| rfc8740xml2.original.xml | rfc8740.xml | |||
|---|---|---|---|---|
| <?xml version="1.0" encoding="UTF-8"?> | <?xml version='1.0' encoding='UTF-8'?> | |||
| <?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?> | ||||
| <!-- generated by https://github.com/cabo/kramdown-rfc2629 version 1.2.12 --> | ||||
| <!DOCTYPE rfc SYSTEM "rfc2629.dtd" [ | ||||
| ]> | ||||
| <?rfc toc="yes"?> | <!DOCTYPE rfc SYSTEM "rfc2629-xhtml.ent"> | |||
| <?rfc sortrefs="yes"?> | ||||
| <?rfc symrefs="yes"?> | ||||
| <rfc ipr="trust200902" docName="draft-ietf-httpbis-http2-tls13-03" category="std | <rfc xmlns:xi="http://www.w3.org/2001/XInclude" number="8740" consensus="true" | |||
| " updates="7540"> | ipr="trust200902" docName="draft-ietf-httpbis-http2-tls13-03" | |||
| category="std" updates="7540" obsoletes="" submissionType="IETF" | ||||
| xml:lang="en" tocInclude="true" sortRefs="true" symRefs="true" | ||||
| version="3"> | ||||
| <front> | <front> | |||
| <title>Using TLS 1.3 with HTTP/2</title> | <title>Using TLS 1.3 with HTTP/2</title> | |||
| <seriesInfo name="RFC" value="8740"/> | ||||
| <author initials="D." surname="Benjamin" fullname="David Benjamin"> | <author initials="D." surname="Benjamin" fullname="David Benjamin"> | |||
| <organization>Google LLC</organization> | <organization>Google LLC</organization> | |||
| <address> | <address> | |||
| <email>davidben@google.com</email> | <email>davidben@google.com</email> | |||
| </address> | </address> | |||
| </author> | </author> | |||
| <date year="2020" month="February"/> | ||||
| <date year="2019" month="October" day="17"/> | ||||
| <area>Applications and Real-Time</area> | <area>Applications and Real-Time</area> | |||
| <workgroup>HTTP</workgroup> | <workgroup>HTTP</workgroup> | |||
| <abstract> | <keyword>HTTP</keyword> | |||
| <keyword>renegotiation</keyword> | ||||
| <keyword>post-handshake client authentication</keyword> | ||||
| <t>This document updates RFC 7540 by forbidding TLS 1.3 post-handshake | <abstract> | |||
| <t>This document updates RFC 7540 by forbidding TLS 1.3 post-handshake | ||||
| authentication, as an analog to the existing TLS 1.2 renegotiation restriction.< /t> | authentication, as an analog to the existing TLS 1.2 renegotiation restriction.< /t> | |||
| </abstract> | </abstract> | |||
| <note title="Note to Readers"> | ||||
| <t><spanx style="emph">RFC EDITOR: please remove this section before publication | ||||
| </spanx></t> | ||||
| <t>Discussion of this draft takes place on the HTTP working group mailing list | ||||
| (ietf-http-wg@w3.org), which is archived at <eref target="https://lists.w3.org/A | ||||
| rchives/Public/ietf-http-wg/">https://lists.w3.org/Archives/Public/ietf-http-wg/ | ||||
| </eref>.</t> | ||||
| <t>Working Group information can be found at <eref target="https://httpwg.org/"> | ||||
| https://httpwg.org/</eref>; source | ||||
| code and issues list for this draft can be found at | ||||
| <eref target="https://github.com/httpwg/http-extensions/labels/http2-tls13">http | ||||
| s://github.com/httpwg/http-extensions/labels/http2-tls13</eref>.</t> | ||||
| </note> | ||||
| </front> | </front> | |||
| <middle> | <middle> | |||
| <section anchor="introduction" numbered="true" toc="default"> | ||||
| <name>Introduction</name> | ||||
| <section anchor="introduction" title="Introduction"> | <t>TLS 1.2 <xref target="RFC5246" format="default"/> and earlier | |||
| versions of TLS support renegotiation, a mechanism for changing | ||||
| <t>TLS 1.2 <xref target="RFC5246"/> and earlier support renegotiation, a mechani | parameters and keys partway through a connection. This was sometimes | |||
| sm for changing | used to implement reactive client authentication in HTTP/1.1 <xref | |||
| parameters and keys partway through a connection. This was sometimes used to | target="RFC7230" format="default"/>, where the server decides whether or | |||
| implement reactive client authentication in HTTP/1.1 <xref target="RFC7230"/>, w | not to request a client certificate based on the HTTP request.</t> | |||
| here the | <t>HTTP/2 <xref target="RFC7540" format="default"/> multiplexes multiple H | |||
| server decides whether to request a client certificate based on the HTTP | TTP requests over a single connection, | |||
| request.</t> | ||||
| <t>HTTP/2 <xref target="RFC7540"/> multiplexes multiple HTTP requests over a sin | ||||
| gle connection, | ||||
| which is incompatible with the mechanism above. Clients cannot correlate the | which is incompatible with the mechanism above. Clients cannot correlate the | |||
| certificate request with the HTTP request which triggered it. Thus, Section | certificate request with the HTTP request that triggered it. Thus, <xref | |||
| 9.2.1 of <xref target="RFC7540"/> forbids renegotiation.</t> | target="RFC7540" sectionFormat="of" section="9.2.1"/> forbids | |||
| renegotiation.</t> | ||||
| <t>TLS 1.3 <xref target="RFC8446"/> updates TLS 1.2 to remove renegotiation in f | <t>TLS 1.3 <xref target="RFC8446" format="default"/> removes | |||
| avor of separate | renegotiation and replaces it with separate post-handshake | |||
| post-handshake authentication and key update mechanisms. The former shares the | authentication and key update mechanisms. Post-handshake authentication | |||
| same problems with multiplexed protocols, but the prohibition in <xref target="R | has the same problems with multiplexed protocols as TLS 1.2 | |||
| FC7540"/> | renegotiation, but the prohibition in <xref target="RFC7540" | |||
| only applies to TLS 1.2 renegotiation.</t> | format="default"/> only applies to renegotiation. | |||
| <t>This document updates HTTP/2 to similarly forbid TLS 1.3 post-handshake | </t> | |||
| authentication.</t> | ||||
| </section> | <t>This document updates HTTP/2 <xref target="RFC7540" | |||
| <section anchor="requirements-language" title="Requirements Language"> | format="default"/> to similarly forbid TLS 1.3 post-handshake | |||
| authentication.</t> | ||||
| </section> | ||||
| <t>The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”, “SHOULD”, | <section anchor="requirements-language" numbered="true" toc="default"> | |||
| “SHOULD NOT”, “RECOMMENDED”, “NOT RECOMMENDED”, “MAY”, and “OPTIONAL” in this | <name>Requirements Language</name> | |||
| document are to be interpreted as described in BCP 14 <xref target="RFC2119"/> < | ||||
| xref target="RFC8174"/> | ||||
| when, and only when, they appear in all capitals, as shown here.</t> | ||||
| </section> | <t> | |||
| <section anchor="post-handshake-authentication-in-http2" title="Post-Handshake A | The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQU | |||
| uthentication in HTTP/2"> | IRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL | |||
| NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14> | ||||
| RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>", | ||||
| "<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to | ||||
| be interpreted as | ||||
| described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> | ||||
| when, and only when, they appear in all capitals, as shown here. | ||||
| </t> | ||||
| <t>HTTP/2 servers MUST NOT send post-handshake TLS 1.3 CertificateRequest messag | </section> | |||
| es. | ||||
| HTTP/2 clients MUST treat such messages as connection errors (see Section 5.4.1 | ||||
| of <xref target="RFC7540"/>) of type PROTOCOL_ERROR.</t> | ||||
| <t><xref target="RFC7540"/> permitted renegotiation before the HTTP/2 connection | <section anchor="post-handshake-authentication-in-http2" numbered="true" toc | |||
| preface to | ="default"> | |||
| <name>Post-Handshake Authentication in HTTP/2</name> | ||||
| <t>HTTP/2 servers <bcp14>MUST NOT</bcp14> send post-handshake TLS 1.3 Cert | ||||
| ificateRequest messages. | ||||
| HTTP/2 clients <bcp14>MUST</bcp14> treat such messages as connection errors (see | ||||
| <xref target="RFC7540" sectionFormat="of" section="5.4.1"/>) of type PROTOCOL_E | ||||
| RROR.</t> | ||||
| <t><xref target="RFC7540" format="default"/> permitted renegotiation befor | ||||
| e the HTTP/2 connection preface to | ||||
| provide confidentiality of the client certificate. TLS 1.3 encrypts the client | provide confidentiality of the client certificate. TLS 1.3 encrypts the client | |||
| certificate in the initial handshake, so this is no longer necessary. HTTP/2 | certificate in the initial handshake, so this is no longer necessary. HTTP/2 | |||
| servers MUST NOT send post-handshake TLS 1.3 CertificateRequest messages before | servers <bcp14>MUST NOT</bcp14> send post-handshake TLS 1.3 CertificateRequest m essages before | |||
| the connection preface.</t> | the connection preface.</t> | |||
| <t>The above applies even if the client offered the <spanx style="verb">post_han | <t>The above applies even if the client offered the | |||
| dshake_auth</spanx> TLS | <tt>post_handshake_auth</tt> TLS extension. This extension is advertised | |||
| extension. This extension is advertised independently of the selected ALPN | independently of the selected Application-Layer Protocol Negotiation | |||
| protocol <xref target="RFC7301"/>, so it is not sufficient to resolve the confli | (ALPN) protocol <xref target="RFC7301" format="default"/>, so it is not | |||
| ct with | sufficient to resolve the conflict with HTTP/2. HTTP/2 clients that also | |||
| HTTP/2. HTTP/2 clients that also offer other ALPN protocols, notably HTTP/1.1, | offer other ALPN protocols, notably HTTP/1.1, in a TLS ClientHello | |||
| in a TLS ClientHello MAY include the <spanx style="verb">post_handshake_auth</sp | <bcp14>MAY</bcp14> include the <tt>post_handshake_auth</tt> extension to | |||
| anx> extension to support | support those other protocols. This does not indicate support in | |||
| those other protocols. This does not indicate support in HTTP/2.</t> | HTTP/2.</t> | |||
| </section> | ||||
| </section> | <section anchor="other-post-handshake-tls-messages-in-http2" numbered="true" | |||
| <section anchor="other-post-handshake-tls-messages-in-http2" title="Other Post-H | toc="default"> | |||
| andshake TLS Messages in HTTP/2"> | <name>Other Post-Handshake TLS Messages in HTTP/2</name> | |||
| <t><xref target="RFC8446" format="default"/> defines two other messages th | ||||
| <t><xref target="RFC8446"/> defines two other messages that are exchanged after | at are exchanged after the handshake is | |||
| the handshake is | complete: KeyUpdate and NewSessionTicket.</t> | |||
| complete, KeyUpdate and NewSessionTicket.</t> | <t>KeyUpdate messages only affect TLS itself and do not require any intera | |||
| ction | ||||
| <t>KeyUpdate messages only affect TLS itself and do not require any interaction | with the application protocol. HTTP/2 implementations <bcp14>MUST</bcp14> suppor | |||
| with the application protocol. HTTP/2 implementations MUST support key updates | t key updates | |||
| when TLS 1.3 is negotiated.</t> | when TLS 1.3 is negotiated.</t> | |||
| <t>NewSessionTicket messages are also permitted. Though these interact | ||||
| <t>NewSessionTicket messages are also permitted. Though these interact with HTTP | with HTTP when early data is enabled, these interactions are defined in | |||
| when early data is enabled, these interactions are defined in <xref target="RFC8 | <xref target="RFC8470" format="default"/> and are allowed for in the | |||
| 470"/> and | design of HTTP/2.</t> | |||
| allowed for in the design of HTTP/2.</t> | <t>Unless the use of a new type of TLS message depends on an interaction | |||
| with the application-layer protocol, that TLS message can be sent after | ||||
| <t>Unless the use of a new type of TLS message depends on an interaction with th | the handshake completes.</t> | |||
| e | </section> | |||
| application-layer protocol, that TLS message can be sent after the handshake | <section anchor="security-considerations" numbered="true" toc="default"> | |||
| completes.</t> | <name>Security Considerations</name> | |||
| <t>This document resolves a compatibility concern between HTTP/2 and TLS 1 | ||||
| </section> | .3 when | |||
| <section anchor="security-considerations" title="Security Considerations"> | ||||
| <t>This document resolves a compatibility concern between HTTP/2 and TLS 1.3 whe | ||||
| n | ||||
| supporting post-handshake authentication with HTTP/1.1. This lowers the barrier | supporting post-handshake authentication with HTTP/1.1. This lowers the barrier | |||
| for deploying TLS 1.3, a major security improvement over TLS 1.2.</t> | for deploying TLS 1.3, a major security improvement over TLS 1.2.</t> | |||
| </section> | ||||
| </section> | <section anchor="iana-considerations" numbered="true" toc="default"> | |||
| <section anchor="iana-considerations" title="IANA Considerations"> | <name>IANA Considerations</name> | |||
| <t>This document has no IANA actions.</t> | ||||
| <t>This document has no IANA actions.</t> | </section> | |||
| </section> | ||||
| </middle> | </middle> | |||
| <back> | <back> | |||
| <references> | ||||
| <references title='Normative References'> | <name>References</name> | |||
| <references> | ||||
| <reference anchor="RFC2119" target='https://www.rfc-editor.org/info/rfc2119'> | <name>Normative References</name> | |||
| <front> | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.R | |||
| <title>Key words for use in RFCs to Indicate Requirement Levels</title> | FC.2119.xml"/> | |||
| <author initials='S.' surname='Bradner' fullname='S. Bradner'><organization /></ | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.R | |||
| author> | FC.5246.xml"/> | |||
| <date year='1997' month='March' /> | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.R | |||
| <abstract><t>In many standards track documents several words are used to signify | FC.7230.xml"/> | |||
| the requirements in the specification. These words are often capitalized. This | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.R | |||
| document defines these words as they should be interpreted in IETF documents. | FC.7301.xml"/> | |||
| This document specifies an Internet Best Current Practices for the Internet Comm | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.R | |||
| unity, and requests discussion and suggestions for improvements.</t></abstract> | FC.7540.xml"/> | |||
| </front> | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.R | |||
| <seriesInfo name='BCP' value='14'/> | FC.8446.xml"/> | |||
| <seriesInfo name='RFC' value='2119'/> | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.R | |||
| <seriesInfo name='DOI' value='10.17487/RFC2119'/> | FC.8174.xml"/> | |||
| </reference> | </references> | |||
| <references> | ||||
| <reference anchor="RFC5246" target='https://www.rfc-editor.org/info/rfc5246'> | <name>Informative References</name> | |||
| <front> | <xi:include href="https://xml2rfc.ietf.org/public/rfc/bibxml/reference.R | |||
| <title>The Transport Layer Security (TLS) Protocol Version 1.2</title> | FC.8470.xml"/> | |||
| <author initials='T.' surname='Dierks' fullname='T. Dierks'><organization /></au | </references> | |||
| thor> | ||||
| <author initials='E.' surname='Rescorla' fullname='E. Rescorla'><organization /> | ||||
| </author> | ||||
| <date year='2008' month='August' /> | ||||
| <abstract><t>This document specifies Version 1.2 of the Transport Layer Security | ||||
| (TLS) protocol. The TLS protocol provides communications security over the Int | ||||
| ernet. The protocol allows client/server applications to communicate in a way t | ||||
| hat is designed to prevent eavesdropping, tampering, or message forgery. [STAND | ||||
| ARDS-TRACK]</t></abstract> | ||||
| </front> | ||||
| <seriesInfo name='RFC' value='5246'/> | ||||
| <seriesInfo name='DOI' value='10.17487/RFC5246'/> | ||||
| </reference> | ||||
| <reference anchor="RFC7230" target='https://www.rfc-editor.org/info/rfc7230'> | ||||
| <front> | ||||
| <title>Hypertext Transfer Protocol (HTTP/1.1): Message Syntax and Routing</title | ||||
| > | ||||
| <author initials='R.' surname='Fielding' fullname='R. Fielding' role='editor'><o | ||||
| rganization /></author> | ||||
| <author initials='J.' surname='Reschke' fullname='J. Reschke' role='editor'><org | ||||
| anization /></author> | ||||
| <date year='2014' month='June' /> | ||||
| <abstract><t>The Hypertext Transfer Protocol (HTTP) is a stateless application-l | ||||
| evel protocol for distributed, collaborative, hypertext information systems. Th | ||||
| is document provides an overview of HTTP architecture and its associated termino | ||||
| logy, defines the "http" and "https" Uniform Resource Identi | ||||
| fier (URI) schemes, defines the HTTP/1.1 message syntax and parsing requirements | ||||
| , and describes related security concerns for implementations.</t></abstract> | ||||
| </front> | ||||
| <seriesInfo name='RFC' value='7230'/> | ||||
| <seriesInfo name='DOI' value='10.17487/RFC7230'/> | ||||
| </reference> | ||||
| <reference anchor="RFC7301" target='https://www.rfc-editor.org/info/rfc7301'> | ||||
| <front> | ||||
| <title>Transport Layer Security (TLS) Application-Layer Protocol Negotiation Ext | ||||
| ension</title> | ||||
| <author initials='S.' surname='Friedl' fullname='S. Friedl'><organization /></au | ||||
| thor> | ||||
| <author initials='A.' surname='Popov' fullname='A. Popov'><organization /></auth | ||||
| or> | ||||
| <author initials='A.' surname='Langley' fullname='A. Langley'><organization /></ | ||||
| author> | ||||
| <author initials='E.' surname='Stephan' fullname='E. Stephan'><organization /></ | ||||
| author> | ||||
| <date year='2014' month='July' /> | ||||
| <abstract><t>This document describes a Transport Layer Security (TLS) extension | ||||
| for application-layer protocol negotiation within the TLS handshake. For instanc | ||||
| es in which multiple application protocols are supported on the same TCP or UDP | ||||
| port, this extension allows the application layer to negotiate which protocol wi | ||||
| ll be used within the TLS connection.</t></abstract> | ||||
| </front> | ||||
| <seriesInfo name='RFC' value='7301'/> | ||||
| <seriesInfo name='DOI' value='10.17487/RFC7301'/> | ||||
| </reference> | ||||
| <reference anchor="RFC7540" target='https://www.rfc-editor.org/info/rfc7540'> | ||||
| <front> | ||||
| <title>Hypertext Transfer Protocol Version 2 (HTTP/2)</title> | ||||
| <author initials='M.' surname='Belshe' fullname='M. Belshe'><organization /></au | ||||
| thor> | ||||
| <author initials='R.' surname='Peon' fullname='R. Peon'><organization /></author | ||||
| > | ||||
| <author initials='M.' surname='Thomson' fullname='M. Thomson' role='editor'><org | ||||
| anization /></author> | ||||
| <date year='2015' month='May' /> | ||||
| <abstract><t>This specification describes an optimized expression of the semanti | ||||
| cs of the Hypertext Transfer Protocol (HTTP), referred to as HTTP version 2 (HTT | ||||
| P/2). HTTP/2 enables a more efficient use of network resources and a reduced pe | ||||
| rception of latency by introducing header field compression and allowing multipl | ||||
| e concurrent exchanges on the same connection. It also introduces unsolicited p | ||||
| ush of representations from servers to clients.</t><t>This specification is an a | ||||
| lternative to, but does not obsolete, the HTTP/1.1 message syntax. HTTP's exist | ||||
| ing semantics remain unchanged.</t></abstract> | ||||
| </front> | ||||
| <seriesInfo name='RFC' value='7540'/> | ||||
| <seriesInfo name='DOI' value='10.17487/RFC7540'/> | ||||
| </reference> | ||||
| <reference anchor="RFC8446" target='https://www.rfc-editor.org/info/rfc8446'> | ||||
| <front> | ||||
| <title>The Transport Layer Security (TLS) Protocol Version 1.3</title> | ||||
| <author initials='E.' surname='Rescorla' fullname='E. Rescorla'><organization /> | ||||
| </author> | ||||
| <date year='2018' month='August' /> | ||||
| <abstract><t>This document specifies version 1.3 of the Transport Layer Security | ||||
| (TLS) protocol. TLS allows client/server applications to communicate over the | ||||
| Internet in a way that is designed to prevent eavesdropping, tampering, and mess | ||||
| age forgery.</t><t>This document updates RFCs 5705 and 6066, and obsoletes RFCs | ||||
| 5077, 5246, and 6961. This document also specifies new requirements for TLS 1.2 | ||||
| implementations.</t></abstract> | ||||
| </front> | ||||
| <seriesInfo name='RFC' value='8446'/> | ||||
| <seriesInfo name='DOI' value='10.17487/RFC8446'/> | ||||
| </reference> | ||||
| <reference anchor="RFC8174" target='https://www.rfc-editor.org/info/rfc8174'> | ||||
| <front> | ||||
| <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title> | ||||
| <author initials='B.' surname='Leiba' fullname='B. Leiba'><organization /></auth | ||||
| or> | ||||
| <date year='2017' month='May' /> | ||||
| <abstract><t>RFC 2119 specifies common key words that may be used in protocol s | ||||
| pecifications. This document aims to reduce the ambiguity by clarifying that on | ||||
| ly UPPERCASE usage of the key words have the defined special meanings.</t></abs | ||||
| tract> | ||||
| </front> | ||||
| <seriesInfo name='BCP' value='14'/> | ||||
| <seriesInfo name='RFC' value='8174'/> | ||||
| <seriesInfo name='DOI' value='10.17487/RFC8174'/> | ||||
| </reference> | ||||
| </references> | ||||
| <references title='Informative References'> | ||||
| <reference anchor="RFC8470" target='https://www.rfc-editor.org/info/rfc8470'> | ||||
| <front> | ||||
| <title>Using Early Data in HTTP</title> | ||||
| <author initials='M.' surname='Thomson' fullname='M. Thomson'><organization /></ | ||||
| author> | ||||
| <author initials='M.' surname='Nottingham' fullname='M. Nottingham'><organizatio | ||||
| n /></author> | ||||
| <author initials='W.' surname='Tarreau' fullname='W. Tarreau'><organization /></ | ||||
| author> | ||||
| <date year='2018' month='September' /> | ||||
| <abstract><t>Using TLS early data creates an exposure to the possibility of a re | ||||
| play attack. This document defines mechanisms that allow clients to communicate | ||||
| with servers about HTTP requests that are sent in early data. Techniques are d | ||||
| escribed that use these mechanisms to mitigate the risk of replay.</t></abstract | ||||
| > | ||||
| </front> | ||||
| <seriesInfo name='RFC' value='8470'/> | ||||
| <seriesInfo name='DOI' value='10.17487/RFC8470'/> | ||||
| </reference> | ||||
| </references> | </references> | |||
| </back> | </back> | |||
| <!-- ##markdown-source: | ||||
| H4sIAHHHqF0AA61Y73PbuBH9jr8CTb/c3UiyJTvNRe1kzme7Z09ly5Xl6XTa | ||||
| jg8iVxLOFMECoBU1k/+9bwGQopT02g/NZCKQxI/dt2/fLtLv94XXvqCxfHK6 | ||||
| XMn55FEOB2dyq/1a3sznDycjkZusVBtMya1a+r4mv+yvva8W2oXfUd8XbnjW | ||||
| Pz0TmfK0MnY3ls7noq5yPLuxfPf2/FQIXdmx9LZ2fnR6+v50JJQlNZYXVVVo | ||||
| LNSmdFKVuZyRKvpzvSGxNfZlZU1djYMtQlR6LP/mTdaTzlhvaekw2m148A/h | ||||
| PFY/q8KUsHVHTghV+7WxYyH7QsY/uoQ5VwP5I5W/qI0um/fRwSv1qvMvvhm7 | ||||
| UqX+V7BwLH8yZlWQnEwum++0UboAOrx4QeUPqzBjkJmNEKWxGyx8JRghZ3+8 | ||||
| HA2H79Pw7ej8d2n4bnR22gzPTofNEKil4ffnPFfocnm03/fn7zBHiH6/L9XC | ||||
| easyL8R8rZ1E2OoNlV6mMPD0EAm52Enss9B53g15ZZzvrwGhW6sXCthhdYpM | ||||
| TyoODv4C35X0RuKrpI/a+f0eI2mpRPy9DmvwBIN0xuNBNLE0np7v+R9vnhHn | ||||
| nCzC9B1bdn11O5/OxrIqSDnC2o15JZwCTxyFPeSCYDbJql40hPlOiCvtsto5 | ||||
| /m6WcX7gqfTwwmE7lZHER7aXSSSZVGxzIJbk2PFTAU/ENy23+9vVD9uzAUL/ | ||||
| bU9u1zpbS2ysbLYG9rlUXv6Bp7nxyQmvdIM4+eQiznAnD8HIk+6GJx+Awl/S | ||||
| 6T+F09uAwsBMsYeITF0eHsC/21XY/sPvQfzaZiQyk1PIFu1cDT/ZCo5qF4Gj | ||||
| HUW74wrZXS+YoWnz8NOnj55KRtKdFGpBhTvppPeHFMINaFOQEL+Vt6W3Jq9D | ||||
| bMC5RIFPnxK3P38O9pGyhSYrXV1VyNlDioBWckMZWKfdJpjP4xUAEpWyyEkP | ||||
| goRtXmiHYCrrt2oHH4Heao3FmSnLyI6BDKzfgqfOYCH0w8naIVjeCL0BrUIy | ||||
| QHIyzh+ZwSo8H9IcAYmqNxwMoyecmp8/MwfIMh1JOLKv8CenTOc4Ah/w1nJK | ||||
| WPonQuHZrLh5RtbrJe9NcqHYlg4RRZoOXKPQpgORoYBuUxdew+iPOKIZR/6m | ||||
| ZU4aNkNJ1m182yPREy1hdYkYV3BtgRlB0/n0PeJqgU0G8jKY65gwyFBsZS0V | ||||
| bDT723Wi8bDdqmtRyhOk/GoFsEBNz0GpodGP0TLxfjACsMjTrqtRi9whMwYN | ||||
| o87iXFZAzG20rGFbQD0oxaH0II5L9Qo+4SxHzCVP4lDhjkOfWJaO2IPk2AnO | ||||
| IrthGq9RtVwkAvgpK2uA7cZFSPZRy/kLKpUp4P6i9gEtvFrrhW4s7IAgTFns | ||||
| pOJSyLubryvq4D9JeyIQ1jm90QVSrpH4/03esTESeoY4ahvyxMkJ8rBWK+Ij | ||||
| KQAD4USU3tw9Pc7f9OKvvJ+G8ez6z0+3s+srHj/eXEwm7aCZ8XgzfZrgu0ij | ||||
| /crL6d3d9f1VXIy38ujV3cVf8cPReTN9mN9O7y8mbxg9FjrRIqE4Ow3LnS4h | ||||
| GpWFdORctJCjmdULpmMpf7x8kMPzCDyXYjDq06ffML2G784RBSRzGc8K8YiP | ||||
| ACqEBkrGe6iiQKJU2isOLcvN2mxLyfoQYXxgpG9aml18XWFGbdpHQXGyARQv | ||||
| YMARWZswXu6zcZbSDkLnECg3aDbMUjqHDdEloZi4GpnZTGSj93IhyVqD479x | ||||
| RE2iyreD88FQHCbqt6HA7iqSD7PpfHo5nfz9+Xo2m87gdjefK7Ib7Rn+w5xM | ||||
| 5buRDTZ0bwQCtuRKDbFGlqCTCoq2xC+gU4X2u1je6SvaOmjRoTKzu8q7zsQD | ||||
| /dJRfnWpeVPZwsv9ZKyc+FsaiR4SEiZhHENmd4MmZv+vWCUwRLDzCxQGMemC | ||||
| OreiQK8E9hxgYJbLILT86mc24rk14pkT/Gc2RbRlPZXI9jm0NPkrW+lCfuRU | ||||
| wR3sXLRoOypgG75eTB7uRaNpiRboVbk2AjvtI3LMtCVcDuYFcXameI1B53ii | ||||
| J4rVI3F1II8469dgKzLLROekCcWVD+8KKg5SCxjZ1Oqe4MQMwMdadkNFYSSk | ||||
| g0tgUef0Kxjt8WD9jG0KAmPQhcbT24MTgLmh6CsQi7xqmps2uaMSTMPyIz1g | ||||
| I+8aGnTUoFvmclrqkgvB1iQbWuJEgCw336FXYpVbem5A4OCeg9BGLv0FZLAn | ||||
| /0S7p1jVWNruaftIoWOe6+yFuAHZT2jPiQUJMUDA2GTtQYVl2CA3wXsbywVe | ||||
| 7aLoqljk2+ZA7W92LYZtwNuWLN38QkY1OO7rsAua3KYUkyxJCuUw/NiXjsax | ||||
| ZcyjVo44eqFthG2OWpP3d914FIXqibMVn0YliEZ572hRvKziiBipvC3nfCGL | ||||
| na9AoTBbfOK2NgkPipFehYtKS5OnsoDJ4WvNjAPEcHEbhRZP7HlySsb85Njw | ||||
| XaxjS9uQiQ7m/ULtOuztRep090sXBBcK6JckahnkIp1RHGrLSnwJ76HMNobu | ||||
| uClJOe9Cex67Tx0EHAIAMeYj/ZaoYX6gVPv/DoiASCzga9Kvt2z7/6WABqTk | ||||
| ZMxtxHOhrMXVQ3AAAF1hdp37brh6qF/wyTVugZIoPfGeEJrr1IRF728v7i/+ | ||||
| i+drFapHmJlIkm5NC5W9iH8DTXowSW4RAAA= | ||||
| </rfc> | </rfc> | |||
| End of changes. 28 change blocks. | ||||
| 330 lines changed or deleted | 124 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||