| draft-ietf-dkim-rfc4871-errata-00.txt | draft-ietf-dkim-rfc4871-errata-01.txt | |||
|---|---|---|---|---|
| DKIM D. Crocker, Ed. | DKIM D. Crocker, Ed. | |||
| Internet-Draft Brandenburg InternetWorking | Internet-Draft Brandenburg InternetWorking | |||
| Intended status: Standards Track January 25, 2009 | Intended status: Standards Track February 2, 2009 | |||
| Expires: July 29, 2009 | Expires: August 6, 2009 | |||
| RFC 4871 DomainKeys Identified Mail (DKIM) Signatures -- Errata | RFC 4871 DomainKeys Identified Mail (DKIM) Signatures -- Errata | |||
| draft-ietf-dkim-rfc4871-errata-00 | draft-ietf-dkim-rfc4871-errata-01 | |||
| Status of this Memo | Status of this Memo | |||
| This Internet-Draft is submitted to IETF in full conformance with the | This Internet-Draft is submitted to IETF in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| other groups may also distribute working documents as Internet- | other groups may also distribute working documents as Internet- | |||
| Drafts. | Drafts. | |||
| skipping to change at page 1, line 32 | skipping to change at page 1, line 32 | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/ietf/1id-abstracts.txt. | http://www.ietf.org/ietf/1id-abstracts.txt. | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html. | http://www.ietf.org/shadow.html. | |||
| This Internet-Draft will expire on July 29, 2009. | This Internet-Draft will expire on August 6, 2009. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2009 IETF Trust and the persons identified as the | Copyright (c) 2009 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 2, line 21 | skipping to change at page 2, line 21 | |||
| Email: dcrocker@bbiw.net | Email: dcrocker@bbiw.net | |||
| Type | Type | |||
| Technical | Technical | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 2. Section 2.7 Identity Assessor . . . . . . . . . . . . . . . . . 3 | 2. RFC 4871 Abstract . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 3. Section 2.8 Signing Domain Identifier (SDID) . . . . . . . . . 3 | 3. RFC4871 Section 1. Introduction . . . . . . . . . . . . . . . . 3 | |||
| 4. Section 2.9 User Agent Identifier (UAID) . . . . . . . . . . . 4 | 4. RFC4871 Section 2.7 Identity . . . . . . . . . . . . . . . . . 4 | |||
| 5. Section 3.9 Relationship Between SDID and UAID . . . . . . . . 4 | 5. RFC4871 Section 2.8 Identifier . . . . . . . . . . . . . . . . 4 | |||
| 6. Section 3.5 The DKIM-Signature Header Field . . . . . . . . . . 5 | 6. RFC4871 Section 2.9 Signing Domain Identifier (SDID) . . . . . 4 | |||
| 7. Section 3.5 The DKIM-Signature Header Field . . . . . . . . . . 5 | 7. RFC4871 Section 2.10 User Agent Identifier (UAID) . . . . . . . 4 | |||
| 8. Section 3.8. Signing by Parent Domains . . . . . . . . . . . . 5 | 8. RFC4871 Section 2.11 Identity Assessor . . . . . . . . . . . . 5 | |||
| 9. Section 6.3. Interpret Results/Apply Local Policy . . . . . . 6 | 9. RFC4871 Section 3.9 Relationship Between SDID and UAID . . . . 5 | |||
| 10. Section 6.3. Interpret Results/Apply Local Policy . . . . . . 6 | 10. RFC4871 Section 3.5 The DKIM-Signature Header Field . . . . . . 6 | |||
| 11. Appendix D. MUA Considerations . . . . . . . . . . . . . . . . 7 | 11. RFC4871 Section 3.5 The DKIM-Signature Header Field . . . . . . 6 | |||
| 12. Security Considerations . . . . . . . . . . . . . . . . . . . . 7 | 12. RFC4871 Section 3.8. Signing by Parent Domains . . . . . . . . 6 | |||
| 13. Normative References . . . . . . . . . . . . . . . . . . . . . 7 | 13. RFC4871 Section 6.3. Interpret Results/Apply Local Policy . . 7 | |||
| Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . . 7 | 14. RFC4871 Section 6.3. Interpret Results/Apply Local Policy . . 7 | |||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 7 | 15. RFC4871 Appendix D. MUA Considerations . . . . . . . . . . . . 8 | |||
| 16. Security Considerations . . . . . . . . . . . . . . . . . . . . 8 | ||||
| 17. Normative References . . . . . . . . . . . . . . . . . . . . . 8 | ||||
| Appendix A. Acknowledgements . . . . . . . . . . . . . . . . . . . 8 | ||||
| Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 8 | ||||
| 1. Introduction | 1. Introduction | |||
| About the purpose for DKIM, [RFC4871] states: | About the purpose for DKIM, [RFC4871] states: | |||
| The ultimate goal of this framework is to permit a signing domain | The ultimate goal of this framework is to permit a signing domain | |||
| to assert responsibility for a message, thus protecting message | to assert responsibility for a message, thus protecting message | |||
| signer identity... | signer identity... | |||
| Hence, DKIM has a signer, a validator and a consumer of the validated | Hence, DKIM has a signer that produces a signed message, a verifier | |||
| signing domain. In effect, the purpose of DKIM is to communicate | that confirms the signature and an assessor that consumes the | |||
| that "responsible" domain name to a receive-side consuming module. | validated signing domain. so the simple purpose of DKIM is to | |||
| For DKIM to be interoperable and useful, signer and consumer must | communicate an identifier to a receive-side assessor module. The | |||
| share the same understanding of the details about the name. | identifier is in the form of a domain name that refers to a | |||
| responsible identity. For DKIM to be interoperable and useful, | ||||
| signer and assessor must share the same understanding of the details | ||||
| about the identifier. | ||||
| However the specification defines two, potentially different | However the specification defines two, potentially different | |||
| identifiers that are carried in the DKIM-Signature: header field and | identifiers that are carried in the DKIM-Signature: header field and | |||
| might be delivered to a receiving processing module that consumes | might be delivered to a receiving processing module that consumes | |||
| validated payload. The DKIM specification fails to clearly define | validated payload. The DKIM specification fails to clearly define | |||
| what is "payload" to be delivered to a consuming module, versus what | what is "payload" to be delivered to a consuming module, versus what | |||
| is internal and merely in support of achieving payload delivery. | is internal and merely in support of achieving payload delivery. | |||
| This currently leaves signers and consumers with the potential for | This currently leaves signers and assessors with the potential for | |||
| having differing -- and therefore non-interoperable -- | having differing -- and therefore non-interoperable -- | |||
| interpretations of how DKIM operates. | interpretations of how DKIM operates. | |||
| This erratum resolves this confusion. It defines new labels for the | This erratum resolves this confusion. It defines new labels for the | |||
| two values, clarifies their nature, and specifies and their | two values, clarifies their nature, and specifies and their | |||
| relationship. | relationship. | |||
| 2. Section 2.7 Identity Assessor | 2. RFC 4871 Abstract | |||
| Original Text: The ultimate goal of this framework is to permit a | ||||
| signing domain to assert responsibility | ||||
| Corrected Text: The ultimate goal of this framework is to permit a | ||||
| person, role or organization that owns the signing domain to | ||||
| assert responsibility | ||||
| 3. RFC4871 Section 1. Introduction | ||||
| Original Text: permitting a signing domain to claim responsibility | ||||
| Corrected Text: permitting a person, role or organization that owns | ||||
| the signing domain to claim responsibility | ||||
| 4. RFC4871 Section 2.7 Identity | ||||
| A person, role or organization. | ||||
| Original Text: (None. Additional text.) | Original Text: (None. Additional text.) | |||
| Corrected Text: The name of the module which consumes DKIM's | Corrected Text: A person, role or organization. | |||
| primary payload, the responsible Signing Domain Identifier (SDID). | ||||
| It can optionally consume the User Agent Identifier (UAID) value, | ||||
| if provided to the module. Details of this module are outside the | ||||
| scope of the DKIM specification. | ||||
| 3. Section 2.8 Signing Domain Identifier (SDID) | 5. RFC4871 Section 2.8 Identifier | |||
| Original Text: (None. Additional text.) | Original Text: (None. Additional text.) | |||
| Corrected Text: A label that refers to an identity. | ||||
| 6. RFC4871 Section 2.9 Signing Domain Identifier (SDID) | ||||
| Original Text: (None. Additional text.) | ||||
| Corrected Text: A single, opaque value that is the mandatory | Corrected Text: A single, opaque value that is the mandatory | |||
| payload output of DKIM and which refers to the identity claiming | payload output of DKIM and that refers to the identity claiming | |||
| responsibility for the introduction of a message into the mail | responsibility for the introduction of a message into the mail | |||
| stream. | stream. Within the scope of the DKIM Signing specification, the | |||
| conventions and semantics used by a signer to create and use a | ||||
| specific SDID are outside the scope of the DKIM Signing | ||||
| specification, as is any use of those conventions and semantics. | ||||
| 4. Section 2.9 User Agent Identifier (UAID) | 7. RFC4871 Section 2.10 User Agent Identifier (UAID) | |||
| Original Text: (None. Additional text.) | Original Text: (None. Additional text.) | |||
| Corrected Text: A single, opaque value that is the optional, | Corrected Text: A single, opaque value that is the optional, | |||
| additional payload output of DKIM and which identifies the user or | additional payload output of DKIM and that identifies the user or | |||
| agent on behalf of whom the SDID has taken responsibility. | agent on behalf of whom the SDID has taken responsibility. The | |||
| conventions and semantics used by a signer to create and use a | ||||
| specific UAID are outside the scope of the DKIM Signing | ||||
| specification, as is any use of those conventions and semantics. | ||||
| 5. Section 3.9 Relationship Between SDID and UAID | 8. RFC4871 Section 2.11 Identity Assessor | |||
| Original Text: (None. Additional text.) | ||||
| Corrected Text: The name of the module that consumes DKIM's primary | ||||
| payload, the responsible Signing Domain Identifier (SDID). It can | ||||
| optionally consume the User Agent Identifier (UAID) value, if | ||||
| provided to the module. The conventions and semantics used by a | ||||
| signer to create and use a specific SDID or UAID are outside the | ||||
| scope of the DKIM Signing specification, as is any use of those | ||||
| conventions and semantics. | ||||
| 9. RFC4871 Section 3.9 Relationship Between SDID and UAID | ||||
| Original Text: (None. This is an addition.) | Original Text: (None. This is an addition.) | |||
| Corrected Text: DKIM's primary task is to communicate from the | Corrected Text: DKIM's primary task is to communicate from the | |||
| Signer to a recipient-side Identity Assessor a single, responsible | Signer to a recipient-side Identity Assessor a single, Signing | |||
| Signing Domain Identifier (SDID). The SDID MUST be the value of | Domain Identifier (SDID) that identifies a responsible identity. | |||
| the d= tag. DKIM MAY optionally provide a single responsible User | The SDID MUST be the value of the d= tag. DKIM MAY optionally | |||
| Agent Identifier (UAID); if the UAID is present, it MUST be the | provide a single responsible User Agent Identifier (UAID); if the | |||
| value of the i= tag. | UAID is present, it MUST be the value of the i= tag. | |||
| The SDID MUST correspond to a valid DNS name under which the DKIM | The SDID MUST correspond to a valid DNS name under which the DKIM | |||
| key record is published. | key record is published. | |||
| The UAID is specified as having the same syntax as an email | The UAID is specified as having the same syntax as an email | |||
| address, but is not required to have the same semantics. Notably, | address, but is not required to have the same semantics. Notably, | |||
| the domain name is not required to be registered in the DNS -- so | the domain name is not required to be registered in the DNS -- so | |||
| it might not resolve in a query -- and the Local-part MAY be drawn | it might not resolve in a query -- and the Local-part MAY be drawn | |||
| from a namespace that does not contain the user's mailbox. The | from a namespace that does not contain the user's mailbox. The | |||
| details of the structure and semantics for the namespace are | details of the structure and semantics for the namespace are | |||
| determined by -- and known only to -- the Signer. The Signer MAY | determined by the Signer. Any knowledge or use of those details | |||
| choose to use the same namespace for its UAIDs as its users' email | by verifiers or assessors is outside the scope of the DKIM Signing | |||
| addresses, or MAY choose other means of representing its users. | specification. The Signer MAY choose to use the same namespace | |||
| However, the signer SHOULD use the same UAID for each message | for its UAIDs as its users' email addresses, or MAY choose other | |||
| intended to be evaluated as being within the same sphere of | means of representing its users. However, the signer SHOULD use | |||
| responsibility, if it wishes to offer receivers the option of | the same UAID for each message intended to be evaluated as being | |||
| using the UAID as a finer grained, stable identifier than the | within the same sphere of responsibility, if it wishes to offer | |||
| SDID. | receivers the option of using the UAID as a finer grained, stable | |||
| identifier than the SDID. | ||||
| Hence, DKIM delivers to receive-side Identity Assessors | Hence, DKIM delivers to receive-side Identity Assessors | |||
| responsible Identifiers that are individual, opaque values. Their | responsible Identifiers that are individual, opaque values. Their | |||
| sub-structures and particular semantics are not publicly defined | sub-structures and particular semantics are not publicly defined | |||
| and, therefore, cannot be assumed by an Identity Assessor. | and, therefore, cannot be assumed by an Identity Assessor. | |||
| A receive-side DKIM validator MUST communicate the Signing Domain | A receive-side DKIM verifier MUST communicate the Signing Domain | |||
| Identifier (d=) to a consuming Identity Assessor module and MAY | Identifier (d=) to a consuming Identity Assessor module and MAY | |||
| communicate the User Agent Identifier (i=) if present. | communicate the User Agent Identifier (i=) if present. | |||
| To the extent that a receiver chooses to attempt to interpret any | To the extent that a receiver attempts to intuit any structured | |||
| structured semantics for either of the identifiers, this is a | semantics for either of the identifiers, this is a heuristic | |||
| heuristic function that is outside the scope of DKIM's | function that is outside the scope of DKIM's specification and | |||
| specification and semantics. Hence it is relegated to a higher- | semantics. Hence it is relegated to a higher-level service, such | |||
| level service, such as a delivery handling filter that integrates | as a delivery handling filter that integrates a variety of inputs | |||
| a variety of inputs and performs heuristic analysis of them. | and performs heuristic analysis of them. | |||
| 6. Section 3.5 The DKIM-Signature Header Field | 10. RFC4871 Section 3.5 The DKIM-Signature Header Field | |||
| Original Text: d= The domain of the signing entity. | Original Text: d= The domain of the signing entity. | |||
| Corrected Text: d= Specifies the SDID claiming responsibility for | Corrected Text: d= Specifies the SDID claiming responsibility for | |||
| the introduction of a message into the mail stream. | an introduction of a message into the mail stream. | |||
| 7. Section 3.5 The DKIM-Signature Header Field | 11. RFC4871 Section 3.5 The DKIM-Signature Header Field | |||
| Original Text: i= Identity of the user or agent (e.g., a mailing | Original Text: i= Identity of the user or agent (e.g., a mailing | |||
| list manager) on behalf of which this message is signed | list manager) on behalf of which this message is signed | |||
| Corrected Text: i= The responsible User Agent Identifier (UAID) on | Corrected Text: i= The responsible User Agent Identifier (UAID) on | |||
| behalf of which the SDID is taking responsibility. | behalf of which the SDID is taking responsibility. | |||
| 8. Section 3.8. Signing by Parent Domains | 12. RFC4871 Section 3.8. Signing by Parent Domains | |||
| the section where the error appears | the section where the error appears | |||
| Original Text: e.g., a key record for the domain example.com can be | Original Text: e.g., a key record for the domain example.com can be | |||
| used to verify messages where the signing identity ("i=" tag of | used to verify messages where the signing identity ("i=" tag of | |||
| the signature) is sub.example.com, or even sub1.sub2.example.com. | the signature) is sub.example.com, or even sub1.sub2.example.com. | |||
| In order to limit the capability of such keys when this is not | In order to limit the capability of such keys when this is not | |||
| intended, the "s" flag may be set in the "t=" tag of the key | intended, the "s" flag may be set in the "t=" tag of the key | |||
| record to constrain the validity of the record to exactly the | record to constrain the validity of the record to exactly the | |||
| domain of the signing identity. If the referenced key record | domain of the signing identity. If the referenced key record | |||
| skipping to change at page 6, line 16 | skipping to change at page 7, line 16 | |||
| tag of the signature) is sub.example.com, or even | tag of the signature) is sub.example.com, or even | |||
| sub1.sub2.example.com. In order to limit the capability of such | sub1.sub2.example.com. In order to limit the capability of such | |||
| keys when this is not intended, the "s" flag MAY be set in the | keys when this is not intended, the "s" flag MAY be set in the | |||
| "t=" tag of the key record, to constrain the validity of the | "t=" tag of the key record, to constrain the validity of the | |||
| domain of the UAID. If the referenced key record contains the "s" | domain of the UAID. If the referenced key record contains the "s" | |||
| flag as part of the "t=" tag, the domain of the UAID ("i=" flag) | flag as part of the "t=" tag, the domain of the UAID ("i=" flag) | |||
| MUST be the same as that of the SDID (d=) domain. If this flag is | MUST be the same as that of the SDID (d=) domain. If this flag is | |||
| absent, the domain of the UAID MUST be the same as, or a subdomain | absent, the domain of the UAID MUST be the same as, or a subdomain | |||
| of, the SDID. | of, the SDID. | |||
| 9. Section 6.3. Interpret Results/Apply Local Policy | 13. RFC4871 Section 6.3. Interpret Results/Apply Local Policy | |||
| Original Text: It is beyond the scope of this specification to | Original Text: It is beyond the scope of this specification to | |||
| describe what actions a verifier system should make, but an | describe what actions a verifier system should make, but an | |||
| authenticated email presents an opportunity to a receiving system | authenticated email presents an opportunity to a receiving system | |||
| that unauthenticated email cannot. Specifically, an authenticated | that unauthenticated email cannot. Specifically, an authenticated | |||
| email creates a predictable identifier by which other decisions | email creates a predictable identifier by which other decisions | |||
| can reliably be managed, such as trust and reputation. | can reliably be managed, such as trust and reputation. | |||
| Corrected Text: It is beyond the scope of this specification to | Corrected Text: It is beyond the scope of this specification to | |||
| describe what actions an Identity Assessor can make, but mail | describe what actions an Identity Assessor can make, but mail | |||
| carrying a validated SDID presents an opportunity to an Identity | carrying a validated SDID presents an opportunity to an Identity | |||
| Assessor that unauthenticated email does not Specifically, an | Assessor that unauthenticated email does not Specifically, an | |||
| authenticated email creates a predictable identifier by which | authenticated email creates a predictable identifier by which | |||
| other decisions can reliably be managed, such as trust and | other decisions can reliably be managed, such as trust and | |||
| reputation. | reputation. | |||
| 10. Section 6.3. Interpret Results/Apply Local Policy | 14. RFC4871 Section 6.3. Interpret Results/Apply Local Policy | |||
| Original Text: Once the signature has been verified, that | Original Text: Once the signature has been verified, that | |||
| information MUST be conveyed to higher-level systems (such as | information MUST be conveyed to higher-level systems (such as | |||
| explicit allow/whitelists and reputation systems) and/or to the | explicit allow/whitelists and reputation systems) and/or to the | |||
| end user. If the message is signed on behalf of any address other | end user. If the message is signed on behalf of any address other | |||
| than that in the From: header field, the mail system SHOULD take | than that in the From: header field, the mail system SHOULD take | |||
| pains to ensure that the actual signing identity is clear to the | pains to ensure that the actual signing identity is clear to the | |||
| reader. | reader. | |||
| Corrected Text: Once the signature has been verified, that | Corrected Text: Once the signature has been verified, that | |||
| information MUST be conveyed to the Identity Assessor (such as an | information MUST be conveyed to the Identity Assessor (such as an | |||
| explicit allow/whitelist and reputation system) and/or to the end | explicit allow/whitelist and reputation system) and/or to the end | |||
| user. If the UAID is not the same as the address in the From: | user. If the SDID is not the same as the address in the From: | |||
| header field, the mail system SHOULD take pains to ensure that the | header field, the mail system SHOULD take pains to ensure that the | |||
| actual UAID is clear to the reader. | actual SDID is clear to the reader. | |||
| 11. Appendix D. MUA Considerations | 15. RFC4871 Appendix D. MUA Considerations | |||
| Original Text: The tendency is to have the MUA highlight the | Original Text: The tendency is to have the MUA highlight the | |||
| address associated with this signing identity in some way, in an | address associated with this signing identity in some way, in an | |||
| attempt to show the user the address from which the mail was sent. | attempt to show the user the address from which the mail was sent. | |||
| Corrected Text: The tendency is to have the MUA highlight the UAID, | Corrected Text: The tendency is to have the MUA highlight the SDID, | |||
| in an attempt to show the user the identity that is claiming | in an attempt to show the user the identity that is claiming | |||
| responsibility for the message. | responsibility for the message. | |||
| 12. Security Considerations | 16. Security Considerations | |||
| This Errata document clarifies core details about DKIM's payload. As | This Errata document clarifies core details about DKIM's payload. As | |||
| such it affects interoperability, semantic characterization, and the | such it affects interoperability, semantic characterization, and the | |||
| expectations for the identifiers carried with a DKIM signature. | expectations for the identifiers carried with a DKIM signature. | |||
| Clarification of these details is likely to limit misinterpretation | Clarification of these details is likely to limit misinterpretation | |||
| of DKIM's semantics. Since DKIM is fundamentally a security | of DKIM's semantics. Since DKIM is fundamentally a security | |||
| protocol, this should improve its security characteristics. | protocol, this should improve its security characteristics. | |||
| 13. Normative References | 17. Normative References | |||
| [RFC4871] Sendmail, Inc., PGP Corporation, Yahoo! Inc, Yahoo! Inc, | [RFC4871] Allman, E., Callas, J., Delany, M., Libbey, M., Fenton, | |||
| Cisco Systems, Inc., and Cisco Systems, Inc., "DomainKeys | J., and M. Thomas, "DomainKeys Identified Mail (DKIM) | |||
| Identified Mail (DKIM) Signatures", RFC 4871, May 2007. | Signatures", RFC 4871, May 2007. | |||
| Appendix A. Acknowledgements | Appendix A. Acknowledgements | |||
| This document was initially formulated by an ad hoc design team, | This document was initially formulated by an ad hoc design team, | |||
| comprising: Jon Callas, J D Falk, Jim Fenton, Tony Hansen, Murray | comprising: Jon Callas, J D Falk, Jim Fenton, Tony Hansen, Murray | |||
| Kucherawy, John Levine, Michael Hammer, Jeff Macdonald, Ellen Siegel, | Kucherawy, John Levine, Michael Hammer, Jeff Macdonald, Ellen Siegel, | |||
| Wietse Venema. It represents a rough consensus of that effort, | Wietse Venema. It represents a rough consensus of that effort, | |||
| although the final wording of the submitted draft is the sole | although the final wording of the submitted draft is the sole | |||
| responsibility (d=) of the listed author. | responsibility (d=) of the listed author. | |||
| End of changes. 32 change blocks. | ||||
| 72 lines changed or deleted | 118 lines changed or added | |||
This html diff was produced by rfcdiff 1.35. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||