idnits 2.17.00 (12 Aug 2021) /tmp/idnits19549/draft-josefsson-rfc3548bis-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 15. -- Found old boilerplate from RFC 3978, Section 5.5 on line 607. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 584. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 591. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 597. ** This document has an original RFC 3978 Section 5.4 Copyright Line, instead of the newer IETF Trust Copyright according to RFC 4748. ** This document has an original RFC 3978 Section 5.5 Disclaimer, instead of the newer disclaimer which includes the IETF Trust according to RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) -- The draft header indicates that this document obsoletes RFC3548, but the abstract doesn't seem to mention this, which it should. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the RFC 3978 Section 5.4 Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (November 12, 2005) is 6033 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) -- Obsolete informational reference (is this intentional?): RFC 2440 (ref. '5') (Obsoleted by RFC 4880) -- Obsolete informational reference (is this intentional?): RFC 2535 (ref. '6') (Obsoleted by RFC 4033, RFC 4034, RFC 4035) -- Obsolete informational reference (is this intentional?): RFC 3501 (ref. '8') (Obsoleted by RFC 9051) == Outdated reference: A later version (-05) exists of draft-ietf-cat-sasl-gssapi-01 Summary: 4 errors (**), 0 flaws (~~), 3 warnings (==), 11 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Network Working Group S. Josefsson, Ed. 3 Internet-Draft November 12, 2005 4 Obsoletes: 3548 (if approved) 5 Expires: May 16, 2006 7 The Base16, Base32, and Base64 Data Encodings 8 draft-josefsson-rfc3548bis-00 10 Status of this Memo 12 By submitting this Internet-Draft, each author represents that any 13 applicable patent or other IPR claims of which he or she is aware 14 have been or will be disclosed, and any of which he or she becomes 15 aware will be disclosed, in accordance with Section 6 of BCP 79. 17 Internet-Drafts are working documents of the Internet Engineering 18 Task Force (IETF), its areas, and its working groups. Note that 19 other groups may also distribute working documents as Internet- 20 Drafts. 22 Internet-Drafts are draft documents valid for a maximum of six months 23 and may be updated, replaced, or obsoleted by other documents at any 24 time. It is inappropriate to use Internet-Drafts as reference 25 material or to cite them other than as "work in progress." 27 The list of current Internet-Drafts can be accessed at 28 http://www.ietf.org/ietf/1id-abstracts.txt. 30 The list of Internet-Draft Shadow Directories can be accessed at 31 http://www.ietf.org/shadow.html. 33 This Internet-Draft will expire on May 16, 2006. 35 Copyright Notice 37 Copyright (C) The Internet Society (2005). 39 Keywords 41 Base Encoding, Base64, Base32, Base16, Hex. 43 Abstract 45 This document describes the commonly used base 64, base 32, and base 46 16 encoding schemes. It also discusses the use of line-feeds in 47 encoded data, use of padding in encoded data, use of non-alphabet 48 characters in encoded data, and use of different encoding alphabets. 50 Table of Contents 52 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 53 2. Implementation discrepancies . . . . . . . . . . . . . . . . . 3 54 2.1. Line feeds in encoded data . . . . . . . . . . . . . . . . 3 55 2.2. Padding of encoded data . . . . . . . . . . . . . . . . . 4 56 2.3. Interpretation of non-alphabet characters in encoded 57 data . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 58 2.4. Choosing the alphabet . . . . . . . . . . . . . . . . . . 4 59 3. Base 64 Encoding . . . . . . . . . . . . . . . . . . . . . . . 5 60 4. Base 64 Encoding with URL and Filename Safe Alphabet . . . . . 7 61 5. Base 32 Encoding . . . . . . . . . . . . . . . . . . . . . . . 7 62 6. Base 32 Encoding with Extended Hex Alphabet . . . . . . . . . 9 63 7. Base 16 Encoding . . . . . . . . . . . . . . . . . . . . . . . 10 64 8. Illustrations and examples . . . . . . . . . . . . . . . . . . 11 65 9. Security Considerations . . . . . . . . . . . . . . . . . . . 12 66 10. Changes since RFC 3548 . . . . . . . . . . . . . . . . . . . . 13 67 11. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 13 68 12. Copying conditions . . . . . . . . . . . . . . . . . . . . . . 13 69 13. References . . . . . . . . . . . . . . . . . . . . . . . . . . 14 70 13.1. Normative References . . . . . . . . . . . . . . . . . . . 14 71 13.2. Informative References . . . . . . . . . . . . . . . . . . 14 72 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 15 73 Intellectual Property and Copyright Statements . . . . . . . . . . 16 75 1. Introduction 77 Base encoding of data is used in many situations to store or transfer 78 data in environments that, perhaps for legacy reasons, are restricted 79 to only US-ASCII [2] data. Base encoding can also be used in new 80 applications that do not have legacy restrictions, simply because it 81 makes it possible to manipulate objects with text editors. 83 In the past, different applications have had different requirements 84 and thus sometimes implemented base encodings in slightly different 85 ways. Today, protocol specifications sometimes use base encodings in 86 general, and "base64" in particular, without a precise description or 87 reference. MIME [4] is often used as a reference for base64 without 88 considering the consequences for line-wrapping or non-alphabet 89 characters. The purpose of this specification is to establish common 90 alphabet and encoding considerations. This will hopefully reduce 91 ambiguity in other documents, leading to better interoperability. 93 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 94 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 95 document are to be interpreted as described in RFC 2119 [1]. 97 2. Implementation discrepancies 99 Here we discuss the discrepancies between base encoding 100 implementations in the past, and where appropriate, mandate a 101 specific recommended behavior for the future. 103 2.1. Line feeds in encoded data 105 MIME [4] is often used as a reference for base 64 encoding. However, 106 MIME does not define "base 64" per se, but rather a "base 64 Content- 107 Transfer-Encoding" for use within MIME. As such, MIME enforces a 108 limit on line length of base 64 encoded data to 76 characters. MIME 109 inherits the encoding from PEM [3] stating it is "virtually 110 identical", however PEM uses a line length of 64 characters. The 111 MIME and PEM limits are both due to limits within SMTP. 113 Implementations MUST NOT add line feeds to base encoded data unless 114 the specification referring to this document explicitly directs base 115 encoders to add line feeds after a specific number of characters. 117 2.2. Padding of encoded data 119 In some circumstances, the use of padding ("=") in base encoded data 120 is not required nor used. In the general case, when assumptions on 121 size of transported data cannot be made, padding is required to yield 122 correct decoded data. 124 Implementations MUST include appropriate pad characters at the end of 125 encoded data unless the specification referring to this document 126 explicitly states otherwise. 128 2.3. Interpretation of non-alphabet characters in encoded data 130 Base encodings use a specific, reduced, alphabet to encode binary 131 data. Non alphabet characters could exist within base encoded data, 132 caused by data corruption or by design. Non alphabet characters may 133 be exploited as a "covert channel", where non-protocol data can be 134 sent for nefarious purposes. Non alphabet characters might also be 135 sent in order to exploit implementation errors leading to, e.g., 136 buffer overflow attacks. 138 Implementations MUST reject the encoding if it contains characters 139 outside the base alphabet when interpreting base encoded data, unless 140 the specification referring to this document explicitly states 141 otherwise. Such specifications may, as MIME does, instead state that 142 characters outside the base encoding alphabet should simply be 143 ignored when interpreting data ("be liberal in what you accept"). 144 Note that this means that any CRLF constitute "non alphabet 145 characters" and are ignored. Furthermore, such specifications may 146 consider the pad character, "=", as not part of the base alphabet 147 until the end of the string. If more than the allowed number of pad 148 characters are found at the end of the string, e.g., a base 64 string 149 terminated with "===", the excess pad characters could be ignored. 151 2.4. Choosing the alphabet 153 Different applications have different requirements on the characters 154 in the alphabet. Here are a few requirements that determine which 155 alphabet should be used: 157 o Handled by humans. Characters "0", "O" are easily interchanged, 158 as well "1", "l" and "I". In the base32 alphabet below, where 0 159 (zero) and 1 (one) is not present, a decoder may interpret 0 as O, 160 and 1 as I or L depending on case. (However, by default it should 161 not, see previous section.) 163 o Encoded into structures that place other requirements. For base 164 16 and base 32, this determines the use of upper- or lowercase 165 alphabets. For base 64, the non-alphanumeric characters (in 166 particular "/") may be problematic in file names and URLs. 168 o Used as identifiers. Certain characters, notably "+" and "/" in 169 the base 64 alphabet, are treated as word-breaks by legacy text 170 search/index tools. 172 There is no universally accepted alphabet that fulfills all the 173 requirements. For an example of a highly specialized variant, see 174 IMAP [8]. In this document, we document and name some currently used 175 alphabets. 177 3. Base 64 Encoding 179 The following description of base 64 is due to [3], [4], [5] and [6]. 181 The Base 64 encoding is designed to represent arbitrary sequences of 182 octets in a form that requires case sensitivity but need not be 183 humanly readable. 185 A 65-character subset of US-ASCII is used, enabling 6 bits to be 186 represented per printable character. (The extra 65th character, "=", 187 is used to signify a special processing function.) 189 The encoding process represents 24-bit groups of input bits as output 190 strings of 4 encoded characters. Proceeding from left to right, a 191 24-bit input group is formed by concatenating 3 8-bit input groups. 192 These 24 bits are then treated as 4 concatenated 6-bit groups, each 193 of which is translated into a single digit in the base 64 alphabet. 195 Each 6-bit group is used as an index into an array of 64 printable 196 characters. The character referenced by the index is placed in the 197 output string. 199 Table 1: The Base 64 Alphabet 201 Value Encoding Value Encoding Value Encoding Value Encoding 202 0 A 17 R 34 i 51 z 203 1 B 18 S 35 j 52 0 204 2 C 19 T 36 k 53 1 205 3 D 20 U 37 l 54 2 206 4 E 21 V 38 m 55 3 207 5 F 22 W 39 n 56 4 208 6 G 23 X 40 o 57 5 209 7 H 24 Y 41 p 58 6 210 8 I 25 Z 42 q 59 7 211 9 J 26 a 43 r 60 8 212 10 K 27 b 44 s 61 9 213 11 L 28 c 45 t 62 + 214 12 M 29 d 46 u 63 / 215 13 N 30 e 47 v 216 14 O 31 f 48 w (pad) = 217 15 P 32 g 49 x 218 16 Q 33 h 50 y 220 Special processing is performed if fewer than 24 bits are available 221 at the end of the data being encoded. A full encoding quantum is 222 always completed at the end of a quantity. When fewer than 24 input 223 bits are available in an input group, zero bits are added (on the 224 right) to form an integral number of 6-bit groups. Padding at the 225 end of the data is performed using the '=' character. Since all base 226 64 input is an integral number of octets, only the following cases 227 can arise: 229 (1) the final quantum of encoding input is an integral multiple of 24 230 bits; here, the final unit of encoded output will be an integral 231 multiple of 4 characters with no "=" padding, 233 (2) the final quantum of encoding input is exactly 8 bits; here, the 234 final unit of encoded output will be two characters followed by two 235 "=" padding characters, or 237 (3) the final quantum of encoding input is exactly 16 bits; here, the 238 final unit of encoded output will be three characters followed by one 239 "=" padding character. 241 4. Base 64 Encoding with URL and Filename Safe Alphabet 243 The Base 64 encoding with an URL and filename safe alphabet has been 244 used in [10]. 246 An alternative alphabet has been suggested that used "~" as the 63rd 247 character. Since the "~" character has special meaning in some file 248 system environments, the encoding described in this section is 249 recommended instead. 251 This encoding should not be regarded as the same as the "base64" 252 encoding, and should not be referred to as only "base64". Unless 253 made clear, "base64" refer to the base 64 in the previous section. 255 This encoding is technically identical to the previous one, except 256 for the 62:nd and 63:rd alphabet character, as indicated in table 2. 258 Table 2: The "URL and Filename safe" Base 64 Alphabet 260 Value Encoding Value Encoding Value Encoding Value Encoding 261 0 A 17 R 34 i 51 z 262 1 B 18 S 35 j 52 0 263 2 C 19 T 36 k 53 1 264 3 D 20 U 37 l 54 2 265 4 E 21 V 38 m 55 3 266 5 F 22 W 39 n 56 4 267 6 G 23 X 40 o 57 5 268 7 H 24 Y 41 p 58 6 269 8 I 25 Z 42 q 59 7 270 9 J 26 a 43 r 60 8 271 10 K 27 b 44 s 61 9 272 11 L 28 c 45 t 62 - 273 12 M 29 d 46 u (minus) 274 13 N 30 e 47 v 63 _ 275 14 O 31 f 48 w (understrike) 276 15 P 32 g 49 x 277 16 Q 33 h 50 y (pad) = 279 5. Base 32 Encoding 281 The following description of base 32 is due to [9] (with 282 corrections). 284 The Base 32 encoding is designed to represent arbitrary sequences of 285 octets in a form that needs to be case insensitive but need not be 286 humanly readable. 288 A 33-character subset of US-ASCII is used, enabling 5 bits to be 289 represented per printable character. (The extra 33rd character, "=", 290 is used to signify a special processing function.) 292 The encoding process represents 40-bit groups of input bits as output 293 strings of 8 encoded characters. Proceeding from left to right, a 294 40-bit input group is formed by concatenating 5 8bit input groups. 295 These 40 bits are then treated as 8 concatenated 5-bit groups, each 296 of which is translated into a single digit in the base 32 alphabet. 297 When encoding a bit stream via the base 32 encoding, the bit stream 298 must be presumed to be ordered with the most-significant-bit first. 299 That is, the first bit in the stream will be the high-order bit in 300 the first 8bit byte, and the eighth bit will be the low-order bit in 301 the first 8bit byte, and so on. 303 Each 5-bit group is used as an index into an array of 32 printable 304 characters. The character referenced by the index is placed in the 305 output string. These characters, identified in Table 3, below, are 306 selected from US-ASCII digits and uppercase letters. 308 Table 3: The Base 32 Alphabet 310 Value Encoding Value Encoding Value Encoding Value Encoding 311 0 A 9 J 18 S 27 3 312 1 B 10 K 19 T 28 4 313 2 C 11 L 20 U 29 5 314 3 D 12 M 21 V 30 6 315 4 E 13 N 22 W 31 7 316 5 F 14 O 23 X 317 6 G 15 P 24 Y (pad) = 318 7 H 16 Q 25 Z 319 8 I 17 R 26 2 321 Special processing is performed if fewer than 40 bits are available 322 at the end of the data being encoded. A full encoding quantum is 323 always completed at the end of a body. When fewer than 40 input bits 324 are available in an input group, zero bits are added (on the right) 325 to form an integral number of 5-bit groups. Padding at the end of 326 the data is performed using the "=" character. Since all base 32 327 input is an integral number of octets, only the following cases can 328 arise: 330 (1) the final quantum of encoding input is an integral multiple of 40 331 bits; here, the final unit of encoded output will be an integral 332 multiple of 8 characters with no "=" padding, 334 (2) the final quantum of encoding input is exactly 8 bits; here, the 335 final unit of encoded output will be two characters followed by six 336 "=" padding characters, 338 (3) the final quantum of encoding input is exactly 16 bits; here, the 339 final unit of encoded output will be four characters followed by four 340 "=" padding characters, 342 (4) the final quantum of encoding input is exactly 24 bits; here, the 343 final unit of encoded output will be five characters followed by 344 three "=" padding characters, or 346 (5) the final quantum of encoding input is exactly 32 bits; here, the 347 final unit of encoded output will be seven characters followed by one 348 "=" padding character. 350 6. Base 32 Encoding with Extended Hex Alphabet 352 The following description of base 32 is due to [7]. This encoding 353 should not be regarded as the same as the "base32" encoding, and 354 should not be referred to as only "base32". 356 One property with this alphabet, that the base64 and base32 alphabet 357 lack, is that encoded data maintain its sort order when the encoded 358 data is compared bit-wise. 360 This encoding is identical to the previous one, except for the 361 alphabet. The new alphabet is found in table 4. 363 Table 4: The "Extended Hex" Base 32 Alphabet 365 Value Encoding Value Encoding Value Encoding Value Encoding 366 0 0 9 9 18 I 27 R 367 1 1 10 A 19 J 28 S 368 2 2 11 B 20 K 29 T 369 3 3 12 C 21 L 30 U 370 4 4 13 D 22 M 31 V 371 5 5 14 E 23 N 372 6 6 15 F 24 O (pad) = 373 7 7 16 G 25 P 374 8 8 17 H 26 Q 376 7. Base 16 Encoding 378 The following description is original but analogous to previous 379 descriptions. Essentially, Base 16 encoding is the standard case 380 insensitive hex encoding, and may be referred to as "base16" or 381 "hex". 383 A 16-character subset of US-ASCII is used, enabling 4 bits to be 384 represented per printable character. 386 The encoding process represents 8-bit groups (octets) of input bits 387 as output strings of 2 encoded characters. Proceeding from left to 388 right, a 8-bit input is taken from the input data. These 8 bits are 389 then treated as 2 concatenated 4-bit groups, each of which is 390 translated into a single digit in the base 16 alphabet. 392 Each 4-bit group is used as an index into an array of 16 printable 393 characters. The character referenced by the index is placed in the 394 output string. 396 Table 5: The Base 16 Alphabet 398 Value Encoding Value Encoding Value Encoding Value Encoding 399 0 0 4 4 8 8 12 C 400 1 1 5 5 9 9 13 D 401 2 2 6 6 10 A 14 E 402 3 3 7 7 11 B 15 F 404 Unlike base 32 and base 64, no special padding is necessary since a 405 full code word is always available. 407 8. Illustrations and examples 409 To translate between binary and a base encoding, the input is stored 410 in a structure and the output is extracted. The case for base 64 is 411 displayed in the following figure, borrowed from [5]. 413 +--first octet--+-second octet--+--third octet--+ 414 |7 6 5 4 3 2 1 0|7 6 5 4 3 2 1 0|7 6 5 4 3 2 1 0| 415 +-----------+---+-------+-------+---+-----------+ 416 |5 4 3 2 1 0|5 4 3 2 1 0|5 4 3 2 1 0|5 4 3 2 1 0| 417 +--1.index--+--2.index--+--3.index--+--4.index--+ 419 The case for base 32 is shown in the following figure, borrowed from 420 [7]. Each successive character in a base-32 value represents 5 421 successive bits of the underlying octet sequence. Thus, each group 422 of 8 characters represents a sequence of 5 octets (40 bits). 424 1 2 3 425 01234567 89012345 67890123 45678901 23456789 426 +--------+--------+--------+--------+--------+ 427 |< 1 >< 2| >< 3 ><|.4 >< 5.|>< 6 ><.|7 >< 8 >| 428 +--------+--------+--------+--------+--------+ 429 <===> 8th character 430 <====> 7th character 431 <===> 6th character 432 <====> 5th character 433 <====> 4th character 434 <===> 3rd character 435 <====> 2nd character 436 <===> 1st character 438 The following example of Base64 data is from [5]. 440 Input data: 0x14fb9c03d97e 441 Hex: 1 4 f b 9 c | 0 3 d 9 7 e 442 8-bit: 00010100 11111011 10011100 | 00000011 11011001 11111110 443 6-bit: 000101 001111 101110 011100 | 000000 111101 100111 111110 444 Decimal: 5 15 46 28 0 61 39 62 445 Output: F P u c A 9 n + 447 Input data: 0x14fb9c03d9 448 Hex: 1 4 f b 9 c | 0 3 d 9 449 8-bit: 00010100 11111011 10011100 | 00000011 11011001 450 pad with 00 451 6-bit: 000101 001111 101110 011100 | 000000 111101 100100 452 Decimal: 5 15 46 28 0 61 36 453 pad with = 454 Output: F P u c A 9 k = 456 Input data: 0x14fb9c03 457 Hex: 1 4 f b 9 c | 0 3 458 8-bit: 00010100 11111011 10011100 | 00000011 459 pad with 0000 460 6-bit: 000101 001111 101110 011100 | 000000 110000 461 Decimal: 5 15 46 28 0 48 462 pad with = = 463 Output: F P u c A w = = 465 9. Security Considerations 467 When implementing Base encoding and decoding, care should be taken 468 not to introduce vulnerabilities to buffer overflow attacks, or other 469 attacks on the implementation. A decoder should not break on invalid 470 input including, e.g., embedded NUL characters (ASCII 0). 472 If non-alphabet characters are ignored, instead of causing rejection 473 of the entire encoding (as recommended), a covert channel that can be 474 used to "leak" information is made possible. The implications of 475 this should be understood in applications that do not follow the 476 recommended practice. Similarly, when the base 16 and base 32 477 alphabets are handled case insensitively, alteration of case can be 478 used to leak information. 480 Base encoding visually hides otherwise easily recognized information, 481 such as passwords, but does not provide any computational 482 confidentiality. This has been known to cause security incidents 483 when, e.g., a user reports details of a network protocol exchange 484 (perhaps to illustrate some other problem) and accidentally reveals 485 the password because she is unaware that the base encoding does not 486 protect the password. 488 Base encoding adds no entropy to the plaintext, but it does increase 489 the amount of plaintext available and provides a signature for 490 cryptanalysis in the form of a characteristic probability 491 distribution. 493 10. Changes since RFC 3548 495 Added the "base32 extended hex alphabet", needed to preserve sort 496 order of encoded data. 498 Reference IMAP for the special Base64 encoding used there. 500 Fix the example copied from RFC 2440. 502 Add security consideration about providing a signature for 503 cryptoanalysis. 505 Typo fixes. 507 11. Acknowledgements 509 Several people offered comments and/or suggestions, including John E. 510 Hadstate, Tony Hansen, Gordon Mohr, John Myers, Chris Newman and 511 Andrew Sieber. Text used in this document are based on earlier RFCs 512 describing specific uses of various base encodings. The author 513 acknowledges the RSA Laboratories for supporting the work that led to 514 this document. 516 This revised version is based in parts on comments and/or suggestions 517 made by Roy Arends, Per Hygum, Clement Kent, and Paul Kwiatkowski. 519 12. Copying conditions 521 Regarding the portion of this document that was written by Simon 522 Josefsson ("the author", for the remainder of this section), the 523 author makes no guarantees and is not responsible for any damage 524 resulting from its use. The author grants irrevocable permission to 525 anyone to use, modify, and distribute it in any way that does not 526 diminish the rights of anyone else to use, modify, and distribute it, 527 provided that redistributed derivative works do not contain 528 misleading author or version information. Derivative works need not 529 be licensed under similar terms. 531 13. References 532 13.1. Normative References 534 [1] Bradner, S., "Key words for use in RFCs to Indicate Requirement 535 Levels", BCP 14, RFC 2119, March 1997. 537 13.2. Informative References 539 [2] Cerf, V., "ASCII format for network interchange", RFC 20, 540 October 1969. 542 [3] Linn, J., "Privacy Enhancement for Internet Electronic Mail: 543 Part I: Message Encryption and Authentication Procedures", 544 RFC 1421, February 1993. 546 [4] Freed, N. and N. Borenstein, "Multipurpose Internet Mail 547 Extensions (MIME) Part One: Format of Internet Message Bodies", 548 RFC 2045, November 1996. 550 [5] Callas, J., Donnerhacke, L., Finney, H., and R. Thayer, 551 "OpenPGP Message Format", RFC 2440, November 1998. 553 [6] Eastlake, D., "Domain Name System Security Extensions", 554 RFC 2535, March 1999. 556 [7] Klyne, G. and L. Masinter, "Identifying Composite Media 557 Features", RFC 2938, September 2000. 559 [8] Crispin, M., "INTERNET MESSAGE ACCESS PROTOCOL - VERSION 560 4rev1", RFC 3501, March 2003. 562 [9] Myers, J., "SASL GSSAPI mechanisms", Work in 563 progress draft-ietf-cat-sasl-gssapi-01, May 2000. 565 [10] Wilcox-O'Hearn, B., "Post to P2P-hackers mailing list", World 566 Wide Web http://zgp.org/pipermail/p2p-hackers/2001-September/ 567 000315.html, September 2001. 569 Author's Address 571 Simon Josefsson 573 Email: simon@josefsson.org 575 Intellectual Property Statement 577 The IETF takes no position regarding the validity or scope of any 578 Intellectual Property Rights or other rights that might be claimed to 579 pertain to the implementation or use of the technology described in 580 this document or the extent to which any license under such rights 581 might or might not be available; nor does it represent that it has 582 made any independent effort to identify any such rights. Information 583 on the procedures with respect to rights in RFC documents can be 584 found in BCP 78 and BCP 79. 586 Copies of IPR disclosures made to the IETF Secretariat and any 587 assurances of licenses to be made available, or the result of an 588 attempt made to obtain a general license or permission for the use of 589 such proprietary rights by implementers or users of this 590 specification can be obtained from the IETF on-line IPR repository at 591 http://www.ietf.org/ipr. 593 The IETF invites any interested party to bring to its attention any 594 copyrights, patents or patent applications, or other proprietary 595 rights that may cover technology that may be required to implement 596 this standard. Please address the information to the IETF at 597 ietf-ipr@ietf.org. 599 Disclaimer of Validity 601 This document and the information contained herein are provided on an 602 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 603 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET 604 ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, 605 INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE 606 INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 607 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 609 Copyright Statement 611 Copyright (C) The Internet Society (2005). This document is subject 612 to the rights, licenses and restrictions contained in BCP 78, and 613 except as set forth therein, the authors retain all their rights. 615 Acknowledgment 617 Funding for the RFC Editor function is currently provided by the 618 Internet Society.