draft-josefsson-openpgp-mailnews-header-00.txt | draft-josefsson-openpgp-mailnews-header-01.txt | |||
---|---|---|---|---|
Network Working Group A. Smasher | Network Working Group A. Smasher | |||
Internet-Draft S. Josefsson | Internet-Draft S. Josefsson | |||
Expires: July 8, 2005 January 7, 2005 | Expires: November 26, 2005 May 25, 2005 | |||
The OpenPGP mail and news header | The OpenPGP mail and news header | |||
draft-josefsson-openpgp-mailnews-header-00 | draft-josefsson-openpgp-mailnews-header-01 | |||
Status of this Memo | Status of this Memo | |||
This document is an Internet-Draft and is subject to all provisions | By submitting this Internet-Draft, each author represents that any | |||
of section 3 of RFC 3667. By submitting this Internet-Draft, each | applicable patent or other IPR claims of which he or she is aware | |||
author represents that any applicable patent or other IPR claims of | have been or will be disclosed, and any of which he or she becomes | |||
which he or she is aware have been or will be disclosed, and any of | aware will be disclosed, in accordance with Section 6 of BCP 79. | |||
which he or she become aware will be disclosed, in accordance with | ||||
RFC 3668. | ||||
Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
other groups may also distribute working documents as | other groups may also distribute working documents as Internet- | |||
Internet-Drafts. | Drafts. | |||
Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
http://www.ietf.org/ietf/1id-abstracts.txt. | http://www.ietf.org/ietf/1id-abstracts.txt. | |||
The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
This Internet-Draft will expire on July 8, 2005. | This Internet-Draft will expire on November 26, 2005. | |||
Copyright Notice | Copyright Notice | |||
Copyright (C) The Internet Society (2005). | Copyright (C) The Internet Society (2005). | |||
Abstract | Abstract | |||
This document describes the OpenPGP mail and news header field. The | This document describes the OpenPGP mail and news header field. The | |||
field provide information about the sender's OpenPGP key. | field provide information about the sender's OpenPGP key. | |||
See <http://josefsson.org/openpgp-header/> for more information. | See <http://josefsson.org/openpgp-header/> for more information. | |||
Table of Contents | Table of Contents | |||
1. Preface . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Preface . . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
2. Background and Motivation . . . . . . . . . . . . . . . . . . 3 | 2. Background and Motivation . . . . . . . . . . . . . . . . . 3 | |||
3. OpenPGP Header Field . . . . . . . . . . . . . . . . . . . . . 4 | 3. OpenPGP Header Field . . . . . . . . . . . . . . . . . . . . 4 | |||
3.1 Primary Key ID field: id . . . . . . . . . . . . . . . . . 5 | 3.1 Primary Key ID field: id . . . . . . . . . . . . . . . . . 5 | |||
3.2 Primary Key Algorithm field: algo . . . . . . . . . . . . 5 | 3.2 Key URL field: url . . . . . . . . . . . . . . . . . . . . 5 | |||
3.3 Primary Key Size field: size . . . . . . . . . . . . . . . 5 | 4. Comments . . . . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
3.4 Key URL field: url . . . . . . . . . . . . . . . . . . . . 6 | 5. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
3.5 Key Creation Date field: created . . . . . . . . . . . . . 6 | 6. Open Issues . . . . . . . . . . . . . . . . . . . . . . . . 6 | |||
4. Comments . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 | 7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 6 | |||
5. Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 | 8. Security Considerations . . . . . . . . . . . . . . . . . . 6 | |||
6. Open Issues . . . . . . . . . . . . . . . . . . . . . . . . . 7 | 9. IANA Considerations . . . . . . . . . . . . . . . . . . . . 7 | |||
7. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 7 | 10. Copying conditions . . . . . . . . . . . . . . . . . . . . . 8 | |||
8. Security Considerations . . . . . . . . . . . . . . . . . . . 7 | 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 | |||
9. Copying conditions . . . . . . . . . . . . . . . . . . . . . . 8 | 11.1 Normative References . . . . . . . . . . . . . . . . . . 8 | |||
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 8 | 11.2 Informative References . . . . . . . . . . . . . . . . . 9 | |||
10.1 Normative References . . . . . . . . . . . . . . . . . . . . 8 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . 9 | |||
10.2 Informative References . . . . . . . . . . . . . . . . . . . 8 | Intellectual Property and Copyright Statements . . . . . . . 10 | |||
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . 9 | ||||
Intellectual Property and Copyright Statements . . . . . . . . 10 | ||||
1. Preface | 1. Preface | |||
This document is intended to define the "OpenPGP" message header. | This document is intended to define the "OpenPGP" message header. | |||
This header should be considered "informational" (and "optional"), | This header should be considered "informational" (and "optional"), | |||
and be suitable for both mail [6] and netnews [1] messages. This | and be suitable for both mail [8] and netnews [1] messages. This | |||
header should be used to provide information about the sender's | header should be used to provide information about the sender's | |||
OpenPGP [5] key. This header MAY be used in any message. | OpenPGP [7] key. This header MAY be used in any message. | |||
This document should be interpreted within the context of RFC 2822. | This document should be interpreted within the context of RFC 2822. | |||
In the event of a discrepancy, refer to that document. | In the event of a discrepancy, refer to that document. | |||
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||
document are to be interpreted as described in RFC 2119 [2]. | document are to be interpreted as described in RFC 2119 [4]. | |||
2. Background and Motivation | 2. Background and Motivation | |||
There are quite a few PGP and GnuPG users who add headers with | There are quite a few PGP and GnuPG users who add headers with | |||
information about the sender's OpenPGP key. Headers in current use | information about the sender's OpenPGP key. Headers in current use | |||
include "X-PGP:", "X-PGP-Key:", "X-Request-PGP:", "X-PGP-KeyID:", and | include "X-PGP:", "X-PGP-Key:", "X-Request-PGP:", "X-PGP-KeyID:", and | |||
"X-PGP-Fingerprint:". The headers lack standardization, which | "X-PGP-Fingerprint:". The headers lack standardization, which | |||
prevent them from being reliably parsed automatically by | prevent them from being reliably parsed automatically by | |||
applications, rather than manually parsed by humans. | applications, rather than manually parsed by humans. | |||
skipping to change at page 4, line 11 | skipping to change at page 4, line 11 | |||
applications do not trigger error messages that may annoy the user, | applications do not trigger error messages that may annoy the user, | |||
when an error condition arise during handling of the OpenPGP header. | when an error condition arise during handling of the OpenPGP header. | |||
It is generally recommended that an implementation ignore the | It is generally recommended that an implementation ignore the | |||
presence of the OpenPGP header if an error condition occur. Since | presence of the OpenPGP header if an error condition occur. Since | |||
the header is optional, this approach should not be difficult to | the header is optional, this approach should not be difficult to | |||
implement. The philosophy here is to enable an enhanced user | implement. The philosophy here is to enable an enhanced user | |||
experience. Error messages rarely contribute to that goal. | experience. Error messages rarely contribute to that goal. | |||
3. OpenPGP Header Field | 3. OpenPGP Header Field | |||
This header, if used, is intended to present characteristics of the | This header is intended to present characteristics of the sender's | |||
sender's OpenPGP key, such as the primary key ID (or fingerprint), | OpenPGP key. It may contain the Key ID and the URL where the key can | |||
algorithm, size and URL where the key can be found. This header is | be retrieved. | |||
of a "structured" type (see section 2.2.2 of RFC 2822). In general, | ||||
the structure consist of one or more attribute and value pairs. The | ||||
terminology and format of the header was inspired by MIME [8]. | ||||
This header SHOULD NOT appear more than once within a message. | This header is of a "structured" type (see section 2.2.2 of RFC | |||
2822). In general, the structure consist of one or more parameters, | ||||
each consisting of one attribute and one value. The terminology and | ||||
format of the header was inspired by MIME [2]. The various | ||||
provisions of RFC 2045 apply. In particular, the value part of all | ||||
parameters may be quoted; whitespace, foldoing and comments may occur | ||||
in the middle of parameters. The provisions of MIME [3] also apply; | ||||
in particular it deals with handling parameters of excessive length. | ||||
In the Augmented BNF [3] notation, an OpenPGP header field is defined | In the Augmented BNF [5] notation, an OpenPGP header field is defined | |||
as below. By itself, however, this grammar is incomplete. It refers | as below. By itself, however, this grammar is incomplete. It refers | |||
by name to several syntax rules that are defined by RFC 2822 and the | by name to several syntax rules that are defined by RFC 2822 and the | |||
URI syntax document [4]. Rather than reproduce those definitions | URI syntax document [6]. Rather than reproduce those definitions | |||
here, and risk unintentional differences between the two, this | here, and risk unintentional differences between the two, this | |||
document refer the reader to RFC 2822 and RFC 2396 for the definition | document refer the reader to RFC 2822 and RFC 2396 for the definition | |||
of non-terminals. | of non-terminals. | |||
openpgp := "OpenPGP:" id-or-url / (parameter *(";" parameter)) | Unrecognized parameters MUST be ignored. The grammar permit them to | |||
allow for future extensions. This header SHOULD NOT appear more than | ||||
once within a message. A given parameter type (i.e., "id" or "url") | ||||
may appear no more than once. | ||||
openpgp := "OpenPGP:" id-or-url / | ||||
(openpgp-parameter *(";" openpgp-parameter)) | ||||
CRLF | CRLF | |||
id-or-url := id / url | id-or-url := id / url | |||
id := ["0x"] (4*HEXDIG / 8*HEXDIG / 32*HEXDIG / 40*HEXDIG) | id := *HEXDIG | |||
url := absoluteURI ; Defined in RFC 2396. | url := absoluteURI ; Defined in RFC 2396. | |||
algo := *DIGIT ; Value in RFC 2440 section 9.1. | openpgp-parameter | |||
:= ("id" "=" id) / | ||||
size := *DIGIT ; Primary key size in bits. | ||||
created := *DIGIT ; Correspond to four-octet number in | ||||
; RFC 2440 V3/V4 key packet that indicate | ||||
; the time the key was created, expressed as | ||||
; an unsigned decimal integer. | ||||
parameter := ("id" "=" id) / | ||||
("url" "=" url) / | ("url" "=" url) / | |||
("algo" "=" algo) / | parameter ; See RFC 2045 for definition of parameter. | |||
("size" "=" size) / | ||||
("created" "=" created) | ||||
3.1 Primary Key ID field: id | 3.1 Primary Key ID field: id | |||
The "id" attribute=value pair, if present, MUST define the primary | The "id" attribute=value pair, if present, MUST define the primary | |||
key ID. The value MAY be prefixed with "0x". The value MUST | key ID. The value MUST identify the key ID (in either short or long | |||
identify the key ID (in either short or long form) or the | form) or the fingerprint, all using the hexadecimal [14] notation. | |||
fingerprint, all using the hexadecimal [13] notation. | ||||
A short key ID is a 32 bit key ID, represented as 8 characters. | ||||
A long key ID is a 64 bit key ID, represented as 16 characters. | ||||
A v4 fingerprint is a 160 bit key ID, represented as 40 characters. | ||||
A v3 fingerprint is a 128 bit key ID, represented as 32 characters. | ||||
Note that each of the following examples includes a comment, which is | ||||
optional. | ||||
id=12345678 (short key ID, no 0x prefix) | ||||
id=0x12345678 (short key ID) | ||||
id=0x1234567890ABCDEF (long key ID) | ||||
id=0x1234567890ABCDEF01234567890ABCDEF0123456 (v4 fingerprint) | ||||
id=0x1234567890ABCDEF01234567890ABCDE (v3 fingerprint) | ||||
3.2 Primary Key Algorithm field: algo | ||||
The "algo" attribute=value pair, if present, MUST specify the | The length of the field imply the kind of key id, i.e., short or long | |||
algorithm of the primary key. The algorithm of the primary key MUST | form, or a v3 or v4 key. | |||
be presented as the value defined in section 9.1 of RFC 2440 (Public | ||||
Key Algorithms). The value MUST be presented as an integer in | ||||
decimal notation. | ||||
Note that each of the following examples includes a comment, which is | Note that each of the following examples includes a comment, which is | |||
optional. | optional. | |||
algo=1 (RSA) | id=12345678 (short key ID) | |||
algo=17 (DSA) | id=1234567890ABCDEF (long key ID) | |||
id=1234567890ABCDEF01234567890ABCDEF0123456 (v4 fingerprint) | ||||
3.3 Primary Key Size field: size | id=1234567890ABCDEF01234567890ABCDE (v3 fingerprint, deprecated) | |||
The "size" attribute=value pair, if present, MUST specify the size of | ||||
the primary key. The size of the primary key MUST be presented as | ||||
the number of bits in the key's modulus. The value MUST be presented | ||||
as an integer in decimal notation. | ||||
Note that one of the following examples includes a comment, which is | ||||
optional. | ||||
size=1024 | ||||
size=2048 (bits) | ||||
3.4 Key URL field: url | 3.2 Key URL field: url | |||
The "url" attribute=value pair, if present, MUST specify a URL where | The "url" attribute=value pair, if present, MUST specify a URL where | |||
the public key can be found. It is RECOMMENDED to use a common URL | the public key can be found. It is RECOMMENDED to use a common URL | |||
family, such as HTTP [11] or FTP [7]. The URL MUST be fully | family, such as HTTP [12] or FTP [9]. The URL MUST be fully | |||
qualified, MUST explicitly specify a protocol and SHOULD be | qualified, MUST explicitly specify a protocol and SHOULD be | |||
accessible on the public Internet. | accessible on the public Internet. | |||
For example: | For example: | |||
url=http://example.org/pgp.txt | url=http://example.org/pgp.txt | |||
3.5 Key Creation Date field: created | ||||
This "created" attribute=value pair, if present, MUST define the | ||||
creation date of the primary key. The creation date of the primary | ||||
key MUST be presented as specified in section 5.5.2 of RFC2440 | ||||
(Public Key Packet Formats). The value MUST be presented as a | ||||
integer in decimal notation. | ||||
Note that the following example includes a comment, which is | ||||
optional. | ||||
created=1104629466 (Sun Jan 2 01:31:06 UTC 2005) | ||||
4. Comments | 4. Comments | |||
As discussed in section 3.2.3 of RFC 2822, comments may appear in | As discussed in section 3.2.3 of RFC 2822, comments may appear in | |||
header field bodies. Comments are not intended to be interpreted by | header field bodies. Comments are not intended to be interpreted by | |||
any application, but to provide additional information for humans. | any application, but to provide additional information for humans. | |||
The following are examples of header field bodies with comments: | The following are examples of header field bodies with comments: | |||
id=0xB565716F (key stored on non-networked laptop) | id=B565716F (key stored on non-networked laptop) | |||
id=0x12345678; algo=1 (RSA Encrypt or Sign) | id=12345678 (1024 bit RSA Key for Encrypt or Sign) | |||
id=0xABCD0123; created=1104629115 (Sun Jan 2 02:25:15 CET 2005) | id=ABCD0123 (created Sun Jan 2 02:25:15 CET 2005) | |||
5. Examples | 5. Examples | |||
These are valid examples of ways in which this header may be used. | These are valid examples of ways in which this header may be used. | |||
This list of examples is not meant to be exhaustive. | This list is not meant to be exhaustive, but do reflect expected | |||
typical usages. | ||||
OpenPGP: id=0x12345678 | OpenPGP: 12345678 | |||
OpenPGP: id=0x12345678; algo=1 (RSA); size=2048 | OpenPGP: id=12345678 | |||
OpenPGP: http://example.com/key.txt | ||||
OpenPGP: url=http://example.com/key.txt | OpenPGP: url=http://example.com/key.txt | |||
OpenPGP: url=http://example.com/key.txt; | OpenPGP: url=http://example.com/key.txt; id=12345678 | |||
id=0x12345678 (this key is only used at the office) | OpenPGP: id=12345678; url=http://example.com/key.txt | |||
OpenPGP: url=http://example.com/key.txt (down 2-3pm UTC); | ||||
id=12345678 (this key is only used at the office) | ||||
6. Open Issues | 6. Open Issues | |||
Should the algo/size/created fields be included? They are supposedly | ||||
only there for v3 keys. | ||||
Should there be a "supports" field, that signal whether the sender | Should there be a "supports" field, that signal whether the sender | |||
support inline PGP or PGP/MIME? As in supports="inline, mime" or | support inline PGP or PGP/MIME? As in supports="inline, mime" or | |||
similar. Should it be in preferred priority order? | similar. Should it be in preferred priority order? | |||
The ABNF definition is known to be under-specified. | ||||
7. Acknowledgements | 7. Acknowledgements | |||
The content of this document builds on discussions with (in | The content of this document builds on discussions with (in | |||
alphabetical order) Christian Biere, Patrick Brunschwig, Peter J. | alphabetical order) Christian Biere, Patrick Brunschwig, Jon Callas, | |||
Holzer, Ingo Klocker, Werner Koch, Jochen Kupper, Aleksandar | Peter J. Holzer, Ingo Klocker, Werner Koch, Jochen Kupper, Charles | |||
Milivojevic, Xavier Maillard, Greg Sabino Mullane, Thomas Roessler, | Lindsey, Aleksandar Milivojevic, Xavier Maillard, Greg Sabino | |||
Moritz Schulte, Thomas Sjogren, Paul Walker, and Steve Youngs. No | Mullane, Thomas Roessler, Moritz Schulte, Olav Seyfarth, Thomas | |||
doubt the list is incomplete. We apologize to anyone we left out. | Sjogren, Paul Walker, and Steve Youngs. No doubt the list is | |||
incomplete. We apologize to anyone we left out. | ||||
8. Security Considerations | 8. Security Considerations | |||
These headers are intended to be a convenience in locating public | These headers are intended to be a convenience in locating public | |||
keys: They are neither secure nor intended to be. Since header | keys: They are neither secure nor intended to be. Since header | |||
information is easy to spoof, information contained in headers should | information is easy to spoof, information contained in headers should | |||
not be trusted: The information must be verified. How the | not be trusted: The information must be verified. How the | |||
information is verified is left as an exercise for the reader. | information is verified is left as an exercise for the reader. | |||
Applications that interpret the data within this header MUST NOT | Applications that interpret the data within this header MUST NOT | |||
skipping to change at page 8, line 8 | skipping to change at page 7, line 8 | |||
SHOULD alert the user that this information is not a substitute for | SHOULD alert the user that this information is not a substitute for | |||
personally verifying keys and being a part of the web of trust. | personally verifying keys and being a part of the web of trust. | |||
If an application receives a signed message and uses the information | If an application receives a signed message and uses the information | |||
in this header to retrieve a key, the application MAY ignore the | in this header to retrieve a key, the application MAY ignore the | |||
retrieved key if it is not the same key used to sign the message. | retrieved key if it is not the same key used to sign the message. | |||
This SHOULD be done before the newly retrieved key is imported into | This SHOULD be done before the newly retrieved key is imported into | |||
the user's keyring. | the user's keyring. | |||
The use of HTTPS [12], DNSSEC [9], SMTP STARTTLS [10], and other | The use of HTTPS [13], DNSSEC [10], SMTP STARTTLS [11], and other | |||
secure protocols, may enhance the security of information conveyed | secure protocols, may enhance the security of information conveyed | |||
through this header, but does not guarantee any level of security or | through this header, but does not guarantee any level of security or | |||
authenticity. Developers and users must remain aware of this. | authenticity. Developers and users must remain aware of this. | |||
Version 3 OpenPGP keys can be created with a chosen key id (aka "the | ||||
0xDEADBEEF attack"). Verifying the Key ID of a retrived key against | ||||
the one provided in this header is thus not sufficient to protect | ||||
against a man-in-the-middle attack. Instead, the web-of-trust | ||||
mechanism should be used. | ||||
If an attacker wants to check the validity of Email addresses, he | ||||
might send out junk email to arbitrary addresses and collect those | ||||
that report back to the crafted OpenPGP URL. To protect against | ||||
this, implementations MUST inform the user of that potential privacy | ||||
issue when retrieving keys from an URL provided by the mail headers | ||||
of an inbound email message: either when the feature is enabled or to | ||||
be used for the first time or every time the MUA detects an unknown | ||||
key. | ||||
Given the flexibility of the syntax of the header, slightly varying | Given the flexibility of the syntax of the header, slightly varying | |||
the content between messages can be used as a covert channel. | the content between messages can be used as a covert channel. | |||
9. Copying conditions | 9. IANA Considerations | |||
The IANA is asked to register the OpenPGP header, using the template | ||||
as follows, in accordance with RFC 3864 [15]. | ||||
Header field name: OpenPGP | ||||
Applicable protocol: mail, netnews | ||||
Status: informational | ||||
Author/Change controller: IETF | ||||
Specification document(s): This document. | ||||
Related information: None | ||||
10. Copying conditions | ||||
In addition to the IETF/ISOC copying conditions, the following | In addition to the IETF/ISOC copying conditions, the following | |||
statement grant third parties further rights to this document. | statement grant third parties further rights to this document. | |||
Copyright (C) 2004 Atom Smasher | Copyright (C) 2004 Atom Smasher | |||
Copyright (C) 2004, 2005 Simon Josefsson | Copyright (C) 2004, 2005 Simon Josefsson | |||
Copying and distribution of the work, with or without | Regarding this entire document or any portion of it, the authors | |||
modification, are permitted in any medium without royalty | makes no guarantees and is not responsible for any damage | |||
provided the copyright notice and this notice are preserved. | resulting from its use. The authors grants irrevocable | |||
permission to anyone to use, modify, and distribute it in any way | ||||
that does not diminish the rights of anyone else to use, modify, | ||||
and distribute it, provided that redistributed derivative works | ||||
do not contain misleading author or version information. | ||||
Derivative works need not be licensed under similar terms. | ||||
10. References | 11. References | |||
10.1 Normative References | 11.1 Normative References | |||
[1] Horton, M. and R. Adams, "Standard for interchange of USENET | [1] Horton, M. and R. Adams, "Standard for interchange of USENET | |||
messages", RFC 1036, December 1987. | messages", RFC 1036, December 1987. | |||
[2] Bradner, S., "Key words for use in RFCs to Indicate Requirement | [2] Freed, N. and N. Borenstein, "Multipurpose Internet Mail | |||
Extensions (MIME) Part One: Format of Internet Message Bodies", | ||||
RFC 2045, November 1996. | ||||
[3] Freed, N. and K. Moore, "MIME Parameter Value and Encoded Word | ||||
Extensions: Character Sets, Languages, and Continuations", | ||||
RFC 2231, November 1997. | ||||
[4] Bradner, S., "Key words for use in RFCs to Indicate Requirement | ||||
Levels", BCP 14, RFC 2119, March 1997. | Levels", BCP 14, RFC 2119, March 1997. | |||
[3] Crocker, D. and P. Overell, "Augmented BNF for Syntax | [5] Crocker, D. and P. Overell, "Augmented BNF for Syntax | |||
Specifications: ABNF", RFC 2234, November 1997. | Specifications: ABNF", RFC 2234, November 1997. | |||
[4] Berners-Lee, T., Fielding, R. and L. Masinter, "Uniform Resource | [6] Berners-Lee, T., Fielding, R., and L. Masinter, "Uniform | |||
Identifiers (URI): Generic Syntax", RFC 2396, August 1998. | Resource Identifiers (URI): Generic Syntax", RFC 2396, | |||
August 1998. | ||||
[5] Callas, J., Donnerhacke, L., Finney, H. and R. Thayer, "OpenPGP | [7] Callas, J., Donnerhacke, L., Finney, H., and R. Thayer, "OpenPGP | |||
Message Format", RFC 2440, November 1998. | Message Format", RFC 2440, November 1998. | |||
[6] Resnick, P., "Internet Message Format", RFC 2822, April 2001. | [8] Resnick, P., "Internet Message Format", RFC 2822, April 2001. | |||
10.2 Informative References | 11.2 Informative References | |||
[7] Postel, J. and J. Reynolds, "File Transfer Protocol", STD 9, | [9] Postel, J. and J. Reynolds, "File Transfer Protocol", STD 9, | |||
RFC 959, October 1985. | RFC 959, October 1985. | |||
[8] Freed, N. and N. Borenstein, "Multipurpose Internet Mail | [10] Eastlake, D., "Domain Name System Security Extensions", | |||
Extensions (MIME) Part One: Format of Internet Message Bodies", | RFC 2535, March 1999. | |||
RFC 2045, November 1996. | ||||
[9] Eastlake, D., "Domain Name System Security Extensions", RFC | ||||
2535, March 1999. | ||||
[10] Newman, C., "Using TLS with IMAP, POP3 and ACAP", RFC 2595, | [11] Newman, C., "Using TLS with IMAP, POP3 and ACAP", RFC 2595, | |||
June 1999. | June 1999. | |||
[11] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., | [12] Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., | |||
Leach, P. and T. Berners-Lee, "Hypertext Transfer Protocol -- | Leach, P., and T. Berners-Lee, "Hypertext Transfer Protocol -- | |||
HTTP/1.1", RFC 2616, June 1999. | HTTP/1.1", RFC 2616, June 1999. | |||
[12] Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000. | [13] Rescorla, E., "HTTP Over TLS", RFC 2818, May 2000. | |||
[13] Josefsson, S., "The Base16, Base32, and Base64 Data Encodings", | [14] Josefsson, S., "The Base16, Base32, and Base64 Data Encodings", | |||
RFC 3548, July 2003. | RFC 3548, July 2003. | |||
[15] Klyne, G., Nottingham, M., and J. Mogul, "Registration | ||||
Procedures for Message Header Fields", BCP 90, RFC 3864, | ||||
September 2004. | ||||
Authors' Addresses | Authors' Addresses | |||
Atom Smasher | Atom Smasher | |||
EMail: atom@smasher.org (0x762A3B98A3C396C9C6B7582AB88D52E4D9F57808) | Email: atom@smasher.org (0x762A3B98A3C396C9C6B7582AB88D52E4D9F57808) | |||
Simon Josefsson | Simon Josefsson | |||
EMail: simon@josefsson.org (0x0424D4EE81A0E3D119C6F835EDA21E94B565716F) | Email: simon@josefsson.org (0x0424D4EE81A0E3D119C6F835EDA21E94B565716F) | |||
Intellectual Property Statement | Intellectual Property Statement | |||
The IETF takes no position regarding the validity or scope of any | The IETF takes no position regarding the validity or scope of any | |||
Intellectual Property Rights or other rights that might be claimed to | Intellectual Property Rights or other rights that might be claimed to | |||
pertain to the implementation or use of the technology described in | pertain to the implementation or use of the technology described in | |||
this document or the extent to which any license under such rights | this document or the extent to which any license under such rights | |||
might or might not be available; nor does it represent that it has | might or might not be available; nor does it represent that it has | |||
made any independent effort to identify any such rights. Information | made any independent effort to identify any such rights. Information | |||
on the procedures with respect to rights in RFC documents can be | on the procedures with respect to rights in RFC documents can be | |||
End of changes. | ||||
This html diff was produced by rfcdiff 1.23, available from http://www.levkowetz.com/ietf/tools/rfcdiff/ |