYW0atxBK63VXCZ8dsgd1EdMeneOCl
0qNOVKYfyapKTvJXPpl14m7AWN1ACaxCJ88kOW5CKGnL7Jtuy9jnOHADynNE Hprh8x15Ga2X8hKLKRaJZ5G7mjOH7BYfQyGPEt4KvDaMN/IJZ5DVeGkiuuy8
7nbwtGDYhscerB1MhQZngQVnVqA+0grL4PiMi8SCOGolFv7tPhe+6GaPBZiI 8j6CexuhuKMP/je4qVDZSrE79xdAMBMlNjr3b4eVl8BitNn4EE5xbwtvFK3L
bhgVL8vUY2R8NiQv04ZSXmIxwcr2NHKPtswgz8ZXWMibhDcC7y3jjR/CGWQ1 Dd7s1nZoXQqQQWvHF2ztfYnSxu4t+tuOkS5UZmu9n22o9/sXynYAUxed4lMc
XpiIrlsvvczgXmUoXgcABx9cV6hspNgdTAwgXooSmxz4l9PKO2gxWmx8gae4 xQlUMoz2sAIVIigQXpXMldfRkNgM7AASRO+xeFcy0AUWVeWVZ+vcE2xjEdyw
NoY3mlblBu+Wazu0LgXIoJVDF/bAwAKljd15UsF2jHShMhsPKbA1hxQC7w5Z /wGcVhjL+lEAAA==
EzB1ATA+A1IclCXDaI9YUK2EoohlyVx6fA6JzcAOIEH0Dkz9ScBWUQNfehFw
U4wyU6E9seAyCfcER/FiH0VePkdZaYb8aKt42AnPSOB7WLYCn4R1Ja5slGFV
gvmgx+e8d+fSWIAtaBBboENZY6/yj9JH43j7Eh8V79xDEkXCVj964z0RV/gl
6+1Ki2xWDisu/mI2RFBM07m4KpjAhx2KTAmdkD2dCDpXO9P0fUGVd6YJ89HT
cWEWw+Y6u1kJJi4mLTQygTgDdp+j3TcUhDCkB08CBSCUqeUpaiEEWnWP6Z5E
HIngmv0fSJbSfoRVAAA=
--> -->
</rfc> </rfc>
 End of changes. 109 change blocks. 
598 lines changed or deleted 365 lines changed or added

This html diff was produced by rfcdiff 1.48.