<?xml version="1.0" encoding="UTF-8"?>
  <?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
  <!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.34 (Ruby 4.0.2) -->


<!DOCTYPE rfc  [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">

]>


<rfc ipr="trust200902" docName="draft-ietf-acme-authority-token-jwtclaimcon-03" category="std" consensus="true" submissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true">
  <front>
    <title abbrev="ACME JWTClaimConstraints Auth Token">JWTClaimConstraints profile of ACME Authority Token</title>

    <author initials="C." surname="Wendt" fullname="Chris Wendt">
      <organization>Somos Inc.</organization>
      <address>
        <postal>
          <country>US</country>
        </postal>
        <email>chris@appliedbits.com</email>
      </address>
    </author>
    <author initials="D." surname="Hancock" fullname="David Hancock">
      <organization>Somos Inc.</organization>
      <address>
        <postal>
          <country>US</country>
        </postal>
        <email>davidhancock.ietf@gmail.com</email>
      </address>
    </author>

    <date year="2026" month="June" day="30"/>

    <area>sec</area>
    
    <keyword>acme, STIR</keyword>

    <abstract>


<?line 45?>

<t>This document defines an authority token profile for the validation of JWTClaimConstraints and EnhancedJWTClaimConstraints certificate extensions within the Automated Certificate Management Environment (ACME) protocol. This profile is based on the Authority Token framework and establishes the specific ACME identifier type, challenge mechanism, and token format necessary to authorize a client to request a certificate containing these constraints.</t>



    </abstract>



  </front>

  <middle>


<?line 49?>

<section anchor="introduction"><name>Introduction</name>

<t>The validation of certificate extensions that constrain the use of a certificate's credentials, such as the JWTClaimConstraints extension defined in <xref target="RFC8226"/> and the EnhancedJWTClaimConstraints extension defined in <xref target="RFC9118"/>, is critical for defining the scope of an issued certificate. This document specifies an authority token profile for validating these constraints, modeled after the authority token framework established in <xref target="RFC9447"/> and the TNAuthList validation defined in <xref target="RFC9448"/>.</t>

<t>This profile facilitates proper delegation and authorization for entities requesting certificates under ACME and similar frameworks. It defines the use of the JWTClaimConstraints Authority Token in the ACME challenge to prove an authoritative or trusted use of the contents of the JWTClaimConstraints and EnhancedJWTClaimConstraints extensions based on the issuer of the token.</t>

<t>This document is intended for use by Secure Telephone Identity (STI) Certification Authorities. In this ecosystem, certificates contain telephone-number-related (TNAuthList) extensions and JWTClaimConstraints extensions defined in <xref target="RFC8226"/> and <xref target="RFC9118"/>, and certificate issuance is governed by a set of STI-specific Token Authorities. The TNAuthList Authority Token profile (<xref target="RFC9448"/>) is the parallel specification for telephone number authorization in this ecosystem and is already widely deployed. This document follows the same pattern to address authorization of the JWTClaimConstraints and EnhancedJWTClaimConstraints extensions. ACME implementers unfamiliar with the STIR ecosystem can treat the validation of the JWTClaimConstraints token value as a domain-specific authorization step analogous to TNAuthList validation: the ACME wire protocol mechanics are identical, and the Token Authority is responsible for the domain-specific semantic validation described in <xref target="RFC8226"/> and <xref target="RFC9118"/>.</t>

<t>This document also discusses the ability for an authority to authorize the creation of CA types of certificates for delegation as defined in <xref target="RFC9060"/>.</t>

</section>
<section anchor="terminology"><name>Terminology</name>

<t>The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they appear in all capitals, as shown here.</t>

</section>
<section anchor="identifier-encoding"><name>ACME new-order Identifiers for JWTClaimConstraints</name>

<t>In <xref target="RFC8555"/>, Section 7 defines the procedure that an ACME client uses to order a new certificate from a Certification Authority (CA). This draft defines a new type of identifier object called JWTClaimConstraints. A JWTClaimConstraints identifier contains the Token Claim Constraints information to be populated in the JWTClaimConstraints or EnhancedJWTClaimConstraints of the new certificate.</t>

<t>For the JWTClaimConstraints identifier, the new-order request includes a type set to the string "JWTClaimConstraints". The value of the JWTClaimConstraints identifier MUST be set to the details of the JWTClaimConstraints or EnhancedJWTClaimConstraints extension requested.</t>

<t>The format of the string that represents the JWTClaimConstraints MUST be constructed using base64url encoding, as per <xref target="RFC8555"/> base64url encoding described in Section 5 of <xref target="RFC4648"/> according to the profile specified in JSON Web Signature in Section 2 of <xref target="RFC7515"/>. The base64url encoding MUST NOT include any padding characters and the JWTClaimConstraints ASN.1 object MUST be encoded using DER encoding rules. DER (the canonical subset of BER) and unpadded base64url together uniquely determine the octet sequence for a given JWTClaimConstraints or EnhancedJWTClaimConstraints ASN.1 value. The same canonical encoding is used as the "tkvalue" string in the "atc" claim of the corresponding Authority Token, so that the value carried in the new-order identifier and the value carried in the token are octet-by-octet identical and can be compared as described in <xref target="validating-token"/>, step 5.</t>

<t>An example of an ACME order object "identifiers" field containing a JWTClaimConstraints certificate:</t>

<figure><artwork><![CDATA[
 "identifiers": [{"type":"JWTClaimConstraints",
   "value":"F83n2a...avn27DN3"}]
]]></artwork></figure>

<t>where the "value" object string represents the arbitrary length base64url encoded string.</t>

<t>A full new-order request would look as follows,</t>

<figure><artwork><![CDATA[
POST /acme/new-order HTTP/1.1
Host: example.com
Content-Type: application/jose+json

{
  "protected": base64url({
    "alg": "ES256",
    "kid": "https://example.com/acme/acct/evOfKhNU60wg",
    "nonce": "5XJ1L3lEkMG7tR6pA00clA",
    "url": "https://example.com/acme/new-order"
  }),
  "payload": base64url({
    "identifiers": [{"type":"JWTClaimConstraints",
      "value":"F83n...n27DN3"}],
    "notBefore": "2025-01-01T00:00:00Z",
    "notAfter": "2025-01-08T00:00:00Z"
  }),
  "signature": "H6ZXtGjTZyUnPeKn...wEA4TklBdh3e454g"
}
]]></artwork></figure>

<t>On receiving a valid new-order request, the ACME server creates an authorization object, <xref target="RFC8555"/> Section 7.1.4, containing the challenge that the ACME client must satisfy to demonstrate authority for the identifiers specified by the new order (in this case, the JWTClaimConstraints identifier). The CA adds the authorization object URL to the "authorizations" field of the order object, and returns the order object to the ACME client in the body of a 201 (Created) response.</t>

<figure><artwork><![CDATA[
HTTP/1.1 201 Created
Content-Type: application/json
Replay-Nonce: MYAuvOpaoIiywTezizk5vw
Location: https://example.com/acme/order/1234

{
  "status": "pending",
  "expires": "2025-01-08T00:00:00Z",

  "notBefore": "2025-01-01T00:00:00Z",
  "notAfter": "2025-01-08T00:00:00Z",
  "identifiers": [
    {"type": "JWTClaimConstraints",
     "value": "F83n2a...avn27DN3"}
  ],

  "authorizations": [
   "https://example.com/acme/authz/1234"
  ],
  "finalize": "https://example.com/acme/order/1234/finalize"
}
]]></artwork></figure>

</section>
<section anchor="jwtclaimconstraints-authorization"><name>JWTClaimConstraints Authorization</name>

<t>On receiving the new-order response, the ACME client queries the referenced authorization object to obtain the challenges for the identifier contained in the new-order request.</t>

<figure><artwork><![CDATA[
POST /acme/authz/1234 HTTP/1.1
Host: example.com
Content-Type: application/jose+json

{
  "protected": base64url({
    "alg": "ES256",
    "kid": "https://example.com/acme/acct/evOfKhNU60wg",
    "nonce": "uQpSjlRb4vQVCjVYAyyUWg",
    "url": "https://example.com/acme/authz/1234"
  }),
  "payload": "",
  "signature": "nuSDISbWG8mMgE7H...QyVUL68yzf3Zawps"
}
]]></artwork></figure>

<figure><artwork><![CDATA[
HTTP/1.1 200 OK
Content-Type: application/json
Link: <https://example.com/acme/some-directory>;rel="index"

{
  "status": "pending",
  "expires": "2025-01-08T00:00:00Z",

  "identifier": {
    "type": "JWTClaimConstraints",
    "value": "F83n2a...avn27DN3"
  },

  "challenges": [
    {
      "type": "tkauth-01",
      "tkauth-type": "atc",
      "token-authority": "https://authority.example.org",
      "url": "https://boulder.example.com/acme/chall/prV_B7yEyA4",
      "token": "IlirfxKKXAsHtmzK29Pj8A"
    }
  ]
}
]]></artwork></figure>

<t>When processing a certificate order containing an identifier of type "JWTClaimConstraints", a CA uses the Authority Token challenge type of "tkauth-01" with a "tkauth-type" of "atc", defined in <xref target="RFC9447"/>, to verify that the requesting ACME client has authenticated and authorized control over the requested resources represented by the "JWTClaimConstraints" value.</t>

<t>The challenge "token-authority" parameter is OPTIONAL. If a "token-authority" parameter is present, the ACME client MAY use this value to identify the URL representing the Token Authority that will provide the JWTClaimConstraints Authority Token response to the challenge. If the "token-authority" parameter is not present, the ACME client MUST identify the Token Authority based on locally configured information or local policies.</t>

<t>The ACME client responds to the challenge by posting the JWTClaimConstraints Authority Token to the challenge URL identified in the returned ACME authorization object.</t>

<figure><artwork><![CDATA[
POST /acme/chall/prV_B7yEyA4 HTTP/1.1
Host: example.com
Content-Type: application/jose+json

{
  "protected": base64url({
    "alg": "ES256",
    "kid": "https://example.com/acme/acct/evOfKhNU60wg",
    "nonce": "Q_s3MWoqT05TrdkM2MTDcw",
    "url": "https://example.com/acme/chall/prV_B7yEyA4"
  }),
  "payload": base64url({
    "tkauth": "DGyRejmCefe7v4N...vb29HhjjLPSggwiE"
  }),
  "signature": "9cbg5JO1Gf5YLjjz...SpkUfcdPai9uVYYQ"
}
]]></artwork></figure>

<t>The "tkauth" field in the challenge response object is specific to the tkauth-01 challenge type. When responding to a challenge for a JWTClaimConstraints identifier, this field SHALL contain the JWTClaimConstraints Authority Token defined in the next section.</t>

</section>
<section anchor="jwtclaimconstraints-authority-token"><name>JWTClaimConstraints Authority Token</name>

<t>The JWTClaimConstraints Authority Token is a profile instance of the ACME Authority Token defined in <xref target="RFC9447"/>.</t>

<t>The JWTClaimConstraints Authority Token Protected header MUST comply with the Authority Token Protected header as defined in <xref target="RFC9447"/>.</t>

<section anchor="jwtclaimconstraints-authority-token-payload"><name>JWTClaimConstraints Authority Token Payload</name>

<t>The JWTClaimConstraints Authority Token Payload MUST include the mandatory claims "exp", "jti", and "atc", and MAY include the optional claims defined for the Authority Token.</t>

<section anchor="iss-claim"><name>"iss" claim</name>

<t>The "iss" claim is an optional claim defined in <xref target="RFC7519"/> Section 4.1.1.  It can be used as a URL identifying the Token Authority that issued the JWTClaimConstraints Authority Token beyond the "x5u" or other Header claims that identify the location of the certificate or certificate chain of the Token Authority used to validate the JWTClaimConstraints Authority Token.</t>

</section>
<section anchor="exp-claim"><name>"exp" claim</name>

<t>The "exp" claim, defined in <xref target="RFC7519"/> Section 4.1.4, MUST be included and contains the DateTime value of the ending date and time that the JWTClaimConstraints Authority Token expires.</t>

</section>
<section anchor="jti-claim"><name>"jti" claim</name>

<t>The "jti" claim, defined in <xref target="RFC7519"/> Section 4.1.7, MUST be included and contains a unique identifier for this JWTClaimConstraints Authority Token transaction.</t>

</section>
<section anchor="atc-claim"><name>"atc" claim</name>

<t>The "atc" claim MUST be included and is defined in <xref target="RFC9447"/>. It contains a JSON object with the following elements:</t>

<t><list style="symbols">
  <t>a "tktype" key with a string value equal to "JWTClaimConstraints" to represent a JWTClaimConstraints profile of the authority token <xref target="RFC9447"/> defined by this document. "tktype" is a required key and MUST be included.</t>
  <t>a "tkvalue" key with a string value equal to the base64url encoding of the JWTClaimConstraints or EnhancedJWTClaimConstraints certificate extension ASN.1 object using DER encoding rules. "tkvalue" is a required key and MUST be included.</t>
  <t>a "ca" key with a boolean value set to false (since the JWTClaimConstraints extension is applicable only to end-entity certificates). "ca" is an optional key; if not included, the "ca" value is considered false by default.</t>
  <t>a "fingerprint" key is constructed as defined in <xref target="RFC8555"/> Section 8.1 corresponding to the computation of the fingerprint step using the ACME account key credentials. "fingerprint" is a required key and MUST be included.</t>
</list></t>

<t>An example of the JWTClaimConstraints Authority Token is as follows:</t>

<figure><artwork><![CDATA[
{
  "protected": base64url({
    "typ": "JWT",
    "alg": "ES256",
    "x5u": "https://authority.example.org/cert"
  }),
  "payload": base64url({
    "iss": "https://authority.example.org",
    "exp": 1640995200,
    "jti": "id6098364921",
    "atc": {
      "tktype": "JWTClaimConstraints",
      "tkvalue": "F83n2a...avn27DN3",
      "ca": false,
      "fingerprint": "SHA256 56:3E:CF:AE:83:CA:4D:15:B0:29:FF:1B:71:
       D3:BA:B9:19:81:F8:50:9B:DF:4A:D4:39:72:E2:B1:F0:B9:38:E3"
    }
  }),
  "signature": "9cbg5JO1Gf5YLjjz...SpkUfcdPai9uVYYQ"
}
]]></artwork></figure>

</section>
</section>
<section anchor="acquiring-the-token-from-the-token-authority"><name>Acquiring the token from the Token Authority</name>

<t>Following <xref target="RFC9447"/> Section 5, the authority token should be acquired using a RESTful HTTP POST transaction as follows:</t>

<figure><artwork><![CDATA[
POST /at/account/:id/token HTTP/1.1
Host: authority.example.org
Content-Type: application/json
]]></artwork></figure>

<t>The request will pass the account id as a string in the request parameter "id". Note that this account identifier refers to the ACME client's account with the Token Authority, and is distinct from the ACME account used with the CA. There is assumed to be a corresponding authentication procedure that can be verified for the success of this transaction, for example, an HTTP Authorization header field containing valid authorization credentials as defined in <xref target="RFC7231"/> Section 14.8.</t>

<t>The body of the POST request MUST contain a JSON object with key value pairs corresponding to values that are requested as the content of the claims in the issued token.</t>

<t>As an example, the body SHOULD contain a JSON object as follows:</t>

<figure><artwork><![CDATA[
{
  "atc": {
    "tktype": "JWTClaimConstraints",
    "tkvalue": "F83n2a...avn27DN3",
    "ca": false,
    "fingerprint": "SHA256 56:3E:CF:AE:83:CA:4D:15:B0:29:FF:1B:71:D3
      :BA:B9:19:81:F8:50:9B:DF:4A:D4:39:72:E2:B1:F0:B9:38:E3"
  }
}
]]></artwork></figure>

<t>The response to the POST request if successful returns a 200 OK with a JSON body that contains, at a minimum, the JWTClaimConstraints Authority Token as a JSON object with a key of "token" and the base64url encoded string representing the atc token. JSON is easily extensible, so users of this specification may want to pass other pieces of information relevant to a specific application.</t>

<t>An example successful response would be as follows:</t>

<figure><artwork><![CDATA[
HTTP/1.1 200 OK
Content-Type: application/json

{"token": "DGyRejmCefe7v4N...vb29HhjjLPSggwiE"}
]]></artwork></figure>

<t>The ACME client then uses the value of the "token" field as the "tkauth" field in the challenge response POST to the ACME challenge URL, as described in Section 4.</t>

<t>If the request is not successful, the response should indicate the error condition. Specifically, for the case that the authorization credentials are invalid or if the Account ID provided does not exist, the response code MUST be 403 - Forbidden. Other 4xx and 5xx responses MUST follow standard <xref target="RFC7231"/> HTTP error condition conventions.</t>

</section>
<section anchor="token-authority-responsibilities"><name>Token Authority Responsibilities</name>

<t>When creating the JWTClaimConstraints Authority Token, the Token Authority MUST validate that the information contained in the ASN.1 JWTClaimConstraints accurately represents the corresponding JWTClaimConstraint resources the requesting party is authorized to represent based on their pre-established and verified secure relationship between the Token Authority and the requesting party.</t>

<t>The fingerprint in the token request is not meant to be verified by the Token Authority. Rather, it is meant to be signed as part of the token so that the party that requests the token can, as part of the challenge response, allow the ACME server to validate that the token requested and used came from the same party that controls the ACME client.</t>

</section>
<section anchor="scope-of-the-jwtclaimconstraints"><name>Scope of the JWTClaimConstraints</name>

<t>Because this specification involves the JWTClaimConstraints and EnhancedJWTClaimConstraints extensions, the client MAY request an Authority Token with some subset of its own authority as the JWTClaimConstraints provided in the "tkvalue" element of the "atc" JSON object. JWTClaimConstraints can be constructed to define a limited scope of claims and claim values the client has authority over.</t>

</section>
<section anchor="acme-challenges-requiring-multiple-authority-tokens"><name>ACME Challenges requiring multiple Authority Tokens</name>

<t>The ACME new-order request may include multiple identifiers, each of which is authorized separately. With the introduction of this specification, for STIR certificates <xref target="RFC8226"/>, a certificate order may require two Authority Token identifier types:</t>

<t><list style="symbols">
  <t>The JWTClaimConstraints identifier defined in this document, and</t>
  <t>The TNAuthList identifier defined in <xref target="RFC9448"/>.</t>
</list></t>

<t>Other Authority Token types may be introduced in future Authority Token profile specifications with similar requirements.</t>

<t>This section describes scenarios where a new-order request contains both of these identifier types. In such cases, the CA requires the ACME client to provide both a JWTClaimConstraints Authority Token and a TNAuthList Authority Token as part of the challenge response.</t>

<t>The TNAuthList Authority Token authorizes the token holder to obtain certificates containing a TNAuthList extension whose scope is less than or equal to the scope of the TNAuthList identifier in the token.</t>

<t>The JWTClaimConstraints Authority Token authorizes the token holder to obtain a certificate containing a JWTClaimConstraints or EnhancedJWTClaimConstraints extension, provided that the extension is within the scope of the JWTClaimConstraints identifier in the token. Since these two certificate extensions constrain the resources and claims available to the certificate, there is an inherent interaction between these two types of Authority Tokens.</t>

<t>The "value" field of the JWTClaimConstraints identifier, and the corresponding "tkvalue" in the "atc" claim, is a base64url-encoded DER representation of a JWTClaimConstraints or EnhancedJWTClaimConstraints ASN.1 object as defined in <xref target="RFC8226"/> and <xref target="RFC9118"/>. From the ACME server's perspective this value is opaque: validation step 5 in <xref target="validating-token"/> requires only that the value in the token is octet-by-octet identical to the value in the order. The semantic content of the extension — which claims are permitted or excluded, and for which telephone numbers — is a STIR ecosystem concern governed by <xref target="RFC8226"/> and <xref target="RFC9118"/>, and is validated by the Token Authority prior to token issuance (see Section 5.3). Informative examples of JWTClaimConstraints ASN.1 structures, their DER encodings, and corresponding base64url values are provided in <xref target="appendix-examples"/>.</t>

<section anchor="acme-procedures-when-challenge-requires-two-authority-tokens"><name>ACME Procedures when Challenge requires two Authority Tokens</name>

<t>Sections 3 and 4 describe the ACME procedures for issuing a certificate based on a single JWTClaimConstraints identifier. This section describes how these procedures are modified to support the case where the new-order request contains both a TNAuthList and JWTClaimConstraints identifier.</t>

<t>First, the "identifiers" field in the new-order request includes both identifier types:</t>

<figure><artwork><![CDATA[
     "identifiers": [
     {"type": "TNAuthList",
      "value": "KHn6xf...jw4A1vgh"},
     {"type": "JWTClaimConstraints",
      "value": "F83n2a...avn27DN3"}]
]]></artwork></figure>

<t>The CA includes two "authorizations" URLs in the 201 (Created) response to the new-order request, one for each identifier:</t>

<figure><artwork><![CDATA[
     "authorizations": [
        "https://example.com/acme/authz/1234",
        "https://example.com/acme/authz/5678"]
]]></artwork></figure>

<t>The ACME client then queries each "authorizations" URL as shown in Section 4. The CA returns the Authority Token challenge for each identifier. The ACME client responds to each challenge by providing an Authority Token of the appropriate type.</t>

</section>
</section>
</section>
<section anchor="validating-token"><name>Validating the JWTClaimConstraints Authority Token</name>

<t>Upon receiving a response to the challenge, the ACME server MUST perform the following steps to determine the validity of the response. Steps 1 through 3 and steps 6 through 8 are general ACME authority token validation steps applicable to any Authority Token profile. Steps 4 and 5 are specific to the JWTClaimConstraints profile. The semantic validation of whether the JWTClaimConstraints or EnhancedJWTClaimConstraints content accurately reflects the requesting party's authorized resources is the responsibility of the Token Authority prior to issuing the token (see Section 5.3), and is governed by <xref target="RFC8226"/> and <xref target="RFC9118"/>.</t>

<t><list style="numbers" type="1">
  <t>Verify that the value of the "atc" claim is a well-formed JSON object containing the mandatory key values ("tktype", "tkvalue", "fingerprint").</t>
  <t>Verify Token Issuer: If there is an "x5u" parameter, verify the "x5u" parameter is an HTTPS URL with a reference to a certificate representing the trusted issuer of authority tokens. If there is an "x5c" parameter, verify the certificate array contains a certificate representing the trusted issuer of authority tokens.</t>
  <t>Verify Signature: Verify the JWTClaimConstraints Authority Token signature using the public key of the certificate referenced by the token's "x5u" or "x5c" parameter.</t>
  <t>Verify Token Type: Verify that the "atc" claim contains a "tktype" identifier with the value "JWTClaimConstraints".</t>
  <t>Verify Constraints Match: Verify that the value of the "atc" claim "tkvalue" is octet-by-octet identical to the "value" of the JWTClaimConstraints identifier in the original new-order request. Both values are the canonical encoding defined in <xref target="identifier-encoding"/>: the base64url encoding (without padding) of the DER encoding of a JWTClaimConstraints or EnhancedJWTClaimConstraints ASN.1 object. The ACME server MUST perform this verification as a direct octet-by-octet comparison of the two base64url strings, and MUST NOT decode, re-encode, canonicalize, normalize, or otherwise transform either value before comparison. If either value contains characters outside the base64url alphabet defined in Section 5 of <xref target="RFC4648"/>, contains padding characters ("="), or differs from the other in any octet, this step MUST fail. See <xref target="security_considerations"/> for discussion of identifier comparison considerations.</t>
  <t>Verify Claims: Verify that the remaining claims are valid (e.g., verify that the token has not expired using the "exp" claim).</t>
  <t>Verify Account Control: Verify that the "atc" claim "fingerprint" is valid and matches the account key of the client making the request.</t>
  <t>Verify CA Flag: Verify that the "atc" claim "ca" identifier boolean corresponds to the CA boolean in the Basic Constraints extension in the Certificate Signing Request (CSR) for either a CA certificate or an end-entity certificate.</t>
</list></t>

<t>If all steps in the token validation process pass, then the ACME server MUST set the challenge object "status" to "valid". If any step of the validation process fails, the "status" in the challenge object MUST be set to "invalid".</t>

</section>
<section anchor="using-acme-issued-certificates-with-json-web-signature"><name>Using ACME-issued Certificates with JSON Web Signature</name>

<t>JSON Web Signature (JWS) objects can include an "x5u" header parameter to refer to a certificate for signature validation. In order to support this usage, the Certificate Authority (CA) MAY host the newly issued certificate and provide a URL that the ACME client owner can directly reference in the "x5u" header parameter of their signed JWS objects.</t>

<t>To facilitate this, the CA MAY add a newly defined field called "x5u" to the 200 (OK) order object response when the certificate is ready for the finalize request:</t>

<t>x5u (optional, string): A URL that can be used to reference the certificate in the "x5u" parameter of a JWS object.</t>

<t>An example of a 200 (OK) response containing the new "x5u" field:</t>

<figure><artwork><![CDATA[
HTTP/1.1 200 OK
Content-Type: application/json
Replay-Nonce: CGf81JWBsq8QyIgPCi9Q9X
Link: <https://example.com/acme/directory>;rel="index"
Location: https://example.com/acme/order/TOlocE8rfgo

{
  "status": "valid",
  "expires": "2016-01-20T14:09:07.99Z",

  "notBefore": "2016-01-01T00:00:00Z",
  "notAfter": "2016-01-08T00:00:00Z",

  "identifiers": [
    "type": "JWTClaimConstraints",
    "value": "F83n2a...avn27DN3"
  ],

  "authorizations": ["https://example.com/acme/authz/1234"],

  "finalize": "https://example.com/acme/order/TOlocE8rfgo/finalize",

  "certificate": "https://example.com/acme/cert/mAt3xBGaobw",

  "x5u": "https://example.com/cert-repo/giJI53km23.pem"
}
]]></artwork></figure>

</section>
<section anchor="security_considerations"><name>Security Considerations</name>

<t>The token represented by this document has the credentials to represent JWTClaimConstraints and EnhancedJWTClaimConstraints, which constrain the resources and claims a certificate holder can assert. The creation, transport, and any storage of this token MUST follow the strictest of security best practices, beyond the recommendations of the use of encrypted transport protocols in this document, to protect it from getting in the hands of bad actors with illegitimate intent to impersonate or misuse the constrained resources.</t>

<t>This document inherits the security properties of <xref target="RFC9447"/>. Implementations SHOULD follow the best practices identified in <xref target="RFC8725"/> for cryptographic security.</t>

<t>This document only specifies SHA256 for the fingerprint hash. However, the syntax of the fingerprint object would permit other algorithms if, due to concerns about algorithmic agility, a more robust algorithm were required at a future time. Future specifications CAN define new algorithms for the fingerprint object as needed.</t>

<section anchor="identifier-comparison-considerations"><name>Identifier Comparison Considerations</name>

<t>The "value" field of the JWTClaimConstraints identifier and the "tkvalue" string in the "atc" claim are opaque identifiers from the ACME server's perspective. <xref target="RFC6943"/> describes a class of vulnerabilities that arises when implementations apply ad hoc normalization, decoding, or "equivalence" judgments to identifier values during comparison: differences between what an implementation considers equivalent and what an attacker can produce can be turned into authorization bypasses. To eliminate this class of vulnerability for this profile, this document requires that both values be produced in a single canonical form (DER under unpadded base64url, as specified in <xref target="identifier-encoding"/>) and that the ACME server's comparison in <xref target="validating-token"/>, step 5, be a direct octet-by-octet comparison with no intervening transformation. Implementations MUST NOT be permissive about variations such as padded base64url, alternate base64url alphabets, BER encodings that are not also valid DER, embedded whitespace, or differences in canonical ordering inside ASN.1 SET constructs (DER fixes the ordering). Any deviation from the canonical form yields a different identifier value, and the validation step MUST fail.</t>

<t>Implementations SHOULD perform the octet-by-octet comparison in constant time. While the values compared in this profile are not themselves secret, constant-time comparison removes a class of timing side channels that have caused issues in other identifier-comparison contexts.</t>

</section>
</section>
<section anchor="iana-considerations"><name>IANA Considerations</name>

<t>This document requests the addition of a new identifier object type to the "ACME Identifier Types" registry defined in Section 9.7.7 of <xref target="RFC8555"/>.</t>

<figure><artwork><![CDATA[
+---------------------+-----------+
|        Label        | Reference |
+---------------------+-----------+
| JWTClaimConstraints |  RFCThis  |
+---------------------+-----------+
]]></artwork></figure>

</section>
<section anchor="acknowledgements"><name>Acknowledgements</name>

<t>We would like to thank ACME and STIR working groups for valuable contributions to the authority token framework used in this document.</t>

</section>


  </middle>

  <back>


<references title='References' anchor="sec-combined-references">

    <references title='Normative References' anchor="sec-normative-references">



<reference anchor="RFC4648">
  <front>
    <title>The Base16, Base32, and Base64 Data Encodings</title>
    <author fullname="S. Josefsson" initials="S." surname="Josefsson"/>
    <date month="October" year="2006"/>
    <abstract>
      <t>This document describes the commonly used base 64, base 32, and base 16 encoding schemes. It also discusses the use of line-feeds in encoded data, use of padding in encoded data, use of non-alphabet characters in encoded data, use of different encoding alphabets, and canonical encodings. [STANDARDS-TRACK]</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="4648"/>
  <seriesInfo name="DOI" value="10.17487/RFC4648"/>
</reference>
<reference anchor="RFC7231">
  <front>
    <title>Hypertext Transfer Protocol (HTTP/1.1): Semantics and Content</title>
    <author fullname="R. Fielding" initials="R." role="editor" surname="Fielding"/>
    <author fullname="J. Reschke" initials="J." role="editor" surname="Reschke"/>
    <date month="June" year="2014"/>
    <abstract>
      <t>The Hypertext Transfer Protocol (HTTP) is a stateless \%application- level protocol for distributed, collaborative, hypertext information systems. This document defines the semantics of HTTP/1.1 messages, as expressed by request methods, request header fields, response status codes, and response header fields, along with the payload of messages (metadata and body content) and mechanisms for content negotiation.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="7231"/>
  <seriesInfo name="DOI" value="10.17487/RFC7231"/>
</reference>
<reference anchor="RFC7515">
  <front>
    <title>JSON Web Signature (JWS)</title>
    <author fullname="M. Jones" initials="M." surname="Jones"/>
    <author fullname="J. Bradley" initials="J." surname="Bradley"/>
    <author fullname="N. Sakimura" initials="N." surname="Sakimura"/>
    <date month="May" year="2015"/>
    <abstract>
      <t>JSON Web Signature (JWS) represents content secured with digital signatures or Message Authentication Codes (MACs) using JSON-based data structures. Cryptographic algorithms and identifiers for use with this specification are described in the separate JSON Web Algorithms (JWA) specification and an IANA registry defined by that specification. Related encryption capabilities are described in the separate JSON Web Encryption (JWE) specification.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="7515"/>
  <seriesInfo name="DOI" value="10.17487/RFC7515"/>
</reference>
<reference anchor="RFC7519">
  <front>
    <title>JSON Web Token (JWT)</title>
    <author fullname="M. Jones" initials="M." surname="Jones"/>
    <author fullname="J. Bradley" initials="J." surname="Bradley"/>
    <author fullname="N. Sakimura" initials="N." surname="Sakimura"/>
    <date month="May" year="2015"/>
    <abstract>
      <t>JSON Web Token (JWT) is a compact, URL-safe means of representing claims to be transferred between two parties. The claims in a JWT are encoded as a JSON object that is used as the payload of a JSON Web Signature (JWS) structure or as the plaintext of a JSON Web Encryption (JWE) structure, enabling the claims to be digitally signed or integrity protected with a Message Authentication Code (MAC) and/or encrypted.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="7519"/>
  <seriesInfo name="DOI" value="10.17487/RFC7519"/>
</reference>
<reference anchor="RFC8226">
  <front>
    <title>Secure Telephone Identity Credentials: Certificates</title>
    <author fullname="J. Peterson" initials="J." surname="Peterson"/>
    <author fullname="S. Turner" initials="S." surname="Turner"/>
    <date month="February" year="2018"/>
    <abstract>
      <t>In order to prevent the impersonation of telephone numbers on the Internet, some kind of credential system needs to exist that cryptographically asserts authority over telephone numbers. This document describes the use of certificates in establishing authority over telephone numbers, as a component of a broader architecture for managing telephone numbers as identities in protocols like SIP.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="8226"/>
  <seriesInfo name="DOI" value="10.17487/RFC8226"/>
</reference>
<reference anchor="RFC8555">
  <front>
    <title>Automatic Certificate Management Environment (ACME)</title>
    <author fullname="R. Barnes" initials="R." surname="Barnes"/>
    <author fullname="J. Hoffman-Andrews" initials="J." surname="Hoffman-Andrews"/>
    <author fullname="D. McCarney" initials="D." surname="McCarney"/>
    <author fullname="J. Kasten" initials="J." surname="Kasten"/>
    <date month="March" year="2019"/>
    <abstract>
      <t>Public Key Infrastructure using X.509 (PKIX) certificates are used for a number of purposes, the most significant of which is the authentication of domain names. Thus, certification authorities (CAs) in the Web PKI are trusted to verify that an applicant for a certificate legitimately represents the domain name(s) in the certificate. As of this writing, this verification is done through a collection of ad hoc mechanisms. This document describes a protocol that a CA and an applicant can use to automate the process of verification and certificate issuance. The protocol also provides facilities for other certificate management functions, such as certificate revocation.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="8555"/>
  <seriesInfo name="DOI" value="10.17487/RFC8555"/>
</reference>
<reference anchor="RFC8725">
  <front>
    <title>JSON Web Token Best Current Practices</title>
    <author fullname="Y. Sheffer" initials="Y." surname="Sheffer"/>
    <author fullname="D. Hardt" initials="D." surname="Hardt"/>
    <author fullname="M. Jones" initials="M." surname="Jones"/>
    <date month="February" year="2020"/>
    <abstract>
      <t>JSON Web Tokens, also known as JWTs, are URL-safe JSON-based security tokens that contain a set of claims that can be signed and/or encrypted. JWTs are being widely used and deployed as a simple security token format in numerous protocols and applications, both in the area of digital identity and in other application areas. This Best Current Practices document updates RFC 7519 to provide actionable guidance leading to secure implementation and deployment of JWTs.</t>
    </abstract>
  </front>
  <seriesInfo name="BCP" value="225"/>
  <seriesInfo name="RFC" value="8725"/>
  <seriesInfo name="DOI" value="10.17487/RFC8725"/>
</reference>
<reference anchor="RFC9060">
  <front>
    <title>Secure Telephone Identity Revisited (STIR) Certificate Delegation</title>
    <author fullname="J. Peterson" initials="J." surname="Peterson"/>
    <date month="September" year="2021"/>
    <abstract>
      <t>The Secure Telephone Identity Revisited (STIR) certificate profile provides a way to attest authority over telephone numbers and related identifiers for the purpose of preventing telephone number spoofing. This specification details how that authority can be delegated from a parent certificate to a subordinate certificate. This supports a number of use cases, including those where service providers grant credentials to enterprises or other customers capable of signing calls with STIR.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="9060"/>
  <seriesInfo name="DOI" value="10.17487/RFC9060"/>
</reference>
<reference anchor="RFC9118">
  <front>
    <title>Enhanced JSON Web Token (JWT) Claim Constraints for Secure Telephone Identity Revisited (STIR) Certificates</title>
    <author fullname="R. Housley" initials="R." surname="Housley"/>
    <date month="August" year="2021"/>
    <abstract>
      <t>RFC 8226 specifies the use of certificates for Secure Telephone Identity Credentials; these certificates are often called "Secure Telephone Identity Revisited (STIR) Certificates". RFC 8226 provides a certificate extension to constrain the JSON Web Token (JWT) claims that can be included in the Personal Assertion Token (PASSporT), as defined in RFC 8225. If the PASSporT signer includes a JWT claim outside the constraint boundaries, then the PASSporT recipient will reject the entire PASSporT. This document updates RFC 8226; it provides all of the capabilities available in the original certificate extension as well as an additional way to constrain the allowable JWT claims. The enhanced extension can also provide a list of claims that are not allowed to be included in the PASSporT.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="9118"/>
  <seriesInfo name="DOI" value="10.17487/RFC9118"/>
</reference>
<reference anchor="RFC9447">
  <front>
    <title>Automated Certificate Management Environment (ACME) Challenges Using an Authority Token</title>
    <author fullname="J. Peterson" initials="J." surname="Peterson"/>
    <author fullname="M. Barnes" initials="M." surname="Barnes"/>
    <author fullname="D. Hancock" initials="D." surname="Hancock"/>
    <author fullname="C. Wendt" initials="C." surname="Wendt"/>
    <date month="September" year="2023"/>
    <abstract>
      <t>Some proposed extensions to the Automated Certificate Management Environment (ACME) rely on proving eligibility for certificates through consulting an external authority that issues a token according to a particular policy. This document specifies a generic Authority Token Challenge for ACME that supports subtype claims for different identifiers or namespaces that can be defined separately for specific applications.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="9447"/>
  <seriesInfo name="DOI" value="10.17487/RFC9447"/>
</reference>
<reference anchor="RFC9448">
  <front>
    <title>TNAuthList Profile of Automated Certificate Management Environment (ACME) Authority Token</title>
    <author fullname="C. Wendt" initials="C." surname="Wendt"/>
    <author fullname="D. Hancock" initials="D." surname="Hancock"/>
    <author fullname="M. Barnes" initials="M." surname="Barnes"/>
    <author fullname="J. Peterson" initials="J." surname="Peterson"/>
    <date month="September" year="2023"/>
    <abstract>
      <t>This document defines a profile of the Automated Certificate Management Environment (ACME) Authority Token for the automated and authorized creation of certificates for Voice over IP (VoIP) telephone providers to support Secure Telephone Identity (STI) using the TNAuthList defined by STI certificates.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="9448"/>
  <seriesInfo name="DOI" value="10.17487/RFC9448"/>
</reference>
<reference anchor="RFC2119">
  <front>
    <title>Key words for use in RFCs to Indicate Requirement Levels</title>
    <author fullname="S. Bradner" initials="S." surname="Bradner"/>
    <date month="March" year="1997"/>
    <abstract>
      <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
    </abstract>
  </front>
  <seriesInfo name="BCP" value="14"/>
  <seriesInfo name="RFC" value="2119"/>
  <seriesInfo name="DOI" value="10.17487/RFC2119"/>
</reference>
<reference anchor="RFC8174">
  <front>
    <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
    <author fullname="B. Leiba" initials="B." surname="Leiba"/>
    <date month="May" year="2017"/>
    <abstract>
      <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t>
    </abstract>
  </front>
  <seriesInfo name="BCP" value="14"/>
  <seriesInfo name="RFC" value="8174"/>
  <seriesInfo name="DOI" value="10.17487/RFC8174"/>
</reference>



    </references>

    <references title='Informative References' anchor="sec-informative-references">



<reference anchor="RFC6943">
  <front>
    <title>Issues in Identifier Comparison for Security Purposes</title>
    <author fullname="D. Thaler" initials="D." role="editor" surname="Thaler"/>
    <date month="May" year="2013"/>
    <abstract>
      <t>Identifiers such as hostnames, URIs, IP addresses, and email addresses are often used in security contexts to identify security principals and resources. In such contexts, an identifier presented via some protocol is often compared using some policy to make security decisions such as whether the security principal may access the resource, what level of authentication or encryption is required, etc. If the parties involved in a security decision use different algorithms to compare identifiers, then failure scenarios ranging from denial of service to elevation of privilege can result. This document provides a discussion of these issues that designers should consider when defining identifiers and protocols, and when constructing architectures that use multiple protocols.</t>
    </abstract>
  </front>
  <seriesInfo name="RFC" value="6943"/>
  <seriesInfo name="DOI" value="10.17487/RFC6943"/>
</reference>



    </references>

</references>


<?line 440?>

<section anchor="appendix-examples"><name>JWTClaimConstraints Identifier Value Examples</name>

<t>This appendix provides informative examples of JWTClaimConstraints and EnhancedJWTClaimConstraints ASN.1 structures as defined in <xref target="RFC8226"/> and <xref target="RFC9118"/>, along with their DER encodings and base64url values as used in the ACME identifier "value" field and the "tkvalue" of the "atc" claim. These examples are intended for implementers of STI Token Authorities and certificate requestors in the STIR/SHAKEN ecosystem. ACME server implementations treat the identifier value as opaque and are not required to parse or validate its internal structure.</t>

<t>Note: single-quote delimiters in the ASN.1 notation below denote string values; inner double quotes are part of the JSON-formatted claim values as defined in <xref target="RFC8226"/>.</t>

<section anchor="no-extended-claims-authorized"><name>No Extended Claims Authorized</name>

<t>In this case, the requestor is authorized to use a set of telephone numbers but no optional claim information. The EnhancedJWTClaimConstraints extension uses a mustExclude constraint to prohibit all optional claims relevant to the application.</t>

<figure><artwork><![CDATA[
SEQUENCE {
  mustExclude [2] {
    SEQUENCE {
      IA5String 'attest'
      IA5String 'origid'
      IA5String 'div'
      IA5String 'rph'
      IA5String 'sph'
      IA5String 'rcd'
      IA5String 'rcdi'
      IA5String 'crn'
      }
    }
  }
]]></artwork></figure>

<t>DER encoding (51 bytes, hex):</t>

<figure><artwork><![CDATA[
30 31 a2 2f 16 06 61 74 74 65 73 74 16 06 6f 72
69 67 69 64 16 03 64 69 76 16 03 72 70 68 16 03
73 70 68 16 03 72 63 64 16 04 72 63 64 69 16 03
63 72 6e
]]></artwork></figure>

<t>base64url value:</t>

<figure><artwork><![CDATA[
MDGiLxYGYXR0ZXN0FgZvcmlnaWQWA2RpdhYDcnBoFgNzcGgWA3JjZBYEcmNkaRYDY3Ju
]]></artwork></figure>

<t>A simpler alternative for requestors not authorized to include optional claims is to submit a new-order request containing only a TNAuthList identifier. In this case, the absence of a JWTClaimConstraints identifier MAY trigger local policy in the CA to include a restrictive EnhancedJWTClaimConstraints extension in the issued certificate.</t>

</section>
<section anchor="extended-claims-authorized-uniform-constraints"><name>Extended Claims Authorized (Uniform Constraints)</name>

<t>In this case, the requestor is authorized to assert a specific set of claim information that applies uniformly across all authorized telephone numbers. The extension uses a permittedValues constraint for the authorized claims and a mustExclude constraint for the remainder.</t>

<figure><artwork><![CDATA[
SEQUENCE {
  permittedValues [1] {
    SEQUENCE {
      SEQUENCE {
        IA5String 'rcd'
        SEQUENCE {
          UTF8String '"nam": "James Bond"'
          }
        IA5String 'crn'
        SEQUENCE {
          UTF8String '"For your ears only"'
          }
        }
      }
    }
  mustExclude [2] {
    SEQUENCE {
      IA5String 'attest'
      IA5String 'origid'
      IA5String 'div'
      IA5String 'rph'
      IA5String 'sph'
      IA5String 'rcdi'
      }
    }
  }
]]></artwork></figure>

<t>DER encoding (104 bytes, hex):</t>

<figure><artwork><![CDATA[
30 66 a1 3d 30 3b 30 39 16 03 72 63 64 30 15 0c
13 22 6e 61 6d 22 3a 20 22 4a 61 6d 65 73 20 42
6f 6e 64 22 16 03 63 72 6e 30 16 0c 14 22 46 6f
72 20 79 6f 75 72 20 65 61 72 73 20 6f 6e 6c 79
22 a2 25 16 06 61 74 74 65 73 74 16 06 6f 72 69
67 69 64 16 03 64 69 76 16 03 72 70 68 16 03 73
70 68 16 04 72 63 64 69
]]></artwork></figure>

<t>base64url value:</t>

<figure><artwork><![CDATA[
MGahPTA7MDkWA3JjZDAVDBMibmFtIjogIkphbWVzIEJvbmQiFgNjcm4wFgwUIkZv
ciB5b3VyIGVhcnMgb25seSKiJRYGYXR0ZXN0FgZvcmlnaWQWA2RpdhYDcnBoFgNz
cGgWBHJjZGk
]]></artwork></figure>

</section>
<section anchor="extended-claims-authorized-per-tn-subset-constraints"><name>Extended Claims Authorized (Per-TN Subset Constraints)</name>

<t>In this case, the requestor is authorized to assert different sets of claims for distinct subsets of telephone numbers. This is expressed by including an "orig" claim in the permittedValues entry to associate specific claim values with a particular set of telephone numbers.</t>

<figure><artwork><![CDATA[
SEQUENCE {
  permittedValues [1] {
    SEQUENCE {
      SEQUENCE {
        IA5String 'rcd'
        SEQUENCE {
          UTF8String '"nam": "James Bond"'
          }
        IA5String 'crn'
        SEQUENCE {
          UTF8String '"For your ears only"'
          }
        IA5String 'orig'
        SEQUENCE {
          UTF8String '"12025551000"'
          UTF8String '"12025551001"'
          }
        }
      }
    }
  mustExclude [2] {
    SEQUENCE {
      IA5String 'attest'
      IA5String 'origid'
      IA5String 'div'
      IA5String 'rph'
      IA5String 'sph'
      IA5String 'rcdi'
      }
    }
  }
]]></artwork></figure>

<t>DER encoding (143 bytes, hex):</t>

<figure><artwork><![CDATA[
30 81 8c a1 63 30 61 30 5f 16 03 72 63 64 30 15
0c 13 22 6e 61 6d 22 3a 20 22 4a 61 6d 65 73 20
42 6f 6e 64 22 16 03 63 72 6e 30 16 0c 14 22 46
6f 72 20 79 6f 75 72 20 65 61 72 73 20 6f 6e 6c
79 22 16 04 6f 72 69 67 30 1e 0c 0d 22 31 32 30
32 35 35 35 31 30 30 30 22 0c 0d 22 31 32 30 32
35 35 35 31 30 30 31 22 a2 25 16 06 61 74 74 65
73 74 16 06 6f 72 69 67 69 64 16 03 64 69 76 16
03 72 70 68 16 03 73 70 68 16 04 72 63 64 69
]]></artwork></figure>

<t>base64url value:</t>

<figure><artwork><![CDATA[
MIGMoWMwYTBfFgNyY2QwFQwTIm5hbSI6ICJKYW1lcyBCb25kIhYDY3JuMBYMFCJG
b3IgeW91ciBlYXJzIG9ubHkiFgRvcmlnMB4MDSIxMjAyNTU1MTAwMCIMDSIxMjAy
NTU1MTAwMSKiJRYGYXR0ZXN0FgZvcmlnaWQWA2RpdhYDcnBoFgNzcGgWBHJjZGk
]]></artwork></figure>

</section>
</section>
<section anchor="changes"><name>Changes from -01</name>

<t>The following substantive changes were made between -01 and -02:</t>

<t><list style="symbols">
  <t>Section 6, step 5 ("Verify Constraints Match") was rewritten to require octet-by-octet comparison of the canonically-encoded values, with an explicit prohibition on decoding, re-encoding, canonicalization, or other normalization before comparison. Explicit failure conditions were added for non-canonical inputs (characters outside the base64url alphabet, padding characters, or any octet difference). This change addresses the considerations of <xref target="RFC6943"/>.</t>
  <t>A clarifying sentence was added to <xref target="identifier-encoding"/> making the producer-side canonical-encoding contract explicit (DER under unpadded base64url uniquely determines the octet sequence) and previewing the verifier's comparison rule in <xref target="validating-token"/>.</t>
  <t>A new "Identifier Comparison Considerations" subsection was added to <xref target="security_considerations"/>, citing <xref target="RFC6943"/>, enumerating the specific encoding variations that implementations must not treat as equivalent, and recommending constant-time comparison.</t>
  <t>The forward-reference sentence in the multi-token subsection was aligned with the new octet-by-octet language.</t>
  <t><xref target="RFC6943"/> was added as an informative reference.</t>
</list></t>

</section>


  </back>

<!-- ##markdown-source:
H4sIAAAAAAAAA+192XLbSLbgO74ih34oaZqkuWphz5241GbLtmRbi12qjooO
EEySkECADYCiaLdvzEfMF86XzFkyE4mFEl1dLx1xHQ6bBBOJzJNn39BoNJzU
TwM5EO++3hwHrj8/jsIkjV0/TBOxiKOJH0gRTcTw+OJUDJfpLIr9dC1uogcZ
Ou5oFMvHAf9YNQHeoMaOIy905/CgcexO0oYv00nD9eay4epJGykObNyvUg/n
8aKw0eo6yXI095PEj8J0vYDbz09vzoR4JdwgiQai5odjuZDwT5jW6qImx34K
k7kBfjkfHsF/UQyfrm7Oao7npnIaxeuBSNKx4/iLeCDSeJmknVbrsNVx3Fi6
8Jv0nAe5XkXxeCBwhXVxfXN+5ThJ6objv7tBFMIy1jJxFv5A/C2NvLpIojiN
5SSBT+s5fvjdcXhfA0c0HAF//DAZiOOm+AqLTekKg+N4FvuJdTWKpwNxHc2j
RJyHXpOuybnrBwPh4dD/dBeLwJfjkZ8mTS+a0wAvWoYpbuz2Ove8k6Z464Ze
5D1YTzxxH/1x7vozzxzj4BmPbeKh/ecUf6h8shNG8dxN/UcJuxZXZ8e9vd6B
+rjf6bb1x367n308VB8POp09/bHf1wMO9jv642Frr6U/ttt63sNebz/7SFcd
P5wUFrJ32OsOHKfRaAh3hNjppY5zMwPAA1ou54A8YiwnfigT4YbCYKQgjDRk
ALOKdCbFoxv4Y5g+CpEyqvAeEEWchgg2Oa763ZNx6k98REghn1IZIn4nYuWn
Mz+kZwDlRLAFORbH1tgLN3SnktZ7Gj76cRTS5x0kwF1cJ2BjFDQFbU0vGz6O
3ARmiszUNhWLSQxoAej+QMuWgOajwE9mAAscnSykh49nIveR0OCrBEgAOdYB
J90gkOFUirmEz6GfzOs0D4OOD0KE0pNJ4sYIUQ3eb1K4wgNUhg3A1Vj+YwnP
xmvWhoEJpAAyP5ziYhK6oKHY5AOd++NxIB3nFeBuGkfjpYcng8dbPKkNUE9n
sEIzL216mRDTy63lFzi2WNL+gfcApS+9mXAZSFVnbJ6gUGsMJCm+f1eo/uMH
Qwlufg5RNk+CNPDjRx1P14PDhCUGhKA0TsFLJF604J2EMDBZwv3WjhSeGBJQ
R/0yEWiwVp1KXcyjsQzgScDmJRNMca4M4zJss3YGJG2B5+YSEfaDD7hhHWcJ
HED8P340FVWbxbqeH/gp7JWuLSTCJ5BTngOfoJGRr+Dm8IBTBILCSNylBbRE
LEHaxEwOOEPiz/3AjbNNJU1xnvETC502YUqRIDULwCdk9AU0Alt4lPbhEI9D
CUdiDMBhPQlJR+L0zzz5JT5lUUmOhRAuxXpmOtRmkaHCZx9XMIbbEK64tNFa
XEtvGcOpwjEsZiBKxTmRFGx+B8TsrsXu8EA0aOA8AKr4cJhWelGyhu0Cp8kd
jGIWItVzN8LlfCTjRiwDYqU7GS7t2ntDMLyw/WdoOEeOeMHmMwgpBC+CYwqn
F+MkAAYX9IwUAQibbhgey+ef2/RNngSKuKIxfceigl18GB7Mwo0RewLDxDMs
NzASDKMCIfhFUNPG4IIbgJI0XoOoAkJaA1gWQbSW4yIrmURBEK2UBAG6gKWk
wA1C4v/jcQzSoPDEPwVLm0pKzRcBSUkZI7lOXKBQH0gU5Ss9BRU6a28ekBTo
byAGyuJ906KYk8HYpUQp4MLeQTEKs7PMbw+es4CNgPY4jZZ4dzVfG2SUv/KB
TLRI19LVgyfBZRbDwPLrGZvMoc4azwqgvIAV+yNLdymuMgE9D6fK89YERMro
RWwvkTzq5GLsJ94ySRTrc0fIgNf0/IJUsRQB4ld4AArox0NSL5KC1E6UhMs4
eJkwUU2kpb0CHhPP/TACkK9ZHQC1XqBen4jaxe31DdoI+L+4/Eifr04/355f
nZ7g5+u3ww8fzAc94vrtx9sPJ9mn7M7jjxcXp5cnfDNcFYVLF8O7Gh9W7eOn
m/OPl8MPNUNlGQBj4vMjSawzXsQS2Rbt0jqSo+NPot2D7f4P2G+n3T6Eo+Ev
B+39HnxZzWTID4tCIFL+CjAGtrNYSCAEmAQYA+D9AmQIKjPwiGQWrUIxk7Ek
4BEOhnLVAHgBezg3ih8fQhVJfH+VqYcNCSbDGGTnD8c511gEej3ySBABdHr7
OSEJqA70jbKBFDJAFhaArCEuCaEiwatxcWU5PjuJI+BRG6QHyJbj4a7mUWh/
Zuo+zYTIhrhmqbfR6B6WCSAKUJep2C7wmkooWHMogZRYBErDRW68tlaiUJ39
IlosWWApTaDqMXAGz/FExbkKYIKTPVOM4Pml1/Xd6vi1du6HXrAcE9wIZijE
YNHE5tMYVaVaxcQ1FmPMLJ/hqRboiC5HuQeMJQAzeFafeQEomTat9gOCizmD
slPU1GorhIexBCpMSJHa9FS9VtaCwf4gRQxnQKVpr7eMA6HJgUgN9VCLIiqG
5QleE0wfF0g3omWNDNnz4HxorZEmIlIHtCpPt7+7/ngpvsqRuPanoZsiiVmT
dsykaJgD66SzqliSZpUaCYBE1yDXx/QjSCe0qpE9aIlUqepeXzbbmrY03OgJ
BmYnp1fZM+NlgEoQXtshIeGGUUi2TrIcKQ3q6PRqlx66DHE1qF+ZxafRVMJ9
oH2GPpw4aSwpiQUWOhEsGQwfxAZU0khKiSko1eEfwS/eHaE5Q5FUn2zNZlvA
hpYJc3ZcRS19oJtqGvMU3dfc1KsJ8oZlWn3MYp3mKWiD6IhirE0NuXluHPsZ
K8lI2iI2fWKVd7Cig5KJgNUYrRsMNaOEsNILDJtoYA5aZ4XQ+v49sxrZ04ei
gNSiPhDhMATqdFFvU+YqMX9eqUKXWrbipCbgv2Bs+wfcyhOzmN/Acf7L+uPk
JxyIv32vIU+rDSpZWB3dXTU+pkHt7KAbdtxms+k+hp39k8tu7cfv+dmdFYpS
PkZ1uGof6owLjMWNRz48K14LNPdATy1QIECRb0RgickSxHeZPa+iJQAliKIH
hL9SwuuFfX/6CGT3Gj2br7MZ3t7cfHrdbradt1GSDvRZkJvvmA3Jxg35X8n9
yPL19X2UyL/cJ+ht+Q7gqaG2KpH9ATTN8ne+k6Ow5gZTuFw7ve709xiaovbg
49DaLE0XyeD1a+upvD7gb+lr+fhx8n52ebvXWk31jUBRnsRb+7++a3/oBqcP
F2/206u9xbDV8oKhHgaPf3Z+s/8ajP+xW6dNuOsgciu38NP4UkQZQBiDLmYn
6ZEEvkO76bQ6/UarDX9vWq0B/f0t23I6RI9KbtyBNS7bQqL5PI59u/fbr+mb
+5vf1rfhJ/ke17A6HfZuHoKj8awre/3etOb8KCDvRxSRnvQfmbKIdMv4Vs+s
lUTGj6jxoBKfcyBp845wv54Te0YPbLabvXrB12d7PjRHsxXC+RLwPYHJkwkZ
E2M5Z+intr9Jmz3WyVmyEexwrSTxvna0Ru7B0de30FN2mc+DvQKSJ7GdXbl9
i9urD1pE13IDDCdT/N3meKzCgw2wjJUOmeOHaj4bKIpljyKw0Ml/2Wm1Qfel
QxnvaoMQ1cDccWvip+Fq9HNkjxR/BZa/u25cIiEOxMXdcPn4ceFG5/56dSO/
+d8e+o8r50PkKbN2IwnSll63O92eYiJJCqiL9FXDuA5gAxFATT4twCBONmI/
cLmtqellWqJRBXInMtQ0X63nKqLXNC+q5AQM+Z0XW0AE9YhnuCGM/0agqvEk
MBisGKDNb/JZNpfB+LUZXyL5V8/5JnmNBb5QNBEYueolrAReEfvKyovlBMQi
KlDVhIIm3ijVfnjDA5IKStYMo0q5UQyqiOiW6MuA+W8r+5afF9f3wdWo9/j5
y/H9l7vhen37dbqt7MtjU0n41WplURIur0/Or0df3xzML6an+28Brz+vv9x+
2DtYf5t0f3NXi6SMV5s4TUt8fP8Sk/nghw8D8b827iGJ5rIxBr7gpVG8/t9/
jWXwHxQSfqr9GdwkwzUYqI7yZfJ/jvoR0jx3htoZb9Eqg35G+oCHBIvLtAl1
SY9AAyH7jeLnRvjZp28uNjUMo3ia3VnAlRGqkTJuluBNi369iL/8/Wh/fboe
9goPx0nOAz+ePL1//+sweZvOv73vHH66PxjWaBwxvxKGfJ2xIxtjhKxv2J4d
Jmhb0Q9zfpoJeyKqDwRdQkPlPKoIfVo6hvIAWTBnd7GbhzmNIahXhaD20aYB
FgaqkI9qiVZcrFCSzRhnLnvB2Y4iV58VkpJs3sRRIDBwYE8kUS1IomXsUZxK
GRKZRlMJDGWYssMj23kJbShsMEczGe1U7a1sivMJAePZ0WolZRlwMbyjCBBp
V2xnApzUOfKiUUcye9HypejWJpCufLB+MBgG928dVdPySetNBgK0MzbDn90b
KA3P7A99GbntFFduAmhBhE7FNR7uxJ8uY0KhzAcIco5GiEUEzBBjQHxi9tOU
CyAp7QURYBElBnzbAKY0Bx6EoTAjXFkPhe8c+awQ3jlpa8vaEtv4txW5n/+e
dC++Rv+4afVv4vHDRefi5sRbbStyy+xzK7OT+Q/OfPJmfSXv58egRO0/9i5B
sjyOOodvZ/f3Hz5dT6cr/3STFXjojab9dx/bbyb9uw/399/g1uvFw+3EG39y
/cPll7u7z3nRzUinn62MlKJalhGVUt/8JEsYUXhlGGqB2zYF8X3Lm4UhIWsQ
O+Ne9lPDM3l1HKoxUeAt0d9i46xDPqFDkCzT5gtasUmEI1htFdpHz7lJzAkx
pcwzLvGqHLsNUqa5/SM/aSoRM+mOtWsd/XQYGtIR0Rfvqgq16aW82gpK4hOj
+E8snW9QzFV5nXG1c5CTLqp87BxNSKHDMNt96uswGwtp/Iiyx747WuDhAodV
N+t9aROjsAza4CvQBpNEOWMVbWQX6FzDwsQleGG2m+X26DWBATYFJoso56n2
Cbs2C14/KwpVVs+2yD6S60g5e2tP/WUNpU1EDvK3fMwKJDy3Lc4CZcobR3RO
Rcsnbc2Q/tS44qppj6gisTd4a/mtTwEPOncK2YWySlYB8V7dxB0UTrDWlYvV
ncDCbvx5IWTFBoSgVZPLHEcYHW8b8CuzQ+8FsTW3l+zCVnvZf2kvrop72Aoz
Yzkg7Fa6QeyGiWuYIS46i0moRVtBisrV+Bs5B6F+tlaKUylBYhgTO7ER7pJz
OpKB4/xPVstZI6eoPqvqyrXOpwaqsosRoA3aMOUcKn1ug5yx8p+r0tjsbDW9
Q1LArZB+M1sn8X5U4H1U+XDVxJwKIGvqzamgwYu7S6ujdX88SlqZJpmP3G2O
1GUL/6ntem5up6MoCqSr02tUDHjiBqBo7MCjvc1cI1swPp+VR8x/oUQImARo
uKHyzezEkt0mr6HAx2FJfxX+hFR/vWLW/Wk0L8+nzLMESAw3yqscYaBx4i6D
VG0QsGOKCR2wSN6pukvHiyvEa8FLfgDgz0f/tOIOonyZ5piz9TQOsfGBGSUD
48ZL+A0XYiW1Ngvr3PYIC9G7rfMcEytKlYvObaHfA00pN4zWvqs0fpRxL7lB
XiMibBkASpJtvSoklwaivddrHR72O62WuowsHusWxnutw4PuXu+w0zYbAEY6
sLxAD1u4mjOCq/Q3mVGArgPGTXPJPuoBJToB4ER/b9A9HRyfDYang4Pu4Hg4
6J0M2v3BUWvQORycnQ3aR4N9SuWnPyfdwdFwcHQ4aB8ODtqDs4NBvzU4PBqc
nA16w8FJb9A9HOx3BqedwRH82sKR3YPBaTfzB/1J1gqIpqGHmKoRXacaR/Mq
PQQTYbRgsfm4SbWoV7L8ZEYRVsB+11NksVQ+q6vT65vJMiDTVpDxawnPjYiu
rOT0tSLJ1wN//JqfVbCRK5HtJQdq0Z4zgWLyoLiJClkpduAr7TOfhaDvyZwh
gL21priMUqP+ICmbSYyqQc7+pCJQ9Us23Aj6wgHVje7gozsDhI45yhwLI33S
THI8pIBcLJm5JCCDxyqryi1wT8vxhgdUSD9TGjk58nzLNkiWHropmc1hmm12
xnVOH+fDweUzKuQiKNqaKmUvcIQ171WxOHOVfMCSGgtj273mgTILdfwPF0wI
po9QmX5sIFcoXMjiWagtXD9OyvKGflTmAaaEZP5Ilcqiss6NlcDmhG+ljY9N
vviQhK0BmIlcqtzK6nU+KzFsDroV/9yGe5Z457/GOU+6inf+ccb5o8JTU3Rv
5s4dVBiFuMihdETZVVEYrXURmOkEdEkMaeaAyqggzwFR58v55qh4Uby7lTq9
S0hGnnaKGJjko035LmWfMJyywiGeHvPU3cQHBU9pfyNEpyRC3hBnpJpPgp+7
oG26XHtEjJDN4IWPpUqUC2r5ZGOwPR7VYDfzcFnsNq8E5YCtzmVlJMcGDP7J
2JjzPYu5bOEXLGOM7VBGVpiFSXJWrz4nZllZxtp2fkEWhLYAsN3M9VKaWGbe
Oo5yyxskZhd8Btu6+lk9SslmH5iVpx0LMo4jCh6NfTolca2RIAjWdcPVMd0j
s+Sf4cKUOsm8Gm71ld9OiaLzEx2UGIP9J3m58snXiTJmpYjeRo3utbqiIc6i
eOSPx4jTHwkRe09PRBp9+F/fqFJNGXsE1aO68TgnDUjkFHaNnx5xC1ghQZpS
0SlzpSsFMFnfl4mKyXFK/vahhHqlx4fWbLl7FJRt+ipF8tnarCwG8bwlJvkA
tRcy6PLCqnyvFTIrxORAs+GKCSv0lnMP2MVPfoxRoIZduYbnZDSFhAucqOYI
IT7zF3DM6UrKsBI8mv8V16Mzky1TLpeRWSCLuVT8ydZaRpWhqKa4chHH6sKn
2+1bUQ1naY6LyFV45ZJLGWQqQ5oWklgjQXuqF+coM4c6FiEAIhveoJLI8t5B
9cDcphXMSffzMMfW6Iaq2MgsTkVQk6IGynRwresjNyC44xxJzzVxy7wEAUYQ
BY9yc1749nVLdaUsmVCpqYYNS2KVpCgmPlgp0D56dVZ2ec0zhamGR+ksY+Oy
UR42w/nJs2dJ8GZ1iq3O/M28GZSPh9oqSMvAn/t4zdSiKp2QHJXkNTRKpSwG
xnkvGP3m86IDPM6Sgtg3gSQzXwapj6K3AK7EknXlfFlUAnRkwMxgpX3VQbHw
Zrjo1cyHD3kWkUg0iZAVNcVXbYH4VhFyterBYodK0HK1TValVb0yBwJXq7wx
Il1FZX9KvjibHaWbYi3W4FwEzPJdkgmmprCq1arvzFfhsgwreZOppgu3McoA
xbdPllSXsKm8MQfARNGAKrxVICHfsC5JUwE8o1vAFU+GbuxHieDEbLcCHYwv
egTKoKKCRJbgSpWoVP6NeoMi3uOhXkiJ1+jSXcxWoJmrvc0l/RlzQZ6r/XyR
wSoR8twUGptt7j2LMPvHSsWrqrJlp4c1deZ5Xc2iRNeew1kEktwMLqU25NzW
ic1+qzHMFnk/EfTcbl8bew1UH9C21UX1jMUa8ZXzS1t9HpIXJNBGWIhr7QdP
mBts6G6Qb2yQqUCG/cLHRxcICb3k2qOcTUXIrdwpKPLwC2kiqYyVa8tSbtRS
TO1mkRmrE9QFEbnM55cC/VpPyqt5VryhVDNTZwe2MSwb2rDEwIVR7ozj/A8d
ei4sUuXEr66cFWc5ZxYrPr9QZRiyOirrt1Kl4EO0cIFJDew6XS6e2VRck7Ej
jn3ky4JyqiROv6m2R6FE7i7imqrCSdcPFxw/Gb7/v//zf5X01OiGdc1Yg5Wi
WkAuMx1ZQTChcOTxxRr1hOaiMy0WcGN+ThzmKuxfLNNn6JKauUlTBkL2I+IY
GlCqmn8nkTLzFTe7uygTTNcZ7QdINvWHYaxhdQnEHosQMCzsiFqimgnk0D1z
kiilyeUicaPQff+OJb4w+KmhF6FSNJT29En7OUkQhpk2ZYmvsm4BapTabSK6
tK6eka0ZGi+yufEUEVrlfE5jS7kCPefBS5SvynbLEn3GpkMi7eciPOYAPzJ/
4NyS5WIRxWlm5WdlWS/J/5x029Qiwlqn45z5sbb1q4rVNmWpZ1W19NwKNc7O
l/0vVWNQVZ1glSdkay+VIona+7fh3tOk2Wzer3rD9uN0VvtRL06wTVFTZYHD
74XlEssH9cjsEvGrVAVze/XB+Imrq1Y0K6ooQ0IeQc531NYzwGyAXHXdBf+2
Tbp8fevh/b39g1olPErON10kQVuogk5Wo59zk+n6I7tMaHOacwWQeIZN2aU0
OJ9eStxGJWIXn6QzJRbYbSf2yYLHXD9MpPuS6xq0lRr3/VVJrjnO7SLKV6dt
zOwt16eRLwqED7JqjpSbKCBK04QtV7tCmBZAVqj2RirdWlzTDW24GkfL6Uzx
RZ5mz1w9IJY0lSHoS0Eud9YEFQsiPZe3gA7ncL3JLtKL6LGrkB5VzL98JrGl
IMLzjU+AUZIRt2mOl7JIlD6Q89dNAsDbavfbLznTOtNT/cQGu6/aiWxILjPi
WoueTMcpSWyjBGypNAAOt5viSyGzP+8qt1KhSE1ZySBoIK5hCwkrElIodczS
GU0ALhE7OoBVz5Tcej72tNt0OmZJDItz6sw0UCntRnHnZD8Twa1nFQqy+Ju6
Ax3J18R3VNjGVG6pPF1LpJciNLodVdYnqoDzSbNihd6mFdrPcuPYXdtZY//q
QpyuAaHpjzDIznk7RmWyF6xMm8VyBFSsw13FfViFcEr3pPUAGZjEzAJImk6v
cNgcGSqipI2FFpyyPLRMvzBxc0bj6t4dTt88Ntf1Ah4zKz99I0HkMsNeMjdM
yfzPGMZwIFMsb6yoAxRHqFlZOjPrg6XGDDnzraqbzQ/u0FSRcLeDwIyWqW6J
sasXn0uT+zPsTEtiV4s1tGwoBOCZNkmu4DK5IuS5X4OfZLljqJ1l2+MYrLJF
TAeQsURDui4wDhLyRwNM4N91QZ1A+aPOMF75KKExXYJWKX2SLowuI6rZtRZD
7CE3xGCy1WkEoJ3oEqBsyW6wmLkjmdqHuamDSj2bt6KTyU7tP2q7tAMwKCiV
xcQZOFqMPiSQzgRKVYpARjmH6bBPKjxZwgMpKATs4u86U5AVO5Ay1NGKW2Yp
wZurcDWnk7+x6exlRElmdZkSY2zhSjLGMrw5drkjm9NmvVSmptxkro5cLqwE
J6LKLNcaRM++WYEOgB5zsOV5llRKMVSpL4Bfc2QpMp+TZLNPVfnvPugFmTLf
gwwaQ3EWuNMX1kC5nhmcdb5pZmybrCWYT/+q2MyRmwBb35B0ykPsnq0oVHC9
V8rY2zm+vtplRZzxm0oUC+n0mBdTmanKYXFs3sWqYs6PYylwqpySUhvqbGFU
6sKUW5tzHutuK6pylhKoaeIalwACvhOOq0OpeCYivvKKm1lKGQKFHkAqx7em
ous1shhuE10x2VCpQ8e2J5qkV7m5keNUNDzaeff1elc9lENWWRcjJXFValam
CFEIeMIf8noGnl4m8jMQUGSAJU/O90D9flxtkNjYkW9RRrG/WZSk2tAN1hV9
W4lWdECBa0UqW2SArYg8BDbIvJ9VcKXEaXdp9db5cP1Yx4MBehp46MONrM6q
tD0TA8ENACPl8Aq1W1K1NZzwxt3U+KGKwDDbZefj+918c4ssbUajbr6rpuA2
lDqBQ7c10BwBLH94htjRmdx1Jch2B2KYAcwuu9GHLXV2ee55NrByUHIt0JTb
GGWbs3I/cqo/9h7haQlCJY/FTyYF5btyHL+ZHLTffT1K/nHweX0+/XTsH34+
/PXFqvoNBfVbN/O4+RhE3ulBPJlGpSp8pu5yDX57D2vwO62bdm/QOhy09puH
hxuaevDQl5p6qFHPFfVnrp9/vap/Y0uPrTxK6u6faOZhwTjr6aE6C2SI+3w1
Kox7PR+m3aejN240WqnbCynz9m14RwNsrOj11H933u8+zDvd5kLOi00fOCGb
W/0iazvO6S7i+6tN6hD7xnSqR6Gs3W6UOdPpplZyVi5j5w/kY9R1mGKLiFmO
O6i4InITkLbwAyvouqFpnbVeFAWsRrMIjWJ3KrM8Ytqznd5F0UFgWqBbJhRW
0UADloXZ2BR+8zB2YBX1AeFGc4DQWIFaCWnVFhp4W7xeUIKGXpHpMJtUhP85
bp1SYa/Kv57KNLVywwGYY3rKyIV9IdNQYtkHRj/1U3/O7DNVYXB/jhEu4Mis
5sz9hJNrrBbitven3FQaA5C+ciEZgHBrb2rardV7U2GmWwErgKjcYgvGeWgW
Ct/ZH7Tf6StNneAXTWN3MaPmubyA0jIp4pa1U1cJwpawMildgMizpngbreSj
7rqZrGG1T1WlPDqPlvIcOYSmDBE3mKIWMcNc60ldjLm9ggqLAb6O0DA1gzB1
dUqONEw0maPpFUcjbKhlhoiVjE1IaMwZwCpHA8sem+KMvxQSM46HlzrzByWb
tayqzWdh01BKriR69cpqNQuMw9g/eR7yh+PIJoy8Tc9FanpIcddcA7HJi7Hb
JiMOvnaCagN1yApfeOBy9cDjMkCXsM64FCql3k90YM4vYC7K+jXoVsBuPGNf
KwZD9jh1F0W3ER4a7A01mZq4X46nc86RjGw4KF/IeEmbzwzNgbJ18e7ExPZX
qiVvflHGKE2EeSaHyvR4N01d70ExxwXn+2i1S7WTgAOKCim3ozWaLdT9PBIS
E8hCrWhWA3CdVbUq13a9IDCs3BxY2cjyBo2kXhhRvIlKZt4h8lfsoBuHW/+X
+4xyA2W75+oG79Guwj9bWzcIZFn7LzTMrHNBy4suHWLFYcTpGo+StU7tgtEW
SwHPjJNnpML0SYIhbWYhjy4GdWicfv9FBSwCbPWuY715pwyIqyM7yC1MKQm6
HKiBOPsDANx1IecjSbODZAYxuHA9abljGEX90DoqUo6YmskzxG6z69ObLD0x
4aOc+E/SaqqHtkFTDEO0WB591Sdf03kBFdbIbtilxstIS4SVpasU8zUy1xBY
8tXCyY5PbT5bn8kvpdxdYslfZ5gqZ5ywGqGszD6dTqfhDWPniaQkVpBlMTqx
9JwNqm63nhfLefSY52EpUuZUEKSxPX0oA3WgM/cRwUaWFRmwdE7KaZYRRt6/
lconMi9BBAwvhxUcv0jQJusYXXdZGg9KnnInb+rwpN3LRHiWoEFzKqnBpFMf
sGRd5To8bO43941+wcW5+Y43f2lU/bGv/sX5pw4dfwBqCPSXf4orY3v+c8t5
quTcP+ltRwSoLefJa+xD7yGMVmCi80uGsA5AF64E/oMCnxs+ZG8/oUQcfOsJ
IsI0jpaLRL8iZkkBTErA9kdLxnAF/80vhGGMKWii6k0/IxAlmzqyWGf5hfzF
pzoF5/urckaMQib9g3amWM3Yt0jieSm9u5jks316GLLQCOCpwzPFzCAaX04F
SizoydL7mvLKUlkNKodsyIxJLEBw+Yv1Tpfcizb4ZSbld5iU3omiSBdtBbVW
xKLXoCW/P73MsrqaOW9lUR3K3tdR5L0ICKW1kbWleJ3RZangK07IADF1Bn7K
r6uJMX5kzgwQD6tcB0onaPxjiTWvY8k57dn6+ajhKUp/kWhcwLJwtN21Ifkr
3IFOuXG0ROKg+VQSl5XJi/7LBiMiGmu5LPmNSMTK82UEmK9OiAMDpgBVjulV
DIX+tuYwyvUvaJqZ99SUk/GAplG3KDS9scp62AzeriE/1Z651NX3lNMBrZdK
KUN05o/8lHzfxQ4+dn2eyj+xCvNst8T16efb08vjUyoStZ/2t87vqnA0NwT/
nA/713yIv+CBJOkv5R8o9jiu+GHsP1ZcjReziqtJ5dXYq5oXrvoVl7041Fd/
ZCX2ORA4uYDkTr8N+naKfoSZfNrNOyCdbkt028LtiM5EtPdEa0/stcV+D//u
9cV+Fz+o6xOx33H2DsXevsB/+XoXP8DX/T31db8j9lti74C/OjhD9hV/3evq
e3vZV5iBx+/xGJnfUIEVFvZwcfLG//B09+bu16vWb79ets6mvz168yB0v37+
OuxcLcazuxMvPIrOppffvDfTr8Puu/vfju5Ovfnlg3t1d3LXfbfMP2+ItQfA
jmKj6qK8QIZosTbSZ3P0pCMORewl94+gF12mz9UlUPwYPQtudbI8RR8K5O2O
EqlajL3US41894BGU7DP7RaEaxPVGtq7oLwr8k/h5rej8nwdeD6sBcxrM+cS
O7ehT0qxNfHuT/Izds7ZBbyKt5U4l7JK6E2b+AYpejQC3osjfHMVsCB76iJr
ZMZXYm4m6fmLVs8Ng9PeEbv3Z1YmtZEv6ts41DumJNSN3K74+L+1N3K80oVN
DKlyqBC3N2cHenQtdOfkWgcVLxFHUTiu/WIN/VH1BIuLbfMEfKfNOlpiamPM
6e4bHvGjxBr/bUSA/5NsvQ3881m+vrcn3LbojgXy+BH9e1hkw3Cx3Rctz2l3
RQf5LrL/vTF+7mJwCz/0XHWRBQJc7IEcmNDgHg5QckBxbpoTrnj4Ciu8HUWH
Az/BjfuHJEb6gr/ChChtOmpaNacHwxy4EYVSfxuhBNLD+RmhBDM42decFPop
sfPGnX26Ge5fnDywSDkZfjk5uvBH87P0/D6anj8sZqOvX76dn757HM0/+yB+
7r15b3U2Xd2eP/z26Hj+UX/U/bI+f/Nl5oUX01Gnn8jr9/67q+1kmYPC7Ogt
PPnNQ37hL7DaT2CZ31yKay4v/dcZbuYmgfkSqwRU5b5wexeuZk0qdU1VA4CN
Hp4wwpNwTIhFkUpFriH9mexLFjRFlifxXcVqZZFH6clGFuS0bJXziEq57y2x
ynCTGvzfHPdZjlvgjz/zjDZ2Zu/3261WKzf5hkHt/+b57V73eZ5/0BYHHrJ9
YGgoAtr4b39SyfYdZNE/wfadXkf8DNt3mDlvzfYdGKam7RnGjtYGzixx5hav
EDYF/7Yc/Lev/9JO+S+MKQ2Gf52KwW2xWdA4VYLmGevHqRI04s8QNOdvLqKv
F6u7m6MJ8P31Xefz6uzz6uZ83p+Nrs/3zo/fvb/72g689dExyJCH8xnbNBdH
dxdnx+/eOKPu+VR+PWyDwAnufn337fzN4XL09gEk0hUJl4uj3sXJ9fnTxf1w
fXlz2764Ga4ujs/NNcdc/AnptFk4YUkav/ID/e/YOPr7K48v/dBv6zNFGyA0
0FuNJogaw5HLuYvF1ip6hXOgHt1odagmXrt093Q8RezUNmU413bFykUPwypG
Vh7qd5X75ReilXNpTeAgWJviU5YwdSViqCcs9nlPjYeD/NihFdPTWbb0xcqz
VcE/08I3FxSsyqk91Y/C+MOSflQtYhTUOJSDYhke0sjCHn64WGLgZOvc23pF
Om2dExtVuqwVw9Fv5uQD1O8H1h0h8rkj2v/OoVVsrjlEyR2rPsmUL4L2Lp4Z
7wbOa0Mwzs4kVSHAuMHBDL1zM5r92LCR7LyejQhWvHAwyQI65o2DuyqXTz76
cqXXotq3FEKC2GB1U1yQ4UC5ZNtEz2usbDERFCC1MVMZUM9PTbtEhn8dhM9y
TmP0G+e1OmUAZ4UMuat0wZFLL/KiYBR5dF07lqzfgKWSWtQ5VManmqpRBSDv
yo3HjSyZz+CEUgqp0UdDtbQpwCHgdEdTF0GvBstTeQBIunSnEh9oR/kzOLqq
Vj4LJZjFNJ3/D/D4CkhzhQAA

-->

</rfc>

