| draft-ietf-quic-tls-21.txt | draft-ietf-quic-tls-22.txt | |||
|---|---|---|---|---|
| QUIC M. Thomson, Ed. | QUIC M. Thomson, Ed. | |||
| Internet-Draft Mozilla | Internet-Draft Mozilla | |||
| Intended status: Standards Track S. Turner, Ed. | Intended status: Standards Track S. Turner, Ed. | |||
| Expires: January 9, 2020 sn3rd | Expires: January 10, 2020 sn3rd | |||
| July 08, 2019 | July 09, 2019 | |||
| Using TLS to Secure QUIC | Using TLS to Secure QUIC | |||
| draft-ietf-quic-tls-21 | draft-ietf-quic-tls-22 | |||
| Abstract | Abstract | |||
| This document describes how Transport Layer Security (TLS) is used to | This document describes how Transport Layer Security (TLS) is used to | |||
| secure QUIC. | secure QUIC. | |||
| Note to Readers | Note to Readers | |||
| Discussion of this draft takes place on the QUIC working group | Discussion of this draft takes place on the QUIC working group | |||
| mailing list (quic@ietf.org), which is archived at | mailing list (quic@ietf.org), which is archived at | |||
| skipping to change at page 1, line 42 ¶ | skipping to change at page 1, line 42 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on January 9, 2020. | This Internet-Draft will expire on January 10, 2020. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2019 IETF Trust and the persons identified as the | Copyright (c) 2019 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (https://trustee.ietf.org/license-info) in effect on the date of | (https://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 24 ¶ | skipping to change at page 3, line 24 ¶ | |||
| 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 34 | 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 34 | |||
| 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 34 | 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 34 | |||
| 11.1. Normative References . . . . . . . . . . . . . . . . . . 34 | 11.1. Normative References . . . . . . . . . . . . . . . . . . 34 | |||
| 11.2. Informative References . . . . . . . . . . . . . . . . . 35 | 11.2. Informative References . . . . . . . . . . . . . . . . . 35 | |||
| 11.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 36 | 11.3. URIs . . . . . . . . . . . . . . . . . . . . . . . . . . 36 | |||
| Appendix A. Sample Initial Packet Protection . . . . . . . . . . 36 | Appendix A. Sample Initial Packet Protection . . . . . . . . . . 36 | |||
| A.1. Keys . . . . . . . . . . . . . . . . . . . . . . . . . . 36 | A.1. Keys . . . . . . . . . . . . . . . . . . . . . . . . . . 36 | |||
| A.2. Client Initial . . . . . . . . . . . . . . . . . . . . . 37 | A.2. Client Initial . . . . . . . . . . . . . . . . . . . . . 37 | |||
| A.3. Server Initial . . . . . . . . . . . . . . . . . . . . . 39 | A.3. Server Initial . . . . . . . . . . . . . . . . . . . . . 39 | |||
| Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 40 | Appendix B. Change Log . . . . . . . . . . . . . . . . . . . . . 40 | |||
| B.1. Since draft-ietf-quic-tls-20 . . . . . . . . . . . . . . 40 | B.1. Since draft-ietf-quic-tls-21 . . . . . . . . . . . . . . 40 | |||
| B.2. Since draft-ietf-quic-tls-18 . . . . . . . . . . . . . . 40 | B.2. Since draft-ietf-quic-tls-20 . . . . . . . . . . . . . . 40 | |||
| B.3. Since draft-ietf-quic-tls-17 . . . . . . . . . . . . . . 40 | B.3. Since draft-ietf-quic-tls-18 . . . . . . . . . . . . . . 40 | |||
| B.4. Since draft-ietf-quic-tls-14 . . . . . . . . . . . . . . 41 | B.4. Since draft-ietf-quic-tls-17 . . . . . . . . . . . . . . 41 | |||
| B.5. Since draft-ietf-quic-tls-13 . . . . . . . . . . . . . . 41 | B.5. Since draft-ietf-quic-tls-14 . . . . . . . . . . . . . . 41 | |||
| B.6. Since draft-ietf-quic-tls-12 . . . . . . . . . . . . . . 41 | B.6. Since draft-ietf-quic-tls-13 . . . . . . . . . . . . . . 41 | |||
| B.7. Since draft-ietf-quic-tls-11 . . . . . . . . . . . . . . 42 | B.7. Since draft-ietf-quic-tls-12 . . . . . . . . . . . . . . 41 | |||
| B.8. Since draft-ietf-quic-tls-10 . . . . . . . . . . . . . . 42 | B.8. Since draft-ietf-quic-tls-11 . . . . . . . . . . . . . . 42 | |||
| B.9. Since draft-ietf-quic-tls-09 . . . . . . . . . . . . . . 42 | B.9. Since draft-ietf-quic-tls-10 . . . . . . . . . . . . . . 42 | |||
| B.10. Since draft-ietf-quic-tls-08 . . . . . . . . . . . . . . 42 | B.10. Since draft-ietf-quic-tls-09 . . . . . . . . . . . . . . 42 | |||
| B.11. Since draft-ietf-quic-tls-07 . . . . . . . . . . . . . . 42 | B.11. Since draft-ietf-quic-tls-08 . . . . . . . . . . . . . . 42 | |||
| B.12. Since draft-ietf-quic-tls-05 . . . . . . . . . . . . . . 42 | B.12. Since draft-ietf-quic-tls-07 . . . . . . . . . . . . . . 42 | |||
| B.13. Since draft-ietf-quic-tls-04 . . . . . . . . . . . . . . 42 | B.13. Since draft-ietf-quic-tls-05 . . . . . . . . . . . . . . 42 | |||
| B.14. Since draft-ietf-quic-tls-03 . . . . . . . . . . . . . . 42 | B.14. Since draft-ietf-quic-tls-04 . . . . . . . . . . . . . . 42 | |||
| B.15. Since draft-ietf-quic-tls-02 . . . . . . . . . . . . . . 42 | B.15. Since draft-ietf-quic-tls-03 . . . . . . . . . . . . . . 42 | |||
| B.16. Since draft-ietf-quic-tls-01 . . . . . . . . . . . . . . 42 | B.16. Since draft-ietf-quic-tls-02 . . . . . . . . . . . . . . 42 | |||
| B.17. Since draft-ietf-quic-tls-00 . . . . . . . . . . . . . . 43 | B.17. Since draft-ietf-quic-tls-01 . . . . . . . . . . . . . . 43 | |||
| B.18. Since draft-thomson-quic-tls-01 . . . . . . . . . . . . . 43 | B.18. Since draft-ietf-quic-tls-00 . . . . . . . . . . . . . . 43 | |||
| Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 43 | B.19. Since draft-thomson-quic-tls-01 . . . . . . . . . . . . . 43 | |||
| Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 43 | Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . . 44 | |||
| Contributors . . . . . . . . . . . . . . . . . . . . . . . . . . 44 | ||||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 44 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 44 | |||
| 1. Introduction | 1. Introduction | |||
| This document describes how QUIC [QUIC-TRANSPORT] is secured using | This document describes how QUIC [QUIC-TRANSPORT] is secured using | |||
| TLS [TLS13]. | TLS [TLS13]. | |||
| TLS 1.3 provides critical latency improvements for connection | TLS 1.3 provides critical latency improvements for connection | |||
| establishment over previous versions. Absent packet loss, most new | establishment over previous versions. Absent packet loss, most new | |||
| connections can be established and secured within a single round | connections can be established and secured within a single round | |||
| skipping to change at page 34, line 37 ¶ | skipping to change at page 34, line 37 ¶ | |||
| [AES] "Advanced encryption standard (AES)", National Institute | [AES] "Advanced encryption standard (AES)", National Institute | |||
| of Standards and Technology report, | of Standards and Technology report, | |||
| DOI 10.6028/nist.fips.197, November 2001. | DOI 10.6028/nist.fips.197, November 2001. | |||
| [CHACHA] Nir, Y. and A. Langley, "ChaCha20 and Poly1305 for IETF | [CHACHA] Nir, Y. and A. Langley, "ChaCha20 and Poly1305 for IETF | |||
| Protocols", RFC 8439, DOI 10.17487/RFC8439, June 2018, | Protocols", RFC 8439, DOI 10.17487/RFC8439, June 2018, | |||
| <https://www.rfc-editor.org/info/rfc8439>. | <https://www.rfc-editor.org/info/rfc8439>. | |||
| [QUIC-RECOVERY] | [QUIC-RECOVERY] | |||
| Iyengar, J., Ed. and I. Swett, Ed., "QUIC Loss Detection | Iyengar, J., Ed. and I. Swett, Ed., "QUIC Loss Detection | |||
| and Congestion Control", draft-ietf-quic-recovery-21 (work | and Congestion Control", draft-ietf-quic-recovery-22 (work | |||
| in progress), July 2019. | in progress), July 2019. | |||
| [QUIC-TRANSPORT] | [QUIC-TRANSPORT] | |||
| Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based | Iyengar, J., Ed. and M. Thomson, Ed., "QUIC: A UDP-Based | |||
| Multiplexed and Secure Transport", draft-ietf-quic- | Multiplexed and Secure Transport", draft-ietf-quic- | |||
| transport-21 (work in progress), July 2019. | transport-22 (work in progress), July 2019. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <https://www.rfc-editor.org/info/rfc2119>. | <https://www.rfc-editor.org/info/rfc2119>. | |||
| [RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan, | [RFC7301] Friedl, S., Popov, A., Langley, A., and E. Stephan, | |||
| "Transport Layer Security (TLS) Application-Layer Protocol | "Transport Layer Security (TLS) Application-Layer Protocol | |||
| Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301, | Negotiation Extension", RFC 7301, DOI 10.17487/RFC7301, | |||
| July 2014, <https://www.rfc-editor.org/info/rfc7301>. | July 2014, <https://www.rfc-editor.org/info/rfc7301>. | |||
| skipping to change at page 35, line 40 ¶ | skipping to change at page 35, line 40 ¶ | |||
| Luykx, A. and K. Paterson, "Limits on Authenticated | Luykx, A. and K. Paterson, "Limits on Authenticated | |||
| Encryption Use in TLS", March 2016, | Encryption Use in TLS", March 2016, | |||
| <http://www.isg.rhul.ac.uk/~kp/TLS-AEbounds.pdf>. | <http://www.isg.rhul.ac.uk/~kp/TLS-AEbounds.pdf>. | |||
| [IMC] Katz, J. and Y. Lindell, "Introduction to Modern | [IMC] Katz, J. and Y. Lindell, "Introduction to Modern | |||
| Cryptography, Second Edition", ISBN 978-1466570269, | Cryptography, Second Edition", ISBN 978-1466570269, | |||
| November 2014. | November 2014. | |||
| [QUIC-HTTP] | [QUIC-HTTP] | |||
| Bishop, M., Ed., "Hypertext Transfer Protocol (HTTP) over | Bishop, M., Ed., "Hypertext Transfer Protocol (HTTP) over | |||
| QUIC", draft-ietf-quic-http-21 (work in progress), July | QUIC", draft-ietf-quic-http-22 (work in progress), July | |||
| 2019. | 2019. | |||
| [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, | [RFC2818] Rescorla, E., "HTTP Over TLS", RFC 2818, | |||
| DOI 10.17487/RFC2818, May 2000, | DOI 10.17487/RFC2818, May 2000, | |||
| <https://www.rfc-editor.org/info/rfc2818>. | <https://www.rfc-editor.org/info/rfc2818>. | |||
| [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | |||
| Housley, R., and W. Polk, "Internet X.509 Public Key | Housley, R., and W. Polk, "Internet X.509 Public Key | |||
| Infrastructure Certificate and Certificate Revocation List | Infrastructure Certificate and Certificate Revocation List | |||
| (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, | (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, | |||
| skipping to change at page 40, line 31 ¶ | skipping to change at page 40, line 31 ¶ | |||
| cdbe264bd65f2b076760c69beef23aa7 14c9a174d69034c09a2863e1e1863508 | cdbe264bd65f2b076760c69beef23aa7 14c9a174d69034c09a2863e1e1863508 | |||
| 8d4afdeab9 | 8d4afdeab9 | |||
| Appendix B. Change Log | Appendix B. Change Log | |||
| *RFC Editor's Note:* Please remove this section prior to | *RFC Editor's Note:* Please remove this section prior to | |||
| publication of a final version of this document. | publication of a final version of this document. | |||
| Issue and pull request numbers are listed with a leading octothorp. | Issue and pull request numbers are listed with a leading octothorp. | |||
| B.1. Since draft-ietf-quic-tls-20 | B.1. Since draft-ietf-quic-tls-21 | |||
| o No changes | ||||
| B.2. Since draft-ietf-quic-tls-20 | ||||
| o Mandate the use of the QUIC transport parameters extension (#2528, | o Mandate the use of the QUIC transport parameters extension (#2528, | |||
| #2560) | #2560) | |||
| o Define handshake completion and confirmation; define clearer rules | o Define handshake completion and confirmation; define clearer rules | |||
| when it encryption keys should be discarded (#2214, #2267, #2673) | when it encryption keys should be discarded (#2214, #2267, #2673) | |||
| B.2. Since draft-ietf-quic-tls-18 | B.3. Since draft-ietf-quic-tls-18 | |||
| o Increased the set of permissible frames in 0-RTT (#2344, #2355) | o Increased the set of permissible frames in 0-RTT (#2344, #2355) | |||
| o Transport parameter extension is mandatory (#2528, #2560) | o Transport parameter extension is mandatory (#2528, #2560) | |||
| B.3. Since draft-ietf-quic-tls-17 | B.4. Since draft-ietf-quic-tls-17 | |||
| o Endpoints discard initial keys as soon as handshake keys are | o Endpoints discard initial keys as soon as handshake keys are | |||
| available (#1951, #2045) | available (#1951, #2045) | |||
| o Use of ALPN or equivalent is mandatory (#2263, #2284) | o Use of ALPN or equivalent is mandatory (#2263, #2284) | |||
| B.4. Since draft-ietf-quic-tls-14 | B.5. Since draft-ietf-quic-tls-14 | |||
| o Update the salt used for Initial secrets (#1970) | o Update the salt used for Initial secrets (#1970) | |||
| o Clarify that TLS_AES_128_CCM_8_SHA256 isn't supported (#2019) | o Clarify that TLS_AES_128_CCM_8_SHA256 isn't supported (#2019) | |||
| o Change header protection | o Change header protection | |||
| * Sample from a fixed offset (#1575, #2030) | * Sample from a fixed offset (#1575, #2030) | |||
| * Cover part of the first byte, including the key phase (#1322, | * Cover part of the first byte, including the key phase (#1322, | |||
| skipping to change at page 41, line 28 ¶ | skipping to change at page 41, line 35 ¶ | |||
| o TLS provides an AEAD and KDF function (#2046) | o TLS provides an AEAD and KDF function (#2046) | |||
| * Clarify that the TLS KDF is used with TLS (#1997) | * Clarify that the TLS KDF is used with TLS (#1997) | |||
| * Change the labels for calculation of QUIC keys (#1845, #1971, | * Change the labels for calculation of QUIC keys (#1845, #1971, | |||
| #1991) | #1991) | |||
| o Initial keys are discarded once Handshake are avaialble (#1951, | o Initial keys are discarded once Handshake are avaialble (#1951, | |||
| #2045) | #2045) | |||
| B.5. Since draft-ietf-quic-tls-13 | B.6. Since draft-ietf-quic-tls-13 | |||
| o Updated to TLS 1.3 final (#1660) | o Updated to TLS 1.3 final (#1660) | |||
| B.6. Since draft-ietf-quic-tls-12 | B.7. Since draft-ietf-quic-tls-12 | |||
| o Changes to integration of the TLS handshake (#829, #1018, #1094, | o Changes to integration of the TLS handshake (#829, #1018, #1094, | |||
| #1165, #1190, #1233, #1242, #1252, #1450) | #1165, #1190, #1233, #1242, #1252, #1450) | |||
| * The cryptographic handshake uses CRYPTO frames, not stream 0 | * The cryptographic handshake uses CRYPTO frames, not stream 0 | |||
| * QUIC packet protection is used in place of TLS record | * QUIC packet protection is used in place of TLS record | |||
| protection | protection | |||
| * Separate QUIC packet number spaces are used for the handshake | * Separate QUIC packet number spaces are used for the handshake | |||
| skipping to change at page 41, line 45 ¶ | skipping to change at page 42, line 4 ¶ | |||
| #1165, #1190, #1233, #1242, #1252, #1450) | #1165, #1190, #1233, #1242, #1252, #1450) | |||
| * The cryptographic handshake uses CRYPTO frames, not stream 0 | * The cryptographic handshake uses CRYPTO frames, not stream 0 | |||
| * QUIC packet protection is used in place of TLS record | * QUIC packet protection is used in place of TLS record | |||
| protection | protection | |||
| * Separate QUIC packet number spaces are used for the handshake | * Separate QUIC packet number spaces are used for the handshake | |||
| * Changed Retry to be independent of the cryptographic handshake | * Changed Retry to be independent of the cryptographic handshake | |||
| * Limit the use of HelloRetryRequest to address TLS needs (like | * Limit the use of HelloRetryRequest to address TLS needs (like | |||
| key shares) | key shares) | |||
| o Changed codepoint of TLS extension (#1395, #1402) | o Changed codepoint of TLS extension (#1395, #1402) | |||
| B.7. Since draft-ietf-quic-tls-11 | B.8. Since draft-ietf-quic-tls-11 | |||
| o Encrypted packet numbers. | o Encrypted packet numbers. | |||
| B.8. Since draft-ietf-quic-tls-10 | B.9. Since draft-ietf-quic-tls-10 | |||
| o No significant changes. | o No significant changes. | |||
| B.9. Since draft-ietf-quic-tls-09 | B.10. Since draft-ietf-quic-tls-09 | |||
| o Cleaned up key schedule and updated the salt used for handshake | o Cleaned up key schedule and updated the salt used for handshake | |||
| packet protection (#1077) | packet protection (#1077) | |||
| B.10. Since draft-ietf-quic-tls-08 | B.11. Since draft-ietf-quic-tls-08 | |||
| o Specify value for max_early_data_size to enable 0-RTT (#942) | o Specify value for max_early_data_size to enable 0-RTT (#942) | |||
| o Update key derivation function (#1003, #1004) | o Update key derivation function (#1003, #1004) | |||
| B.11. Since draft-ietf-quic-tls-07 | B.12. Since draft-ietf-quic-tls-07 | |||
| o Handshake errors can be reported with CONNECTION_CLOSE (#608, | o Handshake errors can be reported with CONNECTION_CLOSE (#608, | |||
| #891) | #891) | |||
| B.12. Since draft-ietf-quic-tls-05 | B.13. Since draft-ietf-quic-tls-05 | |||
| No significant changes. | No significant changes. | |||
| B.13. Since draft-ietf-quic-tls-04 | B.14. Since draft-ietf-quic-tls-04 | |||
| o Update labels used in HKDF-Expand-Label to match TLS 1.3 (#642) | o Update labels used in HKDF-Expand-Label to match TLS 1.3 (#642) | |||
| B.14. Since draft-ietf-quic-tls-03 | B.15. Since draft-ietf-quic-tls-03 | |||
| No significant changes. | No significant changes. | |||
| B.15. Since draft-ietf-quic-tls-02 | B.16. Since draft-ietf-quic-tls-02 | |||
| o Updates to match changes in transport draft | o Updates to match changes in transport draft | |||
| B.16. Since draft-ietf-quic-tls-01 | B.17. Since draft-ietf-quic-tls-01 | |||
| o Use TLS alerts to signal TLS errors (#272, #374) | o Use TLS alerts to signal TLS errors (#272, #374) | |||
| o Require ClientHello to fit in a single packet (#338) | o Require ClientHello to fit in a single packet (#338) | |||
| o The second client handshake flight is now sent in the clear (#262, | o The second client handshake flight is now sent in the clear (#262, | |||
| #337) | #337) | |||
| o The QUIC header is included as AEAD Associated Data (#226, #243, | o The QUIC header is included as AEAD Associated Data (#226, #243, | |||
| #302) | #302) | |||
| skipping to change at page 43, line 21 ¶ | skipping to change at page 43, line 30 ¶ | |||
| o Require at least TLS 1.3 (#138) | o Require at least TLS 1.3 (#138) | |||
| o Define transport parameters as a TLS extension (#122) | o Define transport parameters as a TLS extension (#122) | |||
| o Define handling for protected packets before the handshake | o Define handling for protected packets before the handshake | |||
| completes (#39) | completes (#39) | |||
| o Decouple QUIC version and ALPN (#12) | o Decouple QUIC version and ALPN (#12) | |||
| B.17. Since draft-ietf-quic-tls-00 | B.18. Since draft-ietf-quic-tls-00 | |||
| o Changed bit used to signal key phase | o Changed bit used to signal key phase | |||
| o Updated key phase markings during the handshake | o Updated key phase markings during the handshake | |||
| o Added TLS interface requirements section | o Added TLS interface requirements section | |||
| o Moved to use of TLS exporters for key derivation | o Moved to use of TLS exporters for key derivation | |||
| o Moved TLS error code definitions into this document | o Moved TLS error code definitions into this document | |||
| B.18. Since draft-thomson-quic-tls-01 | B.19. Since draft-thomson-quic-tls-01 | |||
| o Adopted as base for draft-ietf-quic-tls | o Adopted as base for draft-ietf-quic-tls | |||
| o Updated authors/editors list | o Updated authors/editors list | |||
| o Added status note | o Added status note | |||
| Acknowledgments | Acknowledgments | |||
| This document has benefited from input from Dragana Damjanovic, | This document has benefited from input from Dragana Damjanovic, | |||
| End of changes. 26 change blocks. | ||||
| 46 lines changed or deleted | 50 lines changed or added | |||
This html diff was produced by rfcdiff 1.45. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||