| rfc9847.original.md | rfc9847.md | |||
|---|---|---|---|---|
| --- | --- | |||
| title: IANA Registry Updates for TLS and DTLS | title: IANA Registry Updates for TLS and DTLS | |||
| abbrev: (D)TLS IANA Registry Updates | abbrev: TLS and DTLS IANA Registry Updates | |||
| docname: draft-ietf-tls-rfc8447bis-latest | docname: draft-ietf-tls-rfc8447bis-latest | |||
| number: 9847 | ||||
| obsoletes: | ||||
| updates: 8447 | ||||
| submissiontype: IETF | submissiontype: IETF | |||
| category: std | category: std | |||
| updates: 8447 | ||||
| v: 3 | v: 3 | |||
| ipr: trust200902 | ipr: trust200902 | |||
| area: "Security" | area: SEC | |||
| workgroup: "Transport Layer Security" | workgroup: TLS | |||
| keyword: Internet-Draft | keyword: | |||
| venue: | ||||
| group: "Transport Layer Security" | ||||
| type: "Working Group" | ||||
| mail: "tls@ietf.org" | ||||
| arch: "https://mailarchive.ietf.org/arch/browse/tls/" | ||||
| github: "tlswg/rfc8447bis" | ||||
| date: 2025-10 | ||||
| consensus: true | ||||
| stand_alone: yes | stand_alone: yes | |||
| smart_quotes: no | smart_quotes: no | |||
| pi: [toc, sortrefs, symrefs] | pi: [toc, sortrefs, symrefs] | |||
| author: | author: | |||
| - | - | |||
| ins: J. Salowey | ins: J. Salowey | |||
| name: Joe Salowey | name: Joe Salowey | |||
| organization: Venafi | organization: Venafi | |||
| email: joe@salowey.net | email: joe@salowey.net | |||
| - | - | |||
| ins: S. Turner | ins: S. Turner | |||
| name: Sean Turner | name: Sean Turner | |||
| organization: sn3rd | organization: sn3rd | |||
| email: sean@sn3rd.com | email: sean@sn3rd.com | |||
| normative: | normative: | |||
| informative: | informative: | |||
| --- abstract | --- abstract | |||
| This document updates the changes to TLS and DTLS IANA registries | <!-- [rfced] Note that we have updated the short title, which appears in the | |||
| made in RFC 8447. It adds a new value "D" for discouraged | running header in the PDF output, as follows. Please let us know any objections. | |||
| to the Recommended column of the selected TLS registries and | ||||
| Original: | ||||
| (D)TLS IANA Registry Updates | ||||
| Current: | ||||
| TLS and DTLS IANA Registry Updates | ||||
| --> | ||||
| <!-- [rfced] Please insert any keywords (beyond those that appear in the title) | ||||
| for use on https://www.rfc-editor.org/search. --> | ||||
| <!-- [rfced] FYI - We will do the following when we convert the file to RFCXML: | ||||
| - Update relevant URLs to be clickable in the HTML and PDF outputs | ||||
| --> | ||||
| <!-- [rfced] Because this document updates RFC 8447, please | ||||
| review the errata reported for RFC 8447 | ||||
| (https://www.rfc-editor.org/errata/rfc8447) | ||||
| and let us know if you confirm our opinion that none of them | ||||
| are relevant to the content of this document. | ||||
| --> | ||||
| This document updates the changes to the TLS and DTLS IANA registries | ||||
| made in RFC 8447. It adds a new value, "D" for discouraged, | ||||
| to the "Recommended" column of the selected TLS registries and | ||||
| adds a "Comment" column to all active registries that do not | adds a "Comment" column to all active registries that do not | |||
| already have a "Comment" column. Finally, it updates the | already have a "Comment" column. Finally, it updates the | |||
| registration request instructions. | registration request instructions. | |||
| This document updates RFC 8447. | This document updates RFC 8447. | |||
| --- middle | --- middle | |||
| # Introduction | # Introduction | |||
| This document instructs IANA to make changes to a number of the IANA | This document instructs IANA to make changes to a number of the IANA | |||
| registries related to Transport Layer Security (TLS) and Datagram | registries related to Transport Layer Security (TLS) and Datagram | |||
| Transport Layer Security (DTLS). These changes update the changes made | Transport Layer Security (DTLS). These changes update the changes made | |||
| in {{!RFC8447}}. | in {{!RFC8447}}. | |||
| <aside markdown="block"> | This specification adds a new value, "D" for discouraged, to the "Recommended" | |||
| RFC EDITOR NOTE: Please remove the note that follows. | ||||
| </aside> | ||||
| <aside markdown="block"> | ||||
| NOTE for IANA: This document specifies changes to the registry to update | ||||
| the changes made in {{RFC8447}}. | ||||
| </aside> | ||||
| This specification adds a new value "D" for discouraged to the Recommended | ||||
| column of the selected TLS registries and adds a "Comment" column to all | column of the selected TLS registries and adds a "Comment" column to all | |||
| active registries that do not already have a "Comment" column. | active registries that do not already have a "Comment" column. | |||
| This specication also updates the registration request instructions. | This specification also updates the registration request instructions. | |||
| # Terminology | # Terminology | |||
| {::boilerplate bcp14-tagged} | {::boilerplate bcp14-tagged} | |||
| <!-- [rfced] In the sentence below, is the intention to have consensus | ||||
| to leave one item or multiple items marked? | ||||
| Original: | ||||
| The IETF might have consensus to leave an items marked as "N" on the | ||||
| basis of its having limited applicability or usage constraints. | ||||
| Perhaps (Singular): | ||||
| The IETF might have consensus to leave an item marked as "N" on the | ||||
| basis of the item having limited applicability or usage constraints. | ||||
| Or (Plural): | ||||
| The IETF might have consensus to leave items marked as "N" on the | ||||
| basis of the items having limited applicability or usage constraints. | ||||
| --> | ||||
| # Updating "Recommended" Column's Values | # Updating "Recommended" Column's Values | |||
| The instructions in this document update the Recommended column, | The instructions in this document update the "Recommended" column, | |||
| originally added in {{RFC8447}} to add a third value, "D", | originally added in {{RFC8447}} to add a third value, "D", | |||
| indicating that a value is "Discouraged". The permitted values | indicating that a value is discouraged. The permitted values | |||
| of the "Recommended" column are: | of the "Recommended" column are: | |||
| Y: | Y: | |||
| : Indicates that the IETF has consensus that the | : Indicates that the IETF has consensus that the | |||
| item is RECOMMENDED. This only means that the associated | item is RECOMMENDED. This only means that the associated | |||
| mechanism is fit for the purpose for which it was defined. | mechanism is fit for the purpose for which it was defined. | |||
| Careful reading of the documentation for the mechanism is | Careful reading of the documentation for the mechanism is | |||
| necessary to understand the applicability of that mechanism. | necessary to understand the applicability of that mechanism. | |||
| The IETF could recommend mechanisms that have limited | The IETF could recommend mechanisms that have limited | |||
| applicability, but will provide applicability statements that | applicability but will provide applicability statements that | |||
| describe any limitations of the mechanism or necessary constraints | describe any limitations of the mechanism or necessary constraints | |||
| on its use. | on its use. | |||
| N: | N: | |||
| : Indicates that the item has not been evaluated by | : Indicates that the item has not been evaluated by | |||
| the IETF and that the IETF has made no statement about the | the IETF and that the IETF has made no statement about the | |||
| suitability of the associated mechanism. This does not necessarily | suitability of the associated mechanism. This does not necessarily | |||
| mean that the mechanism is flawed, only that no consensus exists. | mean that the mechanism is flawed, only that no consensus exists. | |||
| The IETF might have consensus to leave an items marked as "N" on | The IETF might have consensus to leave an items marked as "N" on | |||
| the basis of its having limited applicability or usage constraints. | the basis of its having limited applicability or usage constraints. | |||
| D: | D: | |||
| : Indicates that the item is discouraged. This marking could be used to identify | : Indicates that the item is discouraged. This marking could be used to identify | |||
| mechanisms that might result in problems if they are used, such as | mechanisms that might result in problems if they are used, such as | |||
| a weak cryptographic algorithm or a mechanism that might cause | a weak cryptographic algorithm or a mechanism that might cause | |||
| interoperability problems in deployment. When marking a registry entry as | interoperability problems in deployment. When marking a registry entry as | |||
| “D”, either the References or the Comments Column MUST include sufficient | "D", either the "Reference" or the "Comment" column MUST include sufficient | |||
| information to determine why the marking has been applied. Implementers and | information to determine why the marking has been applied. Implementers and | |||
| users SHOULD consult the linked references associated with the item to | users SHOULD consult the linked references associated with the item to | |||
| determine the conditions under which the item SHOULD NOT or MUST NOT be used . | determine the conditions under which the item SHOULD NOT or MUST NOT be used . | |||
| Setting a value to "Y" or "D" or transitioning the value from "Y" or "D" in the "Recommended" column requires | Setting a value to "Y" or "D" or transitioning the value from "Y" or "D" in the "Recommended" column requires | |||
| IETF Standards Action with Expert Review or IESG Approval {{!RFC8126}}. Not all items defined | IETF Standards Action with Expert Review or IESG Approval {{!RFC8126}}. Not all items defined | |||
| in Standards Track RFCs need to be set | in Standards Track RFCs need to be set | |||
| to "Y" or "D". Any item not otherwise specified is set to "N". The column is | to "Y" or "D". Any item not otherwise specified is set to "N". The column is | |||
| blank for values that are unassigned or reserved unless specifically set. | blank for values that are unassigned or reserved unless specifically set. | |||
| ## Recommended Note {#rec-note} | ## Recommended Note {#rec-note} | |||
| Existing registries have a note on the meaning of the Recommended column. For th | Existing registries have a note on the meaning of the "Recommended" column. For | |||
| e | the | |||
| registries discussed in the subsequent sections this note is updated | registries discussed in the subsequent sections, this note is updated | |||
| with a sentence describing the "D" value as follows: | with a sentence describing the "D" value as follows: | |||
| Note: | {:quote} | |||
| > Note: If the "Recommended" column is set to "N", it does not necessarily mean | ||||
| : If "Recommended" column is set to "N", it does not necessarily mean | that it is flawed; rather, it indicates that the item has not | |||
| that it is flawed; rather, it indicates that the item either has not | ||||
| been through the IETF consensus process, has limited applicability, or | been through the IETF consensus process, has limited applicability, or | |||
| is intended only for specific use cases. If the "Recommended" column | is intended only for specific use cases. If the "Recommended" column | |||
| is set to "D" the item is discouraged and SHOULD NOT or MUST NOT be used, | is set to "D", the item is discouraged and SHOULD NOT or MUST NOT be used, | |||
| depending upon the situation; consult the item’s references for clarity. | depending upon the situation; consult the item's references for clarity. | |||
| # TLS ExtensionType Values Registry | # TLS ExtensionType Values Registry | |||
| In order to reflect the changes in the Recommended column allocation, | In order to reflect the changes in the "Recommended" column allocation, | |||
| IANA is requested to update the TLS ExtensionType Values registry as follows: | IANA has updated the "TLS ExtensionType Values" registry as follows: | |||
| - Adjust the registration procedure related to setting the “Recommended” column as follows: | - Adjusted the registration procedure related to setting the "Recommended" colum n as follows: | |||
| ~~~ | ||||
| Setting a value to "Y" or "D" or transitioning the value from | Setting a value to "Y" or "D" or transitioning the value from | |||
| "Y" or "D" in the "Recommended" column requires | "Y" or "D" in the "Recommended" column requires | |||
| IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | |||
| ~~~ | ||||
| - Add a reference to this document under the reference heading. | - Added a reference to this document under the reference heading. | |||
| - Update the "Recommended" column with the changes as listed below. Entries | - Updated the "Recommended" column with the changes listed below. Entries | |||
| keep their existing "Y" and "N" entries except for the entries in following ta | keep their existing "Y" and "N" entries except for the entries in the followin | |||
| ble. | g table. | |||
| IANA is requested to add a reference to this document for these entries. | IANA has added a reference to this document for these entries. | |||
| |Value | Extension | Recommended | | <!-- [rfced] FYI - We have reordered the values in Table 1 to reflect | |||
| how they are listed in the "TLS ExtensionType Values" registry. | ||||
| --> | ||||
| |Value | Extension Name | Recommended | | ||||
| |:-----|:------------------------------------|------------:| | |:-----|:------------------------------------|------------:| | |||
| |4 |truncated_hmac | D | | |4 |truncated_hmac | D | | |||
| |53 |connection_id (deprecated) | D | | ||||
| |40 |Reserved | D | | |40 |Reserved | D | | |||
| |46 |Reserved | D | | |46 |Reserved | D | | |||
| |53 |connection_id (deprecated) | D | | ||||
| - Update note on the Recommended column with text in {{rec-note}}. | - Updated the note on the "Recommended" column with text in {{rec-note}}. | |||
| - For the truncated_hmac, add the following link to Reference column: | - For the truncated_hmac, added the following link to the "Reference" column: ht | |||
| https://www.iacr.org/archive/asiacrypt2011/70730368/70730368.pdf | tps://www.iacr.org/archive/asiacrypt2011/70730368/70730368.pdf | |||
| - For the two Reserved values above, add the following link in the Reference col | - For the two Reserved values above, added the following link in the "Reference" | |||
| umn: | column: https://mailarchive.ietf.org/arch/msg/tls-reg-review/5BD62HBFjo_AsW-Y8o | |||
| https://mailarchive.ietf.org/arch/msg/tls-reg-review/5BD62HBFjo_AsW-Y8ohVuWEe1gI | hVuWEe1gI/ | |||
| / | ||||
| # TLS Cipher Suites Registry | # TLS Cipher Suites Registry | |||
| Several categories of ciphersuites are discouraged for general use and | Several categories of cipher suites are discouraged for general use and | |||
| are marked as "D". | are marked as "D". | |||
| Ciphersuites that use NULL encryption do not provide the confidentiality | Cipher suites that use NULL encryption do not provide the confidentiality | |||
| normally expected of TLS. Protocols and applications are often designed | normally expected of TLS. Protocols and applications are often designed | |||
| to require confidentiality as a security property. These | to require confidentiality as a security property. These | |||
| ciphersuites MUST NOT be used in those cases. | cipher suites MUST NOT be used in those cases. | |||
| Ciphersuites marked as EXPORT use weak ciphers and were deprecated in | Cipher suites marked as EXPORT use weak ciphers and were deprecated in | |||
| TLS 1.1 {{!RFC4346}}. | TLS 1.1 {{!RFC4346}}. | |||
| Cipher suites marked as anon do not provide any authentication and are | Cipher suites marked as anon do not provide any authentication, are | |||
| vulnerable to on-path attacks and are deprecated in TLS 1.1 | vulnerable to on-path attacks, and were deprecated in TLS 1.1 | |||
| {{!RFC4346}}. | {{!RFC4346}}. | |||
| RC4 is a weak cipher and is deprecated in {{!RFC7465}}. | RC4 is a weak cipher and is deprecated in {{!RFC7465}}. | |||
| DES and IDEA are not considered secure for general use and are deprecated | DES and the International Data Encryption Algorithm (IDEA) are not considered se | |||
| in {{!RFC5469}}. Nor is MD5 or SHA-1 and these are deprecated in {{!RFC9155}}. | cure for general use and were deprecated in {{!RFC5469}}. MD5 and SHA-1 are also | |||
| not secure for general use and were deprecated in {{!RFC9155}}. | ||||
| In order to reflect the changes in the Recommended column allocation, | In order to reflect the changes in the "Recommended" column allocation, | |||
| IANA is requested to update the TLS ExtensionType Values registry as follows: | IANA has updated the "TLS Cipher Suites" registry as follows: | |||
| - Adjust the registration procedure related to setting the “Recommended” column as follows: | - Adjusted the registration procedure related to setting the "Recommended" colum n as follows: | |||
| ~~~ | ||||
| Setting a value to "Y" or "D" or transitioning the value from | Setting a value to "Y" or "D" or transitioning the value from | |||
| "Y" or "D" in the "Recommended" column requires | "Y" or "D" in the "Recommended" column requires | |||
| IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | |||
| ~~~ | ||||
| - Add a reference to this document under the reference heading. | - Added a reference to this document under the reference heading. | |||
| - Update the "Recommended" column with the changes as listed below. Entries | - Updated the "Recommended" column with the changes listed below. Entries | |||
| keep their existing "Y" and "N" entries except for the entries in following ta ble. | keep their existing "Y" and "N" entries except for the entries in following ta ble. | |||
| IANA is requested to add a reference to this document for these entries. This | IANA has added a reference to this document for these entries. This document d | |||
| document does not | oes not | |||
| make any changes to the DTLS-OK column. | make any changes to the "DTLS-OK" column. | |||
| | Value | Cipher Suite Name | Recommended | | | Value | Description | Recommended | | |||
| |:------|:---------------------------------------------|-----------:| | |:------|:---------------------------------------------|-----------:| | |||
| | 0x00,0x1E | TLS_KRB5_WITH_DES_CBC_SHA | D | | | 0x00,0x1E | TLS_KRB5_WITH_DES_CBC_SHA | D | | |||
| | 0x00,0x20 | TLS_KRB5_WITH_RC4_128_SHA | D | | | 0x00,0x20 | TLS_KRB5_WITH_RC4_128_SHA | D | | |||
| | 0x00,0x21 | TLS_KRB5_WITH_IDEA_CBC_SHA | D | | | 0x00,0x21 | TLS_KRB5_WITH_IDEA_CBC_SHA | D | | |||
| | 0x00,0x22 | TLS_KRB5_WITH_DES_CBC_MD5 | D | | | 0x00,0x22 | TLS_KRB5_WITH_DES_CBC_MD5 | D | | |||
| | 0x00,0x24 | TLS_KRB5_WITH_RC4_128_MD5 | D | | | 0x00,0x24 | TLS_KRB5_WITH_RC4_128_MD5 | D | | |||
| | 0x00,0x25 | TLS_KRB5_WITH_IDEA_CBC_MD5 | D | | | 0x00,0x25 | TLS_KRB5_WITH_IDEA_CBC_MD5 | D | | |||
| | 0x00,0x26 | TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA | D | | | 0x00,0x26 | TLS_KRB5_EXPORT_WITH_DES_CBC_40_SHA | D | | |||
| | 0x00,0x27 | TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA | D | | | 0x00,0x27 | TLS_KRB5_EXPORT_WITH_RC2_CBC_40_SHA | D | | |||
| | 0x00,0x28 | TLS_KRB5_EXPORT_WITH_RC4_40_SHA | D | | | 0x00,0x28 | TLS_KRB5_EXPORT_WITH_RC4_40_SHA | D | | |||
| | 0x00,0x29 | TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 | D | | | 0x00,0x29 | TLS_KRB5_EXPORT_WITH_DES_CBC_40_MD5 | D | | |||
| | 0x00,0x2A | TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 | D | | | 0x00,0x2A | TLS_KRB5_EXPORT_WITH_RC2_CBC_40_MD5 | D | | |||
| | 0x00,0x2B | TLS_KRB5_EXPORT_WITH_RC4_40_MD5 | D | | | 0x00,0x2B | TLS_KRB5_EXPORT_WITH_RC4_40_MD5 | D | | |||
| | 0x00,0x2C | TLS_PSK_WITH_NULL_SHA | D | | | 0x00,0x2C | TLS_PSK_WITH_NULL_SHA | D | | |||
| | 0x00,0x8A | TLS_PSK_WITH_RC4_128_SHA | D | | | 0x00,0x8A | TLS_PSK_WITH_RC4_128_SHA | D | | |||
| | 0x00,0xB0 | TLS_PSK_WITH_NULL_SHA256 | D | | | 0x00,0xB0 | TLS_PSK_WITH_NULL_SHA256 | D | | |||
| | 0x00,0xB1 | TLS_PSK_WITH_NULL_SHA384 | D | | | 0x00,0xB1 | TLS_PSK_WITH_NULL_SHA384 | D | | |||
| | 0xC0,0x06 | TLS_ECDHE_ECDSA_WITH_NULL_SHA | D | | | 0xC0,0x06 | TLS_ECDHE_ECDSA_WITH_NULL_SHA | D | | |||
| | 0xC0,0x07 | TLS_ECDHE_ECDSA_WITH_RC4_128_SHA | D | | | 0xC0,0x07 | TLS_ECDHE_ECDSA_WITH_RC4_128_SHA | D | | |||
| | 0xC0,0x10 | TLS_ECDHE_RSA_WITH_NULL_SHA | D | | | 0xC0,0x10 | TLS_ECDHE_RSA_WITH_NULL_SHA | D | | |||
| | 0xC0,0x11 | TLS_ECDHE_RSA_WITH_RC4_128_SHA | D | | | 0xC0,0x11 | TLS_ECDHE_RSA_WITH_RC4_128_SHA | D | | |||
| | 0xC0,0x33 | TLS_ECDHE_PSK_WITH_RC4_128_SHA | D | | | 0xC0,0x33 | TLS_ECDHE_PSK_WITH_RC4_128_SHA | D | | |||
| | 0xC0,0x39 | TLS_ECDHE_PSK_WITH_NULL_SHA | D | | | 0xC0,0x39 | TLS_ECDHE_PSK_WITH_NULL_SHA | D | | |||
| | 0xC0,0x3A | TLS_ECDHE_PSK_WITH_NULL_SHA256 | D | | | 0xC0,0x3A | TLS_ECDHE_PSK_WITH_NULL_SHA256 | D | | |||
| | 0xC0,0x3B | TLS_ECDHE_PSK_WITH_NULL_SHA384 | D | | | 0xC0,0x3B | TLS_ECDHE_PSK_WITH_NULL_SHA384 | D | | |||
| | 0xC0,0xB4 | TLS_SHA256_SHA256 | D | | | 0xC0,0xB4 | TLS_SHA256_SHA256 | D | | |||
| | 0xC0,0xB5 | TLS_SHA384_SHA384 | D | | | 0xC0,0xB5 | TLS_SHA384_SHA384 | D | | |||
| - Update note on the Recommended column with text in {{rec-note}}. | - Updated the note on the "Recommended" column with text in {{rec-note}}. | |||
| # TLS Supported Groups Registry | # TLS Supported Groups Registry | |||
| In order to reflect the changes in the Recommended column allocation, | In order to reflect the changes in the "Recommended" column allocation, | |||
| IANA is requested to update the TLS Supported Groups registry as follows: | IANA has updated the "TLS Supported Groups" registry as follows: | |||
| - Update the registration policy to include: | - Updated the registration policy to include: | |||
| ~~~ | ||||
| Setting a value to "Y" or "D" or transitioning the value from | Setting a value to "Y" or "D" or transitioning the value from | |||
| "Y" or "D" in the "Recommended" column requires | "Y" or "D" in the "Recommended" column requires | |||
| IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | |||
| ~~~ | ||||
| - Add a reference to this document under the reference heading. | - Added a reference to this document under the reference heading. | |||
| - Update the "Recommended" column with the changes as listed below. Entries | - Updated the "Recommended" column with the changes listed below. Entries | |||
| keep their existing "Y" and "N" entries except for the entries in following ta ble. | keep their existing "Y" and "N" entries except for the entries in following ta ble. | |||
| IANA is requested to add a reference to this document for these entries. | IANA has added a reference to this document for these entries. | |||
| | Value | Curve | Recommended | | | Value | Description | Recommended | | |||
| |:-|:-|-:| | |:-|:-|-:| | |||
| | 1 |sect163k1 | D | | | 1 |sect163k1 | D | | |||
| | 2 | sect163r1 | D | | | 2 | sect163r1 | D | | |||
| | 3 | sect163r2 | D | | | 3 | sect163r2 | D | | |||
| | 4 | sect193r1 | D | | | 4 | sect193r1 | D | | |||
| | 5 | sect193r2 | D | | | 5 | sect193r2 | D | | |||
| | 6 | sect233k1 | D | | | 6 | sect233k1 | D | | |||
| | 7 | sect233r1 | D | | | 7 | sect233r1 | D | | |||
| | 8 | sect239k1 | D | | | 8 | sect239k1 | D | | |||
| | 15 | secp160k1 | D | | | 15 | secp160k1 | D | | |||
| | 16 | secp160r1 | D | | | 16 | secp160r1 | D | | |||
| | 17 | secp160r2 | D | | | 17 | secp160r2 | D | | |||
| | 18 | secp192k1 | D | | | 18 | secp192k1 | D | | |||
| | 19 | secp192r1 | D | | | 19 | secp192r1 | D | | |||
| | 20 | secp224k1 | D | | | 20 | secp224k1 | D | | |||
| | 21 | secp224r1 | D | | | 21 | secp224r1 | D | | |||
| - Update note on the Recommended column with text in {{rec-note}}. | - Updated the note on the "Recommended" column with text in {{rec-note}}. | |||
| - Remove the "Elliptic curve groups" note from the registration | - Removed the "Elliptic curve groups" note from the registration | |||
| procedures table. | procedures table. | |||
| - For each of the entries above, add the following link to the | - For each of the entries above, added the following link to the | |||
| Comment column: | "Comment" column: https://datatracker.ietf.org/meeting/118/materials/slides-11 | |||
| https://datatracker.ietf.org/meeting/118/materials/slides-118-tls-rfc8447bis-00 | 8-tls-rfc8447bis-00 | |||
| # TLS Exporter Labels Registry | # TLS Exporter Labels Registry | |||
| This document updates the registration procedure for the TLS Exporter | This document updates the registration procedure for the "TLS Exporter | |||
| Labels registry and updates the Recommended column allocation. | Labels" registry and updates the "Recommended" column allocation. | |||
| IANA is requested to update the TLS Exporter Labels Registry as follows: | IANA has updated the "TLS Exporter Labels" registry as follows: | |||
| - Change the registration procedure from Specification Required to | - Changed the registration procedure from Specification Required to | |||
| Expert Review and update it to include: | Expert Review and updated it to include: | |||
| ~~~ | ||||
| Setting a value to "Y" or "D" or transitioning the value from | Setting a value to "Y" or "D" or transitioning the value from | |||
| "Y" or "D" in the "Recommended" column requires | "Y" or "D" in the "Recommended" column requires | |||
| IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | |||
| ~~~ | ||||
| - Add a reference to this document under the reference heading. | - Added a reference to this document under the reference heading. | |||
| - Entries keep their existing Recommended column "Y" and "N" entries | - Entries kept their existing "Recommended" column "Y" and "N" entries. | |||
| - Update note on the Recommended column with text in {{rec-note}}. | - Updated the note on the "Recommended" column with text in {{rec-note}}. | |||
| - Update the note on the role of the expert reviewer as follows. | - Updated the note on the role of the expert reviewer as follows. | |||
| Note: | {:quote} | |||
| : The role of the designated expert is described in {{RFC8447, Section 17}}. | > Note: The role of the designated expert is described in {{RFC8447, Section 17} | |||
| }. | ||||
| Even though this registry does not require a specification, the | Even though this registry does not require a specification, the | |||
| designated expert {{!RFC8126}} will strongly encourage registrants | designated expert {{!RFC8126}} will strongly encourage registrants | |||
| to provide a link to a publicly available specification. An | to provide a link to a publicly available specification. An | |||
| Internet-Draft (that is posted and never published as an RFC) | Internet-Draft (that is posted and never published as an RFC) | |||
| or a document from another standards body, industry consortium, | or a document from another standards body, industry consortium, | |||
| university site, etc. are suitable for these purposes. | university site, etc. is suitable for these purposes. | |||
| The expert may provide more in-depth reviews, but their approval | The expert may provide more in-depth reviews, but their approval | |||
| should not be taken as an endorsement of the exporter label. The | should not be taken as an endorsement of the exporter label. The | |||
| expert also verifies that the label is a string consisting of | expert also verifies that the label is a string consisting of | |||
| printable ASCII characters beginning with "EXPORTER". IANA MUST | printable ASCII characters beginning with "EXPORTER". IANA MUST | |||
| also verify that one label is not a prefix of any other label. | also verify that one label is not a prefix of any other label. | |||
| For example, labels "key" or "master secretary" are forbidden. | For example, labels "key" or "master secretary" are forbidden. | |||
| - Rename the Note column to Comment column. | - Renamed the "Note" column to "Comment". | |||
| # TLS Certificate Types Registry | # TLS Certificate Types Registry | |||
| In order to reflect the changes in the Recommended column allocation, | In order to reflect the changes in the "Recommended" column allocation, | |||
| IANA is requested to update the TLS Certificate Types registry as follows: | IANA has updated the "TLS Certificate Types" registry as follows: | |||
| - Adjust the registration procedure related to setting the “Recommended” column as follows: | - Adjusted the registration procedure related to setting the "Recommended" colum n as follows: | |||
| ~~~ | ||||
| Setting a value to "Y" or "D" or transitioning the value from | Setting a value to "Y" or "D" or transitioning the value from | |||
| "Y" or "D" in the "Recommended" column requires | "Y" or "D" in the "Recommended" column requires | |||
| IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | |||
| ~~~ | ||||
| - Add a reference to this document under the reference heading. | - Added a reference to this document under the reference heading. | |||
| - Entries keep their existing Recommended column "Y" and "N" entries. | - Entries kept their existing "Recommended" column "Y" and "N" entries. | |||
| - Update note on the Recommended column with text in {{rec-note}}. | - Updated the note on the "Recommended" column with text in {{rec-note}}. | |||
| # TLS HashAlgorithm Registry | # TLS HashAlgorithm Registry | |||
| Though TLS 1.0 and TLS 1.1 were deprecated {{!RFC8996}}, TLS 1.2 will | TLS 1.0 and TLS 1.1 were deprecated {{!RFC8996}}, TLS 1.2 will | |||
| be in use for some time. In order to reflect the changes in the Recommended | be in use for some time. In order to reflect the changes in the "Recommended" | |||
| column allocation, IANA is requested to update the TLS HashAlgorithm Registry | column allocation, IANA has updated the "TLS HashAlgorithm" registry | |||
| as follows: | as follows: | |||
| - Update the registration procedure to include: | - Updated the registration procedure to include: | |||
| ~~~ | ||||
| Setting a value to "Y" or "D" or transitioning the value from | Setting a value to "Y" or "D" or transitioning the value from | |||
| "Y" or "D" in the "Recommended" column requires | "Y" or "D" in the "Recommended" column requires | |||
| IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | |||
| ~~~ | ||||
| - Add a reference to this document under the reference heading. | - Added a reference to this document under the reference heading. | |||
| - Update the TLS HashAlgorithm registry to add a "Recommended" column | - Updated the "TLS HashAlgorithm" registry to add a "Recommended" column | |||
| as follows: | as follows: | |||
| | Value | Description | Recommended | | | Value | Description | Recommended | | |||
| |:---- |:-------------|------------:| | |:---- |:-------------|------------:| | |||
| | 0 | none | Y | | | 0 | none | Y | | |||
| | 1 | md5 | D | | | 1 | md5 | D | | |||
| | 2 | sha1 | D | | | 2 | sha1 | D | | |||
| | 3 | sha224 | D | | | 3 | sha224 | D | | |||
| | 4 | sha256 | Y | | | 4 | sha256 | Y | | |||
| | 5 | sha384 | Y | | | 5 | sha384 | Y | | |||
| | 6 | sha512 | Y | | | 6 | sha512 | Y | | |||
| | 8 | Intrinsic | Y | | | 8 | Intrinsic | Y | | |||
| - Add note on the Recommended column with text in {{rec-note}}. | - Added a note on the "Recommended" column with text in {{rec-note}}. | |||
| # TLS SignatureAlgorithm Registry | # TLS SignatureAlgorithm Registry | |||
| Though TLS 1.0 and TLS 1.1 were deprecated {{!RFC8996}}, TLS 1.2 will | TLS 1.0 and TLS 1.1 were deprecated {{!RFC8996}}, TLS 1.2 will | |||
| be in use for some time. In order to reflect the changes in the Recommended | be in use for some time. In order to reflect the changes in the "Recommended" | |||
| column allocation, IANA is requested to update the TLS SignatureAlgorithm regist | column allocation, IANA has updated the "TLS SignatureAlgorithm" registry | |||
| ry | ||||
| as follows: | as follows: | |||
| - Update the registration procedure to include: | - Updated the registration procedure to include: | |||
| ~~~ | ||||
| Setting a value to "Y" or "D" or transitioning the value from | Setting a value to "Y" or "D" or transitioning the value from | |||
| "Y" or "D" in the "Recommended" column requires | "Y" or "D" in the "Recommended" column requires | |||
| IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | |||
| ~~~ | ||||
| - Add a reference to this document under the reference heading. | - Added a reference to this document under the reference heading. | |||
| - Update the TLS SignatureAlgorithm registry to add a "Recommended" | - Updated the "TLS SignatureAlgorithm" registry to add a "Recommended" | |||
| column as follows: | column as follows: | |||
| |Value | Description | Recommended | | |Value | Description | Recommended | | |||
| |:-----|:-------------|------------:| | |:-----|:-------------|------------:| | |||
| | 0 | anonymous| N | | | 0 | anonymous| N | | |||
| | 1 | rsa | Y | | | 1 | rsa | Y | | |||
| | 2 | dsa | N | | | 2 | dsa | N | | |||
| | 3 | ecdsa | Y | | | 3 | ecdsa | Y | | |||
| | 7 | ed25519 | Y | | | 7 | ed25519 | Y | | |||
| | 8 | ed448 | Y | | | 8 | ed448 | Y | | |||
| | 64 | gostr34102012_256 | N | | | 64 | gostr34102012_256 | N | | |||
| | 65 | gostr34102012_512 | N | | | 65 | gostr34102012_512 | N | | |||
| - Add note on the Recommended column with text in {{rec-note}}. | - Added a note on the "Recommended" column with text in {{rec-note}}. | |||
| # TLS ClientCertificateType Identifiers Registry | # TLS ClientCertificateType Identifiers Registry | |||
| Though TLS 1.0 and TLS 1.1 were deprecated {{!RFC8996}}, TLS 1.2 will | TLS 1.0 and TLS 1.1 were deprecated {{!RFC8996}}, TLS 1.2 will | |||
| be in use for some time. In order to refect the changes in the Recommended | be in use for some time. In order to reflect the changes in the "Recommended" | |||
| column allocation, IANA is requested to update the TLS ClientCertificateType Ide | column allocation, IANA has updated the "TLS ClientCertificateType Identifiers" | |||
| ntifiers | ||||
| registry as follows: | registry as follows: | |||
| - Update the registration procedure to include: | - Updated the registration procedure to include: | |||
| ~~~ | ||||
| Setting a value to "Y" or "D" or transitioning the value from | Setting a value to "Y" or "D" or transitioning the value from | |||
| "Y" or "D" in the "Recommended" column requires | "Y" or "D" in the "Recommended" column requires | |||
| IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | |||
| ~~~ | ||||
| - Add a reference to this document under the reference heading. | - Added a reference to this document under the reference heading. | |||
| - Update the TLS ClientCertificateType Identifiers registry to add a "Recommende d" | - Updated the "TLS ClientCertificateType Identifiers" registry to add a "Recomme nded" | |||
| column as follows: | column as follows: | |||
| | Value | Description | Recommended | | | Value | Description | Recommended | | |||
| |:------|:-------------|------------:| | |:------|:-------------|------------:| | |||
| | 1 | rsa_sign | Y | | | 1 | rsa_sign | Y | | |||
| | 2 | dss_sign | N | | | 2 | dss_sign | N | | |||
| | 3 | rsa_fixed_dh | N | | | 3 | rsa_fixed_dh | N | | |||
| | 4 | dss_fixed_dh | N | | | 4 | dss_fixed_dh | N | | |||
| | 5 | rsa_ephemeral_dh_RESERVED | D | | | 5 | rsa_ephemeral_dh_RESERVED | D | | |||
| | 6 | dss_ephemeral_dh_RESERVED | D | | | 6 | dss_ephemeral_dh_RESERVED | D | | |||
| | 20 | fortezza_dms_RESERVED | D | | | 20 | fortezza_dms_RESERVED | D | | |||
| | 64 | ecdsa_sign | Y | | | 64 | ecdsa_sign | Y | | |||
| | 65 | rsa_fixed_ecdh | N | | | 65 | rsa_fixed_ecdh | N | | |||
| | 66 | ecdsa_fixed_ecdh | N | | | 66 | ecdsa_fixed_ecdh | N | | |||
| | 67 | gost_sign256 | N | | | 67 | gost_sign256 | N | | |||
| | 68 | gost_sign512 | N | | | 68 | gost_sign512 | N | | |||
| - Add note on the Recommended column with text in {{rec-note}}. | - Added a note on the "Recommended" column with text in {{rec-note}}. | |||
| # TLS PskKeyExchangeMode Registry | # TLS PskKeyExchangeMode Registry | |||
| In order to reflect the changes in the Recommended column allocation, | In order to reflect the changes in the "Recommended" column allocation, | |||
| IANA is requested to update the TLS PskKeyExchangeMode registry as follows: | IANA has updated the "TLS PskKeyExchangeMode" registry as follows: | |||
| - Update the registration procedure to include: | - Updated the registration procedure to include: | |||
| ~~~ | ||||
| Setting a value to "Y" or "D" or transitioning the value from | Setting a value to "Y" or "D" or transitioning the value from | |||
| "Y" or "D" in the "Recommended" column requires | "Y" or "D" in the "Recommended" column requires | |||
| IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | |||
| ~~~ | ||||
| - Add a reference to this document under the reference heading. | - Added a reference to this document under the reference heading. | |||
| - Entries keep their existing Recommended column "Y" and "N" entries. | - Entries kept their existing "Recommended" column "Y" and "N" entries. | |||
| - Update note on the Recommended column with text in {{rec-note}}. | - Updated note on the "Recommended" column with text in {{rec-note}}. | |||
| # TLS SignatureScheme Registry | # TLS SignatureScheme Registry | |||
| In order to reflect the changes in the Recommended column allocation, | In order to reflect the changes in the "Recommended" column allocation, | |||
| IANA is requested to update the TLS SignatureScheme registry as follows: | IANA has updated the "TLS SignatureScheme" registry as follows: | |||
| - Update the registration procedure to include: | - Updated the registration procedure to include: | |||
| ~~~ | ||||
| Setting a value to "Y" or "D" or transitioning the value from | Setting a value to "Y" or "D" or transitioning the value from | |||
| "Y" or "D" in the "Recommended" column requires | "Y" or "D" in the "Recommended" column requires | |||
| IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | IETF Standards Action with Expert Review or IESG Approval [RFC8126]. | |||
| ~~~ | ||||
| - IANA is requested to add a reference to this document under the reference head ing. | - Added a reference to this document under the reference heading. | |||
| - Entries keep their existing Recommended column "Y" and "N" entries. | - Entries kept their existing "Recommended" column "Y" and "N" entries. | |||
| - Update note on the Recommended column with text in {{rec-note}}. | - Updated note on the "Recommended" column with text in {{rec-note}}. | |||
| # Adding "Comment" Column | # Adding "Comment" Column | |||
| IANA is requested to add a "Comment" column to the following registries: | IANA has added a "Comment" column to the following registries: | |||
| - TLS ExtensionType Values | - TLS ExtensionType Values | |||
| - TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs | - TLS Application-Layer Protocol Negotiation (ALPN) Protocol IDs | |||
| - TLS CachedInformationType Values | - TLS CachedInformationType Values | |||
| - TLS Certificate Compression Algorithm IDs | - TLS Certificate Compression Algorithm IDs | |||
| - TLS ClientCertificateType Identifiers | - TLS ClientCertificateType Identifiers | |||
| - TLS Cipher Suites | - TLS Cipher Suites | |||
| - TLS ContentType | - TLS ContentType | |||
| - TLS EC Point Formats | - TLS EC Point Formats | |||
| - TLS EC Curve Types | - TLS EC Curve Types | |||
| - TLS Supplemental Data Formats (SupplementalDataType) | - TLS Supplemental Data Formats (SupplementalDataType) | |||
| - TLS UserMappingType Values | - TLS UserMappingType Values | |||
| - TLS Signature Algorithm | - TLS SignatureAlgorithm | |||
| - TLS Hash Algorithm | - TLS HashAlgorithm | |||
| - TLS Authorization Data Formats | - TLS Authorization Data Formats | |||
| TLS <span class="insert">HashAlgorithm</span> | ||||
| - TLS Heartbeat Message Types | - TLS Heartbeat Message Types | |||
| - TLS Heartbeat Modes | - TLS Heartbeat Modes | |||
| - TLS SignatureScheme | - TLS SignatureScheme | |||
| - TLS PskKeyExchangeMode | - TLS PskKeyExchangeMode | |||
| - TLS KDF Identifiers | - TLS KDF Identifiers | |||
| - TLS SSLKEYLOGFILE Labels | - TLS SSLKEYLOGFILE Labels | |||
| This list of registries is all registries that do not already have a | This list of registries is all registries that do not already have a | |||
| "Comment" or "Notes" column or that were not orphaned by TLS 1.3. | "Comment" or "Note" column or that were not orphaned by TLS 1.3. | |||
| IANA is requested to rename the "Note" column to "Comment" column in | <!--[rfced] May we remove this sentence from the end of Section 14? | |||
| TLS Exporter Labels registry. | This action is already listed in Section 7. | |||
| Original: | ||||
| IANA is requested to rename the "Note" column to "Comment" column in | ||||
| TLS Exporter Labels registry. | ||||
| --> | ||||
| IANA has renamed the "Note" column to "Comment" in the | ||||
| "TLS Exporter Labels" registry. | ||||
| # Expert Review of Current and Potential IETF and IRTF Documents | # Expert Review of Current and Potential IETF and IRTF Documents | |||
| The intent of the Specification Required choice for TLS code points | The intent of the Specification Required choice for TLS codepoints | |||
| is to allow for easy registration for code points associated with | is to allow for easy registration for codepoints associated with | |||
| protocols and algorithms that are not being actively developed inside | protocols and algorithms that are not being actively developed inside | |||
| IETF or IRTF. When TLS-based technologies are being developed inside | the IETF or IRTF. When TLS-based technologies are being developed inside | |||
| the IRTF/IETF they should be done in coordination with the TLS WG in | the IETF or IRTF, they should be done in coordination with the TLS WG in | |||
| order to provide appropriate review. For this reason, unless the TLS WG | order to provide appropriate review. For this reason, unless the TLS WG | |||
| chairs indicate otherwise via email, designated | Chairs indicate otherwise via email, designated | |||
| experts should decline code point registrations for documents which | experts should decline codepoint registrations for documents that | |||
| have already been adopted or are being proposed for adoption by IETF | have already been adopted or are being proposed for adoption by IETF | |||
| working groups or IRTF research groups. | working groups or IRTF research groups. | |||
| # Registration Requests | # Registration Requests | |||
| Registration requests MUST be submitted in one of two ways: | Registration requests MUST be submitted in one of two ways: | |||
| 1. By sending email to iana@iana.org; this email SHOULD | 1. By sending email to iana@iana.org; this email SHOULD | |||
| use an appropriate subject (e.g., "Request to register value in TLS | use an appropriate subject (e.g., "Request to register value in TLS | |||
| bar registry"). | bar registry"). | |||
| 3. Using the online form at | 2. Using the online form at https://www.iana.org/form/protocol-assignment. | |||
| https://www.iana.org/form/protocol-assignment. | ||||
| Specification Required {{RFC8126}} registry requests are registered after | Specification Required {{RFC8126}} registry requests are registered after | |||
| a three-week review period on the advice of one or more designated | a three-week review period on the advice of one or more designated | |||
| experts. However, to allow for the allocation of values prior to | experts. However, to allow for the allocation of values prior to | |||
| publication, the designated experts may approve registration once they | publication, the designated experts may approve registration once they | |||
| are satisfied that such a specification will be published. | are satisfied that such a specification will be published. | |||
| # Security Considerations | # Security Considerations | |||
| Recommended algorithms are regarded as secure for general use at the | Recommended algorithms are regarded as secure for general use at the | |||
| time of registration; however, cryptographic algorithms and parameters | time of registration; however, cryptographic algorithms and parameters | |||
| will be broken or weakened over time. It is possible that the | will be broken or weakened over time. It is possible that the | |||
| "Recommended" status in the registry lags behind the most recent advances | "Recommended" status in the registry lags behind the most recent advances | |||
| in cryptanalysis. Implementers and users need to check that the | in cryptanalysis. Implementers and users need to check that the | |||
| cryptographic algorithms listed continue to provide the expected level | cryptographic algorithms listed continue to provide the expected level | |||
| of security. | of security. | |||
| Designated experts ensure the specification is publicly available. They may | Designated experts ensure the specification is publicly available. They may | |||
| provide more in-depth reviews. Their review should not be taken as an | provide more in-depth reviews. Their review should not be taken as an | |||
| endorsement of the cipher suite, extension, supported group, etc. | endorsement of the cipher suite, extension, supported group, etc. | |||
| # IANA Considerations | # IANA Considerations | |||
| This document is entirely about changes to TLS-related IANA registries. | This document is entirely about changes to TLS-related IANA registries. | |||
| IANA is requested to modify the note applied to all TLS Specification | IANA has modified the note applied to all TLS Specification | |||
| Required registries instructing where to send registration requests as | Required registries instructing where to send registration requests as | |||
| follows: | follows: | |||
| <aside markdown="block"> | <!--[rfced] IANA provided the following note when they notified us that their | |||
| RFC EDITOR: Please replace "This RFC" in the following with the RFC number | actions were complete: | |||
| assigned to this specification. | ||||
| </aside> | ||||
| Requests for assignments from the registry's Specification Required | NOTE: Some text at the end of the IANA Considerations section concerning reques | |||
| range should be sent to the mailing list described in [This RFC, Section 16]. | t | |||
| If approved, designated experts should notify IANA within three weeks. For | submission needs to be removed or replaced. Details at the end of the list of | |||
| assistance, please contact iana@iana.org. | actions. | |||
| Per this note and to reflect what appears in the TLS-related IANA registries, | ||||
| we have updated the text as shown below. Please let us know if any changes are | ||||
| needed. | ||||
| Original: | ||||
| Requests for assignments from the registry's Specification Required | ||||
| range should be sent to the mailing list described in [This RFC, | ||||
| Section 16]. If approved, designated experts should notify IANA | ||||
| within three weeks. For assistance, please contact iana@iana.org. | ||||
| Current: | ||||
| | Note: Requests for registration in the "Specification Required" | ||||
| | [RFC8126] range should be sent to iana@iana.org or submitted via | ||||
| | IANA's application form, per [RFC 9847]. IANA will forward the | ||||
| | request to the expert mailing list described in [RFC8447], | ||||
| | Section 17 and track its progress. See the registration procedure | ||||
| | table below for more information. | ||||
| --> | ||||
| {:quote} | ||||
| > Note: Requests for registration in the "Specification Required" {{RFC8126}} | ||||
| range should be sent to iana@iana.org or submitted via IANA's | ||||
| application form, per [RFC 9847]. IANA will | ||||
| forward the request to the expert mailing list described in | ||||
| {{RFC8447, Section 17}} and track its progress. See the registration | ||||
| procedure table below for more information. | ||||
| <!-- [rfced] FYI - We have added an expansion for the following abbreviation | ||||
| per Section 3.6 of RFC 7322 ("RFC Style Guide"). Please review each expansion | ||||
| in the document carefully to ensure correctness. | ||||
| International Data Encryption Algorithm (IDEA) | ||||
| --> | ||||
| <!-- [rfced] FYI - We have updated the following terms to the form on the | ||||
| right to match other documents in Cluster 430. Please let us know any objections | ||||
| . | ||||
| ciphersuite(s) > cipher suite(s) | ||||
| code points > codepoints | ||||
| --> | ||||
| <!-- [rfced] Please review the "Inclusive Language" portion of the online | ||||
| Style Guide <https://www.rfc-editor.org/styleguide/part2/#inclusive_language> | ||||
| and let us know if any changes are needed. Updates of this nature typically | ||||
| result in more precise language, which is helpful for readers. | ||||
| Note that our script did not flag any words in particular, but this should | ||||
| still be reviewed as a best practice. | ||||
| --> | ||||
| --- back | --- back | |||
| End of changes. 121 change blocks. | ||||
| 184 lines changed or deleted | 249 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||