<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE rfc SYSTEM 'rfc2629.dtd' []> version='1.0' encoding='utf-8'?>
<rfc ipr="trust200902" xmlns:xi="http://www.w3.org/2001/XInclude" version="3" category="std" consensus="true" docName="draft-ietf-uta-tls-for-email-05" indexInclude="true" ipr="trust200902" number="8997" prepTime="2021-03-22T15:07:13" scripts="Common,Latin" sortRefs="true" submissionType="IETF" symRefs="true" tocDepth="3" tocInclude="true" updates="8314" docName="draft-ietf-uta-tls-for-email-05">
<?rfc toc="yes"?>
<?rfc symrefs="yes"?>
<?rfc sortrefs="yes"?>
<?rfc compact="yes"?>
<?rfc subcompact="no"?>
<?rfc private=""?>
<?rfc topblock="yes"?>
<?rfc comments="no"?> xml:lang="en">
<link href="https://datatracker.ietf.org/doc/draft-ietf-uta-tls-for-email-05" rel="prev"/>
<link href="https://dx.doi.org/10.17487/rfc8997" rel="alternate"/>
<link href="urn:issn:2070-1721" rel="alternate"/>
<front>
<title abbrev="TLS For Email ">Deprecation of use Email">Deprecation of TLS 1.1 for Email Submission and Access</title>
<seriesInfo name="RFC" value="8997" stream="IETF"/>
<author initials="L." surname="Velvindron" fullname="Loganaden Velvindron">
<organization>cyberstorm.mu</organization>
<organization showOnFrontPage="true">cyberstorm.mu</organization>
<address>
<postal>
<street>88 Avenue De Plevitz Roches Brunes</street>
<city>Rose Hill</city>
<code>71259</code>
<country>Mauritius</country>
</postal>
<phone>+230 59762817</phone>
<email>logan@cyberstorm.mu</email>
<uri></uri>
<uri/>
</address>
</author>
<author fullname="Stephen Farrell" initials="S." surname="Farrell">
<organization>Trinity
<organization showOnFrontPage="true">Trinity College Dublin</organization>
<address>
<postal>
<street/>
<city>Dublin</city>
<region/>
<code>2</code>
<country>Ireland</country>
</postal>
<phone>+353-1-896-2354</phone>
<email>stephen.farrell@cs.tcd.ie</email>
</address>
</author>
<date year="2020" month="March" day="24"/> month="03" year="2021"/>
<area>Internet</area>
<workgroup></workgroup>
<keyword></keyword>
<abstract>
<t>This
<workgroup/>
<abstract pn="section-abstract">
<t indent="0" pn="section-abstract-1">This specification updates the current recommendation for the use of
the Transport Layer Security (TLS) protocol to provide confidentiality of email
between a Mail User Agent (MUA) and a Mail Submission Server or Mail Access
Server. This document updates RFC8314.
</t> RFC 8314.</t>
</abstract>
<boilerplate>
<section anchor="status-of-memo" numbered="false" removeInRFC="false" toc="exclude" pn="section-boilerplate.1">
<name slugifiedName="name-status-of-this-memo">Status of This Memo</name>
<t indent="0" pn="section-boilerplate.1-1">
This is an Internet Standards Track document.
</t>
<t indent="0" pn="section-boilerplate.1-2">
This document is a product of the Internet Engineering Task Force
(IETF). It represents the consensus of the IETF community. It has
received public review and has been approved for publication by
the Internet Engineering Steering Group (IESG). Further
information on Internet Standards is available in Section 2 of
RFC 7841.
</t>
<t indent="0" pn="section-boilerplate.1-3">
Information about the current status of this document, any
errata, and how to provide feedback on it may be obtained at
<eref target="https://www.rfc-editor.org/info/rfc8997" brackets="none"/>.
</t>
</section>
<section anchor="copyright" numbered="false" removeInRFC="false" toc="exclude" pn="section-boilerplate.2">
<name slugifiedName="name-copyright-notice">Copyright Notice</name>
<t indent="0" pn="section-boilerplate.2-1">
Copyright (c) 2021 IETF Trust and the persons identified as the
document authors. All rights reserved.
</t>
<t indent="0" pn="section-boilerplate.2-2">
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(<eref target="https://trustee.ietf.org/license-info" brackets="none"/>) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with
respect to this document. Code Components extracted from this
document must include Simplified BSD License text as described in
Section 4.e of the Trust Legal Provisions and are provided without
warranty as described in the Simplified BSD License.
</t>
</section>
</boilerplate>
<toc>
<section anchor="toc" numbered="false" removeInRFC="false" toc="exclude" pn="section-toc.1">
<name slugifiedName="name-table-of-contents">Table of Contents</name>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="section-toc.1-1">
<li pn="section-toc.1-1.1">
<t indent="0" keepWithNext="true" pn="section-toc.1-1.1.1"><xref derivedContent="1" format="counter" sectionFormat="of" target="section-1"/>. <xref derivedContent="" format="title" sectionFormat="of" target="name-introduction">Introduction</xref></t>
</li>
<li pn="section-toc.1-1.2">
<t indent="0" keepWithNext="true" pn="section-toc.1-1.2.1"><xref derivedContent="2" format="counter" sectionFormat="of" target="section-2"/>. <xref derivedContent="" format="title" sectionFormat="of" target="name-conventions-used-in-this-do">Conventions Used in This Document</xref></t>
</li>
<li pn="section-toc.1-1.3">
<t indent="0" keepWithNext="true" pn="section-toc.1-1.3.1"><xref derivedContent="3" format="counter" sectionFormat="of" target="section-3"/>. <xref derivedContent="" format="title" sectionFormat="of" target="name-updates-to-rfc-8314">Updates to RFC 8314</xref></t>
</li>
<li pn="section-toc.1-1.4">
<t indent="0" pn="section-toc.1-1.4.1"><xref derivedContent="4" format="counter" sectionFormat="of" target="section-4"/>. <xref derivedContent="" format="title" sectionFormat="of" target="name-iana-considerations">IANA Considerations</xref></t>
</li>
<li pn="section-toc.1-1.5">
<t indent="0" pn="section-toc.1-1.5.1"><xref derivedContent="5" format="counter" sectionFormat="of" target="section-5"/>. <xref derivedContent="" format="title" sectionFormat="of" target="name-security-considerations">Security Considerations</xref></t>
</li>
<li pn="section-toc.1-1.6">
<t indent="0" pn="section-toc.1-1.6.1"><xref derivedContent="6" format="counter" sectionFormat="of" target="section-6"/>. <xref derivedContent="" format="title" sectionFormat="of" target="name-references">References</xref></t>
<ul bare="true" empty="true" indent="2" spacing="compact" pn="section-toc.1-1.6.2">
<li pn="section-toc.1-1.6.2.1">
<t indent="0" pn="section-toc.1-1.6.2.1.1"><xref derivedContent="6.1" format="counter" sectionFormat="of" target="section-6.1"/>. <xref derivedContent="" format="title" sectionFormat="of" target="name-normative-references">Normative References</xref></t>
</li>
<li pn="section-toc.1-1.6.2.2">
<t indent="0" pn="section-toc.1-1.6.2.2.1"><xref derivedContent="6.2" format="counter" sectionFormat="of" target="section-6.2"/>. <xref derivedContent="" format="title" sectionFormat="of" target="name-informative-references">Informative References</xref></t>
</li>
</ul>
</li>
<li pn="section-toc.1-1.7">
<t indent="0" pn="section-toc.1-1.7.1"><xref derivedContent="" format="none" sectionFormat="of" target="section-appendix.a"/><xref derivedContent="" format="title" sectionFormat="of" target="name-acknowledgements">Acknowledgements</xref></t>
</li>
<li pn="section-toc.1-1.8">
<t indent="0" pn="section-toc.1-1.8.1"><xref derivedContent="" format="none" sectionFormat="of" target="section-appendix.b"/><xref derivedContent="" format="title" sectionFormat="of" target="name-authors-addresses">Authors' Addresses</xref></t>
</li>
</ul>
</section>
</toc>
</front>
<middle>
<section anchor="introduction" title="Introduction">
<t><xref target="RFC8314"/> numbered="true" toc="include" removeInRFC="false" pn="section-1">
<name slugifiedName="name-introduction">Introduction</name>
<t indent="0" pn="section-1-1"><xref target="RFC8314" format="default" sectionFormat="of" derivedContent="RFC8314"/> defines the minimum
recommended version for of TLS as version 1.1. Due to the deprecation of
TLS 1.1 in <xref target="I-D.ietf-tls-oldversions-deprecate"></xref>, target="RFC8996" format="default" sectionFormat="of" derivedContent="RFC8996"/>, this recommendation is no longer valid. Therefore Therefore,
this document updates <xref target="RFC8314"/> target="RFC8314" format="default" sectionFormat="of" derivedContent="RFC8314"/> so that
the minimum version for TLS is TLS 1.2.
</t> 1.2.</t>
</section>
<section title="Conventions numbered="true" toc="include" removeInRFC="false" pn="section-2">
<name slugifiedName="name-conventions-used-in-this-do">Conventions Used in This Document">
<t> Document</name>
<t indent="0" pn="section-2-1">
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "OPTIONAL" "<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as
described in BCP 14 <xref target="RFC2119"/> when target="RFC2119" format="default" sectionFormat="of" derivedContent="RFC2119"/> <xref target="RFC8174" format="default" sectionFormat="of" derivedContent="RFC8174"/>
when, and only when, they appear in ALL CAPS. These words may also appear in this document in
lower case all capitals, as plain English words, absent their normative meanings. shown here.
</t>
</section>
<section anchor="update" title="Updates to RFC8314">
<t>OLD: </t>
<t>"4.1. numbered="true" toc="include" removeInRFC="false" pn="section-3">
<name slugifiedName="name-updates-to-rfc-8314">Updates to RFC 8314</name>
<t indent="0" pn="section-3-1">OLD:</t>
<blockquote pn="section-3-2">4.1. Deprecation of Services Using Cleartext and TLS Versions Less
Than 1.1"</t>
<t>NEW:</t>
<t>"4.1. 1.1</blockquote>
<t indent="0" pn="section-3-3">NEW:</t>
<blockquote pn="section-3-4">4.1. Deprecation of Services Using Cleartext and TLS Versions Less
Than 1.2"
</t>
<t>OLD:</t>
<t>
"As 1.2</blockquote>
<t indent="0" pn="section-3-5">OLD:</t>
<blockquote pn="section-3-6">As soon as practicable, MSPs currently supporting Secure Sockets
Layer (SSL) 2.x, SSL 3.0, or TLS 1.0 SHOULD <bcp14>SHOULD</bcp14> transition their users
to TLS 1.1 or later and discontinue support for those earlier
versions of SSL and TLS."
</t>
<t>NEW:</t>
<t>
"As TLS.</blockquote>
<t indent="0" pn="section-3-7">NEW:</t>
<blockquote pn="section-3-8">As soon as practicable, MSPs currently supporting Secure
Sockets Layer (SSL) 2.x, SSL 3.0, TLS 1.0 1.0, or TLS 1.1 SHOULD
<bcp14>SHOULD</bcp14> transition their users to TLS 1.2 or later and
discontinue support for those earlier versions of SSL and TLS."
</t>
<t>
In Section 4.1,
TLS.</blockquote>
<t indent="0" pn="section-3-9">In <xref target="RFC8314" sectionFormat="of" section="4.1" format="default" derivedLink="https://rfc-editor.org/rfc/rfc8314#section-4.1" derivedContent="RFC8314"/>, the
text should be revised from:
</t>
<t> from:</t>
<t indent="0" pn="section-3-10"> OLD:</t>
<t>
One
<blockquote pn="section-3-11">One way is for the server to
refuse a ClientHello message from any client sending a
ClientHello.version field corresponding to any version of SSL or
TLS 1.0.
</t>
<t>NEW:</t>
<t> 1.0.</blockquote>
<t indent="0" pn="section-3-12">NEW:</t>
<blockquote pn="section-3-13">
One way is for the server to
refuse a ClientHello message from any client sending a
ClientHello.version field corresponding to any version of SSL or
TLS earlier than TLS1.2.
</t>
<t> TLS 1.2.</blockquote>
<t indent="0" pn="section-3-14"> OLD:</t>
<t>
"It
<blockquote pn="section-3-15">It is RECOMMENDED <bcp14>RECOMMENDED</bcp14> that new users be required
to use TLS version 1.1 or greater from the start. However, an MSP may
find it necessary to make exceptions to accommodate some legacy systems
that support only earlier versions of TLS or only cleartext."
</t>
<t>NEW:</t>
<t>
"It
cleartext.</blockquote>
<t indent="0" pn="section-3-16">NEW:</t>
<blockquote pn="section-3-17">It is RECOMMENDED <bcp14>RECOMMENDED</bcp14> that new users be required
to use TLS version 1.2 or greater from the start. However, an MSP may
find it necessary to make exceptions to accommodate some legacy systems
that support only earlier versions of TLS or only cleartext."
</t>
<t>OLD:</t>
<t>
"
If,
cleartext.</blockquote>
<t indent="0" pn="section-3-18">OLD:</t>
<blockquote pn="section-3-19">If, however, an MUA provides such an indication, it
MUST NOT
<bcp14>MUST NOT</bcp14> indicate confidentiality for any connection that does not
at least use TLS 1.1 with certificate verification and also meet
the minimum confidentiality requirements associated with that
account.
"
</t>
<t>NEW:</t>
<t>
"
If,
account.</blockquote>
<t indent="0" pn="section-3-20">NEW:</t>
<blockquote pn="section-3-21">If, however, an MUA provides such an indication, it
MUST NOT
<bcp14>MUST NOT</bcp14> indicate confidentiality for any connection that does not
at least use TLS 1.2 with certificate verification and also meet
the minimum confidentiality requirements associated with that
account.
"
</t>
<t>OLD</t>
<t>
"
MUAs MUST
account.</blockquote>
<t indent="0" pn="section-3-22">OLD</t>
<blockquote pn="section-3-23">MUAs <bcp14>MUST</bcp14> implement TLS 1.2 <xref target="RFC5246"/> target="RFC5246" format="default" sectionFormat="of" derivedContent="RFC5246"/> or later. Earlier TLS and
SSL versions MAY <bcp14>MAY</bcp14> also be supported, so long as the MUA requires at
least TLS 1.1 <xref target="RFC4346"/> target="RFC4346" format="default" sectionFormat="of" derivedContent="RFC4346"/> when accessing accounts that are
configured to impose minimum confidentiality requirements.
"
</t>
<t>NEW:</t>
<t>
"
MUAs MUST requirements.</blockquote>
<t indent="0" pn="section-3-24">NEW:</t>
<blockquote pn="section-3-25">MUAs <bcp14>MUST</bcp14> implement TLS 1.2 <xref target="RFC5246"/> target="RFC5246" format="default" sectionFormat="of" derivedContent="RFC5246"/> or later e.g later, e.g., TLS 1.3 <xref target="RFC8446"/>. target="RFC8446" format="default" sectionFormat="of" derivedContent="RFC8446"/>. Earlier TLS and
SSL versions MAY <bcp14>MAY</bcp14> also be supported, so long as the MUA requires at
least TLS 1.2 <xref target="RFC5246"/> target="RFC5246" format="default" sectionFormat="of" derivedContent="RFC5246"/> when accessing accounts that are
configured to impose minimum confidentiality requirements.
"
</t>
<t>OLD:</t>
<t>
"
The requirements.</blockquote>
<t indent="0" pn="section-3-26">OLD:</t>
<blockquote pn="section-3-27">The default minimum expected level of confidentiality for all new
accounts MUST <bcp14>MUST</bcp14> require successful validation of the server's
certificate and SHOULD <bcp14>SHOULD</bcp14> require negotiation of TLS version 1.1 or
greater. (Future revisions to this specification may raise these
requirements or impose additional requirements to address newly
discovered weaknesses in protocols or cryptographic algorithms.
"
</t>
<t>NEW:</t>
<t>
"
The algorithms.)</blockquote>
<t indent="0" pn="section-3-28">NEW:</t>
<blockquote pn="section-3-29">The default minimum expected level of confidentiality for all new
accounts MUST <bcp14>MUST</bcp14> require successful validation of the server's
certificate and SHOULD <bcp14>SHOULD</bcp14> require negotiation of TLS version 1.2 or
greater. (Future revisions to this specification may raise these
requirements or impose additional requirements to address newly
discovered weaknesses in protocols or cryptographic algorithms.
"
</t> algorithms.)</blockquote>
</section>
<section anchor="iana-considerations" title="IANA Considerations">
<t>None of the proposed measures have an impact on IANA.
</t> numbered="true" toc="include" removeInRFC="false" pn="section-4">
<name slugifiedName="name-iana-considerations">IANA Considerations</name>
<t indent="0" pn="section-4-1">This document has no IANA actions.</t>
</section>
<section anchor="security-considerations" title="Security Considerations">
<t>The numbered="true" toc="include" removeInRFC="false" pn="section-5">
<name slugifiedName="name-security-considerations">Security Considerations</name>
<t indent="0" pn="section-5-1">The purpose of this document is to document updated recommendations
for using TLS with Email email services. Those recommendations are based on
<xref target="I-D.ietf-tls-oldversions-deprecate"></xref>.
</t> target="RFC8996" format="default" sectionFormat="of" derivedContent="RFC8996"/>.</t>
</section>
</middle>
<back>
<references pn="section-6">
<name slugifiedName="name-references">References</name>
<references pn="section-6.1">
<name slugifiedName="name-normative-references">Normative References</name>
<reference anchor="RFC2119" target="https://www.rfc-editor.org/info/rfc2119" quoteTitle="true" derivedAnchor="RFC2119">
<front>
<title>Key words for use in RFCs to Indicate Requirement Levels</title>
<author initials="S." surname="Bradner" fullname="S. Bradner">
<organization showOnFrontPage="true"/>
</author>
<date year="1997" month="March"/>
<abstract>
<t indent="0">In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="14"/>
<seriesInfo name="RFC" value="2119"/>
<seriesInfo name="DOI" value="10.17487/RFC2119"/>
</reference>
<reference anchor="RFC5246" target="https://www.rfc-editor.org/info/rfc5246" quoteTitle="true" derivedAnchor="RFC5246">
<front>
<title>The Transport Layer Security (TLS) Protocol Version 1.2</title>
<author initials="T." surname="Dierks" fullname="T. Dierks">
<organization showOnFrontPage="true"/>
</author>
<author initials="E." surname="Rescorla" fullname="E. Rescorla">
<organization showOnFrontPage="true"/>
</author>
<date year="2008" month="August"/>
<abstract>
<t indent="0">This document specifies Version 1.2 of the Transport Layer Security (TLS) protocol. The TLS protocol provides communications security over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery. [STANDARDS-TRACK]</t>
</abstract>
</front>
<seriesInfo name="RFC" value="5246"/>
<seriesInfo name="DOI" value="10.17487/RFC5246"/>
</reference>
<reference anchor="RFC8174" target="https://www.rfc-editor.org/info/rfc8174" quoteTitle="true" derivedAnchor="RFC8174">
<front>
<title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
<author initials="B." surname="Leiba" fullname="B. Leiba">
<organization showOnFrontPage="true"/>
</author>
<date year="2017" month="May"/>
<abstract>
<t indent="0">RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t>
</abstract>
</front>
<seriesInfo name="BCP" value="14"/>
<seriesInfo name="RFC" value="8174"/>
<seriesInfo name="DOI" value="10.17487/RFC8174"/>
</reference>
<reference anchor="RFC8314" target="https://www.rfc-editor.org/info/rfc8314" quoteTitle="true" derivedAnchor="RFC8314">
<front>
<title>Cleartext Considered Obsolete: Use of Transport Layer Security (TLS) for Email Submission and Access</title>
<author initials="K." surname="Moore" fullname="K. Moore">
<organization showOnFrontPage="true"/>
</author>
<author initials="C." surname="Newman" fullname="C. Newman">
<organization showOnFrontPage="true"/>
</author>
<date year="2018" month="January"/>
<abstract>
<t indent="0">This specification outlines current recommendations for the use of Transport Layer Security (TLS) to provide confidentiality of email traffic between a Mail User Agent (MUA) and a Mail Submission Server or Mail Access Server. This document updates RFCs 1939, 2595, 3501, 5068, 6186, and 6409.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="8314"/>
<seriesInfo name="DOI" value="10.17487/RFC8314"/>
</reference>
<reference anchor="RFC8446" target="https://www.rfc-editor.org/info/rfc8446" quoteTitle="true" derivedAnchor="RFC8446">
<front>
<title>The Transport Layer Security (TLS) Protocol Version 1.3</title>
<author initials="E." surname="Rescorla" fullname="E. Rescorla">
<organization showOnFrontPage="true"/>
</author>
<date year="2018" month="August"/>
<abstract>
<t indent="0">This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery.</t>
<t indent="0">This document updates RFCs 5705 and 6066, and obsoletes RFCs 5077, 5246, and 6961. This document also specifies new requirements for TLS 1.2 implementations.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="8446"/>
<seriesInfo name="DOI" value="10.17487/RFC8446"/>
</reference>
<reference anchor="RFC8996" target="https://www.rfc-editor.org/info/rfc8996" quoteTitle="true" derivedAnchor="RFC8996">
<front>
<title>Deprecating TLS 1.0 and TLS 1.1</title>
<author initials="K" surname="Moriarty" fullname="Kathleen Moriarty">
<organization showOnFrontPage="true">Dell EMC</organization>
</author>
<author initials="S" surname="Farrell" fullname="Stephen Farrell">
<organization showOnFrontPage="true">Trinity College Dublin</organization>
</author>
<date month="March" year="2021"/>
</front>
<seriesInfo name="RFC" value="8996"/>
<seriesInfo name="DOI" value="10.17487/RFC8996"/>
</reference>
</references>
<references pn="section-6.2">
<name slugifiedName="name-informative-references">Informative References</name>
<reference anchor="RFC4346" target="https://www.rfc-editor.org/info/rfc4346" quoteTitle="true" derivedAnchor="RFC4346">
<front>
<title>The Transport Layer Security (TLS) Protocol Version 1.1</title>
<author initials="T." surname="Dierks" fullname="T. Dierks">
<organization showOnFrontPage="true"/>
</author>
<author initials="E." surname="Rescorla" fullname="E. Rescorla">
<organization showOnFrontPage="true"/>
</author>
<date year="2006" month="April"/>
<abstract>
<t indent="0">This document specifies Version 1.1 of the Transport Layer Security (TLS) protocol. The TLS protocol provides communications security over the Internet. The protocol allows client/server applications to communicate in a way that is designed to prevent eavesdropping, tampering, or message forgery.</t>
</abstract>
</front>
<seriesInfo name="RFC" value="4346"/>
<seriesInfo name="DOI" value="10.17487/RFC4346"/>
</reference>
</references>
</references>
<section anchor="Acknowledgement" title="Acknowledgement">
<t>The numbered="false" toc="include" removeInRFC="false" pn="section-appendix.a">
<name slugifiedName="name-acknowledgements">Acknowledgements</name>
<t indent="0" pn="section-appendix.a-1">The authors would like to thank Vittorio Bertola <contact fullname="Vittorio Bertola"/> and
Viktor Dukhovni <contact fullname="Viktor Dukhovni"/> for their feedback.
</t>
feedback.</t>
</section>
<section anchor="authors-addresses" numbered="false" removeInRFC="false" toc="include" pn="section-appendix.b">
<name slugifiedName="name-authors-addresses">Authors' Addresses</name>
<author initials="L." surname="Velvindron" fullname="Loganaden Velvindron">
<organization showOnFrontPage="true">cyberstorm.mu</organization>
<address>
<postal>
<street>88 Avenue De Plevitz Roches Brunes</street>
<city>Rose Hill</city>
<code>71259</code>
<country>Mauritius</country>
</postal>
<phone>+230 59762817</phone>
<email>logan@cyberstorm.mu</email>
<uri/>
</address>
</author>
<author fullname="Stephen Farrell" initials="S." surname="Farrell">
<organization showOnFrontPage="true">Trinity College Dublin</organization>
<address>
<postal>
<street/>
<city>Dublin</city>
<region/>
<code>2</code>
<country>Ireland</country>
</postal>
<phone>+353-1-896-2354</phone>
<email>stephen.farrell@cs.tcd.ie</email>
</address>
</author>
</section>
</middle>
<back>
<references title="Informative References">
<?rfc include="http://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.4346.xml"?>
</references>
<references title="Normative References">
<?rfc include="http://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8314.xml"?>
<?rfc include="http://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.2119.xml"?>
<?rfc include="http://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.8446.xml"?>
<?rfc include="http://xml2rfc.ietf.org/public/rfc/bibxml/reference.RFC.5246.xml"?>
<?rfc include="http://xml2rfc.tools.ietf.org/public/rfc/bibxml-ids/reference.I-D.ietf-tls-oldversions-deprecate.xml"?>
</references>
</back>
</rfc>