<?xml version='1.0' encoding='utf-8'?>
<!DOCTYPE rfc [
  <!ENTITY nbsp    "&#160;">
  <!ENTITY zwsp   "&#8203;">
  <!ENTITY nbhy   "&#8209;">
  <!ENTITY wj     "&#8288;">
]>
<?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
<!-- generated by https://github.com/cabo/kramdown-rfc version 1.7.39 (Ruby 3.4.9) -->
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" ipr="trust200902" docName="draft-jms-mole-http-transport-00" category="info" consensus="true" submissionType="IETF" tocInclude="true" sortRefs="true" symRefs="true" version="3">
  <!-- xml2rfc v2v3 conversion 3.34.0 -->
  <front>
    <title abbrev="MoLE HTTP Transport">MoLE HTTP Transport</title>
    <seriesInfo name="Internet-Draft" value="draft-jms-mole-http-transport-00"/>
    <author fullname="Samuel Schlesinger">
      <organization>Google LLC</organization>
      <address>
        <email>sgschlesinger@gmail.com</email>
      </address>
    </author>
    <author fullname="Dennis Jackson">
      <organization>Mozilla</organization>
      <address>
        <email>ietf@dennis-jackson.uk</email>
      </address>
    </author>
    <author fullname="Thibault Meunier">
      <organization>Cloudflare</organization>
      <address>
        <email>ot-ietf@thibault.uk</email>
      </address>
    </author>
    <date year="2026" month="July" day="06"/>
    <keyword>moderation</keyword>
    <keyword>endorsement</keyword>
    <keyword>unlinkability</keyword>
    <keyword>privacy</keyword>
    <abstract>
      <?line 53?>

<t>MoLE targets browser deployments, so Clients, Anchors, and Moderators need
an HTTP transport for the protocol flows defined by the architecture.</t>
      <t>This document defines the <tt>Mole</tt> HTTP authentication scheme, which carries
challenges and presentations for the endorsement and credential flows, and
the headers used to return credential material. The grant exchanges with
the Anchor are defined per protocol in <xref target="PROTOCOLS"/>.</t>
    </abstract>
    <note removeInRFC="true">
      <name>About This Document</name>
      <t>
        The latest revision of this draft can be found at <eref target="https://moderation-of-unlinkable-endorsements.github.io/internet-drafts/draft-jms-mole-http-transport.html"/>.
        Status information for this document may be found at <eref target="https://datatracker.ietf.org/doc/draft-jms-mole-http-transport/"/>.
      </t>
      <t>Source for this draft and an issue tracker can be found at
        <eref target="https://github.com/Moderation-of-unLinkable-Endorsements/internet-drafts"/>.</t>
    </note>
  </front>
  <middle>
    <?line 64?>

<section anchor="introduction">
      <name>Introduction</name>
      <t>TODO</t>
    </section>
    <section anchor="terminology">
      <name>Terminology</name>
      <t>The key words "<bcp14>MUST</bcp14>", "<bcp14>MUST NOT</bcp14>", "<bcp14>REQUIRED</bcp14>", "<bcp14>SHALL</bcp14>", "<bcp14>SHALL
NOT</bcp14>", "<bcp14>SHOULD</bcp14>", "<bcp14>SHOULD NOT</bcp14>", "<bcp14>RECOMMENDED</bcp14>", "<bcp14>NOT RECOMMENDED</bcp14>",
"<bcp14>MAY</bcp14>", and "<bcp14>OPTIONAL</bcp14>" in this document are to be interpreted as
described in BCP 14 <xref target="RFC2119"/> <xref target="RFC8174"/> when, and only when, they
appear in all capitals, as shown here.</t>
      <?line -18?>

</section>
    <section anchor="presentation-language">
      <name>Presentation Language</name>
      <t>This document uses the TLS presentation language <xref target="TLS13"/> to describe the
structure of protocol messages.  In addition to the base syntax, it uses two
additional features: the ability for fields to be optional and the ability for
vectors to have variable-size length headers.</t>
      <section anchor="optional-value">
        <name>Optional Value</name>
        <t>An optional value is encoded with a presence-signaling octet, followed by the
value itself if present.  When decoding, a presence octet with a value other
than 0 or 1 <bcp14>MUST</bcp14> be rejected as malformed.</t>
        <sourcecode type="tls-presentation"><![CDATA[
struct {
    uint8 present;
    select (present) {
        case 0: struct{};
        case 1: T value;
    };
} optional<T>;
]]></sourcecode>
      </section>
      <section anchor="variable-size-vector-length-headers">
        <name>Variable-Size Vector Length Headers</name>
        <t>In the TLS presentation language, vectors are encoded as a sequence of encoded
elements prefixed with a length.  The length field has a fixed size set by
specifying the minimum and maximum lengths of the encoded sequence of elements.</t>
        <t>In this document, there are several vectors whose sizes vary over significant
ranges.  So instead of using a fixed-size length field, it uses a variable-size
length using a variable-length integer encoding based on the one described in
<xref section="16" sectionFormat="of" target="QUIC"/>. They differ only in that the one here requires a
minimum-size encoding. Instead of presenting min and max values, the vector
description simply includes a <tt>V</tt>. For example:</t>
        <sourcecode type="tls-presentation"><![CDATA[
struct {
    uint32 fixed<0..255>;
    opaque variable<V>;
} StructWithVectors;
]]></sourcecode>
      </section>
    </section>
    <section anchor="http-authentication-scheme">
      <name>HTTP Authentication Scheme</name>
      <t>We describe the HTTP authentication method used by a Client that has an
Endorsement from an Anchor and obtains a Credential from a Moderator.</t>
      <t>The <tt>Mole</tt> authentication scheme follows the HTTP authentication framework
defined in <xref target="HTTP"/>. It carries challenges, redemptions, and
presentations: an Anchor or a Moderator challenges the Client, and the
Client answers in the <tt>Authorization</tt> header of a request. Only the grant
exchanges with the Anchor sit outside the scheme. Their carriage is
defined per endorsement protocol in <xref target="PROTOCOLS"/>, for example over HTTP
POST.</t>
      <artset>
        <artwork type="svg"><svg xmlns="http://www.w3.org/2000/svg" version="1.1" height="224" width="448" viewBox="0 0 448 224" class="diagram" text-anchor="middle" font-family="monospace" font-size="13px" stroke-linecap="round">
            <path d="M 8,32 L 8,64" fill="none" stroke="black"/>
            <path d="M 40,64 L 40,112" fill="none" stroke="black"/>
            <path d="M 40,144 L 40,208" fill="none" stroke="black"/>
            <path d="M 80,32 L 80,64" fill="none" stroke="black"/>
            <path d="M 344,32 L 344,64" fill="none" stroke="black"/>
            <path d="M 392,64 L 392,208" fill="none" stroke="black"/>
            <path d="M 440,32 L 440,64" fill="none" stroke="black"/>
            <path d="M 8,32 L 80,32" fill="none" stroke="black"/>
            <path d="M 344,32 L 440,32" fill="none" stroke="black"/>
            <path d="M 8,64 L 80,64" fill="none" stroke="black"/>
            <path d="M 344,64 L 440,64" fill="none" stroke="black"/>
            <path d="M 48,96 L 72,96" fill="none" stroke="black"/>
            <path d="M 360,96 L 392,96" fill="none" stroke="black"/>
            <path d="M 40,160 L 64,160" fill="none" stroke="black"/>
            <path d="M 352,160 L 384,160" fill="none" stroke="black"/>
            <path d="M 48,192 L 232,192" fill="none" stroke="black"/>
            <path d="M 376,192 L 392,192" fill="none" stroke="black"/>
            <polygon class="arrowhead" points="392,160 380,154.4 380,165.6" fill="black" transform="rotate(0,384,160)"/>
            <polygon class="arrowhead" points="56,192 44,186.4 44,197.6" fill="black" transform="rotate(180,48,192)"/>
            <polygon class="arrowhead" points="56,96 44,90.4 44,101.6" fill="black" transform="rotate(180,48,96)"/>
            <g class="text">
              <text x="44" y="52">Client</text>
              <text x="392" y="52">Moderator</text>
              <text x="152" y="100">WWW-Authenticate:</text>
              <text x="244" y="100">Mole</text>
              <text x="308" y="100">challenge=</text>
              <text x="32" y="132">(Redeem</text>
              <text x="72" y="132">&amp;</text>
              <text x="108" y="132">Issue,</text>
              <text x="148" y="132">if</text>
              <text x="192" y="132">needed)</text>
              <text x="132" y="164">Authorization:</text>
              <text x="212" y="164">Mole</text>
              <text x="288" y="164">presentation=</text>
              <text x="304" y="196">Mole-Credential</text>
            </g>
          </svg>
        </artwork>
        <artwork type="ascii-art"><![CDATA[
+--------+                                +-----------+
| Client |                                | Moderator |
+---+----+                                +-----+-----+
    |                                           |
    |<--- WWW-Authenticate: Mole challenge= ----+
    |                                           |
(Redeem & Issue, if needed)                     |
    |                                           |
    +--- Authorization: Mole presentation= ---->|
    |                                           |
    |<----------------------- Mole-Credential --+
    |                                           |
]]></artwork>
      </artset>
      <t>A challenge names a single endorsement or credential type. To offer a
choice, a server sends multiple <tt>Mole</tt> challenges; the Client picks one it
supports and <bcp14>MUST</bcp14> ignore challenges whose type it does not recognize.</t>
      <t>All base64url values in this document are encoded without padding
(<xref target="BASE64"/>).</t>
    </section>
    <section anchor="configuration">
      <name>Configuration</name>
      <t>Anchors and Moderators publish configuration used by Clients before
running the HTTP authentication flows. Configuration includes endpoint URLs,
supported protocol types, public key material, and the Anchor set associated
with each Moderator policy. Its contents and format are defined in the Key
Rotation and Discovery section of <xref target="PROTOCOLS"/>.</t>
    </section>
    <section anchor="error-handling">
      <name>Error Handling</name>
      <t>Moderators can use MoLE as optional authentication. A <tt>200</tt> response <bcp14>MAY</bcp14>
include a <tt>WWW-Authenticate: Mole</tt> challenge. This tells the Client that a
later request can include a presentation, for example to get a higher limit
or avoid other friction. In such deployments, Clients <bcp14>SHOULD</bcp14> apply the
greasing rules of <xref target="PROTOCOLS"/>.</t>
      <t>A <tt>401</tt> response with a <tt>WWW-Authenticate: Mole</tt> challenge means that the
Moderator requires MoLE, or another acceptable authentication scheme,
before serving the resource. A <tt>403</tt> response means that the Moderator
understood the presented MoLE material but did not accept it under policy.</t>
      <section anchor="endorsement">
        <name>Endorsement</name>
        <t>The criteria to provide an endorsement is left to the Anchor. This document only defines the
HTTP carriage for the Endorsement protocol messages.</t>
        <section anchor="anchor-client">
          <name>Anchor -&gt; Client</name>
          <sourcecode type="tls-presentation"><![CDATA[
struct {
  uint16 endorsement_type;
  opaque anchor_context<V>;
} EndorsementChallenge;
]]></sourcecode>
          <ul spacing="normal">
            <li>
              <t><tt>challenge</tt> contains a base64url <tt>EndorsementChallenge</tt> value, encoded per
<xref target="BASE64"/>.</t>
            </li>
          </ul>
          <artwork><![CDATA[
WWW-Authenticate: Mole challenge="<endorsement-challenge>",
                       realm="anchor"
]]></artwork>
        </section>
        <section anchor="client-anchor">
          <name>Client &lt;-&gt; Anchor</name>
          <t>After receiving a challenge, the Client runs the grant exchanges with the
Anchor as defined by the endorsement protocol in <xref target="PROTOCOLS"/>, for
example HTTP POST requests such as the ones defined there. The
<tt>anchor_context</tt> from the challenge is carried into the first request as
specified by the endorsement type.</t>
        </section>
      </section>
      <section anchor="issuance">
        <name>Issuance</name>
        <section anchor="moderator-client">
          <name>Moderator -&gt; Client</name>
          <sourcecode type="tls-presentation"><![CDATA[
struct {
  uint16 endorsement_type; // always present, see PROTOCOLS
  opaque challenge<V>;
} ModeratorChallenge;
]]></sourcecode>
          <ul spacing="normal">
            <li>
              <t><tt>challenge</tt> which contains a base64url ModeratorChallenge value, encoded per <xref target="BASE64"/></t>
            </li>
          </ul>
          <t>The <tt>challenge</tt> field carries the <tt>Challenge</tt> structure of the named
endorsement type, defined in <xref target="PROTOCOLS"/>.</t>
          <section anchor="example-refinement">
            <name>Example refinement</name>
            <t>The following structure is an example refinement of <tt>ModeratorChallenge</tt>.</t>
            <sourcecode type="tls-presentation"><![CDATA[
struct {
  opaque policy_context<V>; // Moderator-generated policy identifier
  opaque anchor_set<V>; // Endorsement-type-specific Anchor material
} MoleModeratorChallenge;
]]></sourcecode>
            <t>In <tt>MoleModeratorChallenge</tt>, <tt>anchor_set</tt> is opaque. Clients <bcp14>MUST NOT</bcp14> assume
array semantics unless the endorsement type defines them.</t>
            <artwork><![CDATA[
WWW-Authenticate: Mole challenge="<moderator-challenge>",
                       realm="moderator"
]]></artwork>
          </section>
        </section>
        <section anchor="client-moderator">
          <name>Client -&gt; Moderator</name>
          <t>The Client answers with a <tt>CredentialRequest</tt> (<xref target="PROTOCOLS"/>) in the
<tt>Authorization</tt> header of a request to the Moderator. It carries the
endorsement redemption, bound to this challenge, together with the
issuance request.</t>
          <artwork><![CDATA[
Authorization: Mole credential-request="<credential-request>"
]]></artwork>
        </section>
        <section anchor="moderator-client-1">
          <name>Moderator -&gt; Client</name>
          <t>The Moderator returns the <tt>CredentialResponse</tt> (<xref target="PROTOCOLS"/>) in the
<tt>Mole-Credential</tt> response header.</t>
          <artwork><![CDATA[
Mole-Credential: response="<credential-response>"
]]></artwork>
        </section>
      </section>
      <section anchor="presentation">
        <name>Presentation</name>
        <section anchor="moderator-client-challenge">
          <name>Moderator -&gt; Client - Challenge</name>
          <sourcecode type="tls-presentation"><![CDATA[
struct {
  uint16 credential_type; // always present, see PROTOCOLS
  opaque challenge<V>;
} CredentialChallenge;
]]></sourcecode>
          <ul spacing="normal">
            <li>
              <t><tt>challenge</tt> which contains a base64url <tt>CredentialChallenge</tt> value, encoded per <xref target="BASE64"/></t>
            </li>
          </ul>
          <t>The <tt>challenge</tt> field carries the <tt>Challenge</tt> structure of the named
credential type, defined in <xref target="PROTOCOLS"/>.</t>
          <section anchor="example-refinement-1">
            <name>Example refinement</name>
            <t>The following structures are example refinements of <tt>CredentialChallenge</tt>.</t>
            <sourcecode type="tls-presentation"><![CDATA[
struct {
  opaque moderator_uri<1..2^16-1>; // URI of the moderator
  opaque presentation_context<V>;
} MoleCredentialChallenge;

struct {
  opaque policy_context<V>; // Moderator-generated policy identifier
  opaque request_context<V>; // binding value, analogous to
                             // redemption_context in RFC 9577
} MolePresentationContext;
]]></sourcecode>
            <t>The <tt>moderator_uri</tt> field contains a URI (defined by <xref target="URI"/>). It names the
endpoint where the Client runs Redeem &amp; Issue if it holds no Credential.</t>
            <t>In <tt>MolePresentationContext</tt>, <tt>policy_context</tt> identifies the Moderator
policy and accepted Anchor set used for this resource. Different resources
<bcp14>MAY</bcp14> use different policy contexts while sharing the same Moderator. The
value <bcp14>MUST</bcp14> be non-empty.</t>
            <t>The <tt>request_context</tt> field binds the presentation to a request, session,
or time window. A non-empty value affects credential caching and replay
handling.</t>
            <t>TODO(thibault):
1. decide exact construction rules for request_context. maybe it should
include policy_context.</t>
            <artwork><![CDATA[
WWW-Authenticate: Mole challenge="<credential-challenge>",
                       realm="moderator"
]]></artwork>
          </section>
        </section>
        <section anchor="client-moderator-presentation">
          <name>Client -&gt; Moderator - Presentation</name>
          <sourcecode type="tls-presentation"><![CDATA[
struct {
  uint16 credential_type; // always present, see PROTOCOLS
  opaque presentation_and_update<V>;
} CredentialPresentation;
]]></sourcecode>
          <t>The <tt>presentation_and_update</tt> field carries the <tt>PresentationAndUpdate</tt>
structure of the named credential type, defined in <xref target="PROTOCOLS"/>.</t>
          <artwork><![CDATA[
Authorization: Mole presentation="<credential-presentation>"
]]></artwork>
          <t>A complete instantiation example is given in the appendix of
<xref target="PROTOCOLS"/>.</t>
        </section>
        <section anchor="moderator-client-update">
          <name>Moderator -&gt; Client - Update</name>
          <t>TODO(thibault)
1. Headers do not have a fixed protocol limit, but large values are hard to deploy. Other instantiations may define another method, such as returning a URL that the client can fetch. TBD</t>
          <sourcecode type="tls-presentation"><![CDATA[
struct {
  uint16 credential_type;
  opaque update_response<V>;
} CredentialUpdate;

struct {
  optional<CredentialUpdate> update;
} OptionalCredentialUpdate;
]]></sourcecode>
          <t>The <tt>update_response</tt> field carries the <tt>Update</tt> structure of the named
credential type, defined in <xref target="PROTOCOLS"/>.</t>
          <t>Updates use the same <tt>Mole-Credential</tt> header as issuance: both return
credential material from the Moderator. The parameter distinguishes them,
<tt>response</tt> for issuance and <tt>update</tt> after a presentation.</t>
          <t>The Moderator <bcp14>MUST</bcp14> send <tt>Mole-Credential</tt> with the <tt>update</tt> parameter
after a presentation. It sets the update when the Credential remains
usable after presentation. It marks the update as absent to intentionally
consume the Credential. Clients <bcp14>MUST</bcp14> follow the Credential type semantics
for reuse after an omitted update.</t>
          <ul spacing="normal">
            <li>
              <t><tt>update</tt> which contains a base64url OptionalCredentialUpdate value, encoded per <xref target="BASE64"/></t>
            </li>
          </ul>
          <artwork><![CDATA[
Mole-Credential: update="<optional-credential-update>"
]]></artwork>
          <t>Each credential type <bcp14>MUST</bcp14> define the challenge fields that partition cached
Credentials, or state that Credentials of that type are not cacheable.</t>
        </section>
      </section>
    </section>
    <section anchor="security-considerations">
      <name>Security Considerations</name>
      <t>All exchanges defined in this document <bcp14>MUST</bcp14> be carried over HTTPS.</t>
      <t>TODO. The list to cover:</t>
      <ol spacing="normal" type="1"><li>
          <t>Challenge replay and caching: when a Client may reuse a cached
credential against a repeated challenge.</t>
        </li>
        <li>
          <t>Header size limits and what happens when updates exceed them.</t>
        </li>
      </ol>
    </section>
    <section anchor="iana-considerations">
      <name>IANA Considerations</name>
      <section anchor="authentication-scheme">
        <name>Authentication Scheme</name>
        <t>This document registers the <tt>Mole</tt> authentication scheme, as defined in
<xref target="http-authentication-scheme"/>, in the "HTTP Authentication Schemes"
registry.</t>
      </section>
      <section anchor="http-field-names">
        <name>HTTP Field Names</name>
        <t>This document registers the <tt>Mole-Credential</tt> field name in the
"Hypertext Transfer Protocol (HTTP) Field Name Registry".</t>
        <t>Endorsement and credential type values are registered in <xref target="PROTOCOLS"/>, not
in this document.</t>
      </section>
    </section>
  </middle>
  <back>
    <references anchor="sec-combined-references">
      <name>References</name>
      <references anchor="sec-normative-references">
        <name>Normative References</name>
        <reference anchor="HTTP">
          <front>
            <title>HTTP Semantics</title>
            <author fullname="R. Fielding" initials="R." role="editor" surname="Fielding"/>
            <author fullname="M. Nottingham" initials="M." role="editor" surname="Nottingham"/>
            <author fullname="J. Reschke" initials="J." role="editor" surname="Reschke"/>
            <date month="June" year="2022"/>
            <abstract>
              <t>The Hypertext Transfer Protocol (HTTP) is a stateless application-level protocol for distributed, collaborative, hypertext information systems. This document describes the overall architecture of HTTP, establishes common terminology, and defines aspects of the protocol that are shared by all versions. In this definition are core protocol elements, extensibility mechanisms, and the "http" and "https" Uniform Resource Identifier (URI) schemes.</t>
              <t>This document updates RFC 3864 and obsoletes RFCs 2818, 7231, 7232, 7233, 7235, 7538, 7615, 7694, and portions of 7230.</t>
            </abstract>
          </front>
          <seriesInfo name="STD" value="97"/>
          <seriesInfo name="RFC" value="9110"/>
          <seriesInfo name="DOI" value="10.17487/RFC9110"/>
        </reference>
        <reference anchor="PROTOCOLS" target="https://datatracker.ietf.org/doc/draft-jms-mole-protocols/00/">
          <front>
            <title>MoLE Protocols</title>
            <author>
              <organization/>
            </author>
            <date>n.d.</date>
          </front>
        </reference>
        <reference anchor="URI">
          <front>
            <title>Uniform Resource Identifier (URI): Generic Syntax</title>
            <author fullname="T. Berners-Lee" initials="T." surname="Berners-Lee"/>
            <author fullname="R. Fielding" initials="R." surname="Fielding"/>
            <author fullname="L. Masinter" initials="L." surname="Masinter"/>
            <date month="January" year="2005"/>
            <abstract>
              <t>A Uniform Resource Identifier (URI) is a compact sequence of characters that identifies an abstract or physical resource. This specification defines the generic URI syntax and a process for resolving URI references that might be in relative form, along with guidelines and security considerations for the use of URIs on the Internet. The URI syntax defines a grammar that is a superset of all valid URIs, allowing an implementation to parse the common components of a URI reference without knowing the scheme-specific requirements of every possible identifier. This specification does not define a generative grammar for URIs; that task is performed by the individual specifications of each URI scheme. [STANDARDS-TRACK]</t>
            </abstract>
          </front>
          <seriesInfo name="STD" value="66"/>
          <seriesInfo name="RFC" value="3986"/>
          <seriesInfo name="DOI" value="10.17487/RFC3986"/>
        </reference>
        <reference anchor="TLS13">
          <front>
            <title>The Transport Layer Security (TLS) Protocol Version 1.3</title>
            <author fullname="E. Rescorla" initials="E." surname="Rescorla"/>
            <date month="August" year="2018"/>
            <abstract>
              <t>This document specifies version 1.3 of the Transport Layer Security (TLS) protocol. TLS allows client/server applications to communicate over the Internet in a way that is designed to prevent eavesdropping, tampering, and message forgery.</t>
              <t>This document updates RFCs 5705 and 6066, and obsoletes RFCs 5077, 5246, and 6961. This document also specifies new requirements for TLS 1.2 implementations.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="8446"/>
          <seriesInfo name="DOI" value="10.17487/RFC8446"/>
        </reference>
        <reference anchor="RFC2119">
          <front>
            <title>Key words for use in RFCs to Indicate Requirement Levels</title>
            <author fullname="S. Bradner" initials="S." surname="Bradner"/>
            <date month="March" year="1997"/>
            <abstract>
              <t>In many standards track documents several words are used to signify the requirements in the specification. These words are often capitalized. This document defines these words as they should be interpreted in IETF documents. This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="2119"/>
          <seriesInfo name="DOI" value="10.17487/RFC2119"/>
        </reference>
        <reference anchor="RFC8174">
          <front>
            <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
            <author fullname="B. Leiba" initials="B." surname="Leiba"/>
            <date month="May" year="2017"/>
            <abstract>
              <t>RFC 2119 specifies common key words that may be used in protocol specifications. This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the defined special meanings.</t>
            </abstract>
          </front>
          <seriesInfo name="BCP" value="14"/>
          <seriesInfo name="RFC" value="8174"/>
          <seriesInfo name="DOI" value="10.17487/RFC8174"/>
        </reference>
      </references>
      <references anchor="sec-informative-references">
        <name>Informative References</name>
        <reference anchor="BASE64">
          <front>
            <title>The Base16, Base32, and Base64 Data Encodings</title>
            <author fullname="S. Josefsson" initials="S." surname="Josefsson"/>
            <date month="October" year="2006"/>
            <abstract>
              <t>This document describes the commonly used base 64, base 32, and base 16 encoding schemes. It also discusses the use of line-feeds in encoded data, use of padding in encoded data, use of non-alphabet characters in encoded data, use of different encoding alphabets, and canonical encodings. [STANDARDS-TRACK]</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="4648"/>
          <seriesInfo name="DOI" value="10.17487/RFC4648"/>
        </reference>
        <reference anchor="QUIC">
          <front>
            <title>QUIC: A UDP-Based Multiplexed and Secure Transport</title>
            <author fullname="J. Iyengar" initials="J." role="editor" surname="Iyengar"/>
            <author fullname="M. Thomson" initials="M." role="editor" surname="Thomson"/>
            <date month="May" year="2021"/>
            <abstract>
              <t>This document defines the core of the QUIC transport protocol. QUIC provides applications with flow-controlled streams for structured communication, low-latency connection establishment, and network path migration. QUIC includes security measures that ensure confidentiality, integrity, and availability in a range of deployment circumstances. Accompanying documents describe the integration of TLS for key negotiation, loss detection, and an exemplary congestion control algorithm.</t>
            </abstract>
          </front>
          <seriesInfo name="RFC" value="9000"/>
          <seriesInfo name="DOI" value="10.17487/RFC9000"/>
        </reference>
      </references>
    </references>
    <?line 414?>

<section numbered="false" anchor="acknowledgments">
      <name>Acknowledgments</name>
      <t>TODO acknowledge.</t>
    </section>
  </back>
  <!-- ##markdown-source:
H4sIAAAAAAAAA7Vb/3IbN5L+H0+Bo6u27A2HkmzFcRRHG0aS17qTLa8k27W1
tWeCMyCJaDjgDWYkM7LyLPcs92TXP4AZDEnZijerPxJpBmg0Gt1ff90YJ0ki
KlPlek/2XtmTI/ny4uKNvChV4Ra2rHpCjcelvrrrbaoqPbXlck+aYmKFyGxa
qDkIy0o1qZJf5i6Z21wns6paJFWYl2xvC1eP58Y5Y4tquYAJx0cXL0RRz8e6
3BMZiN0TqS2cLlzt9mRV1lqAFk/EpV5e2zLbEzKRc5vpUlUgA//SRWZLp+e6
qPDPushNcanGJjfVEh8sSnOl0qW40kUN0h9IOS1tvYCtDYvKJC9KVWfywM7n
dQEz5F/xZQ+HsYK9Ta/myuTwalGPc5MmCuRMUMxP108GtpzSEFWmMxiCFnB7
W1u5cZUb8PutIbwzV9ptvSEBW6tytnoCtDTVrB7TCYTtJnaS1MUJ7Q+se9Tu
3G2ZotJloauEjsChhBzM6apIifmKpDxIimzoBrzwwNhVmVufPd3BrJrnPSFU
Xc1siQcFKkg5qfOcfeNczWudy/N0lmtniqkuaQAYRBXmV1JrT/7V2mmu5cnJ
Ab3UbGk3de2sn6b4cJDa+foah7oojJP/qdJLh+6xJv+V/dXkuYqFG11Nfspo
YvILTxzUl+uyL2ZmrOq8kq80+MNG7Q9yW2eTXJU6XsBWCa1ReQEoXRS2nMOs
K3BJSfG1J89eHHy/s7MNf785O704PTg9Od+TD46Tw8GK4RelrWxqc0er+Dim
QH3TfaPKqQYHCOcP8aXgvNJLXQ5QI3JGiN3Vg23kb21vb4Gkt2fHpN2T7589
hT8vTs53ntCDZ7u7T4VADIg28/Pw/OjpLr3ffbr7DJ787e3xAW9vGyBADAYD
IZIkkWrsUJ1KCFKe1XVyXNprp0uZ6UVul+SUfeksWNfw78MiBReDX1SRSR8e
8LcstM6EKhiuGseUoJ2sZlqGbclJDguA+IkpdCbHS3qLAWsqnVZ1qUE/OG0Y
YtMa1/djHQ0cvQIbjXgRdHZ4b1JyAAleCkHUl9czk85kqsrSaCfSmcpzDa7r
SOFFqQHfKprhGuWiEKRRaakzlKy8urRZgSNnWsGOnawdKF9ZWWpQuYgnwFno
En4ZgM9qgDsAFqk/ghqkwzXENwliM8LGdWOLBZi9MZMp5M1N44q3t2AVOra5
ybJcC0C546IqbVanhMXi4vTwFJ9e6HJuCpvb6RLtqCWAt0T0dgBmb88ven3+
v3x9Sr+fHYGDnB0d4u/nL4cnJ80vwo84f3n69uSw/a2deXD66tXR60OeDE9l
55HovRr+vcd+0jt9c3F8+np40sONVZ3jRROAJcdaEuTBCVVgDOVEpl1amjH8
AXN+Pnjzf/+7swtG+Q/w5cc7O9/f3vo/nu18twt/XIMz8Gq2yJf+TzD1UqjF
QqsSpYAvgGcsTKVyPFQn3cxeF3Cq5HZ//gda5p978vk4Xezs7vsHuOHOw2Cz
zkOy2fqTtclsxA2PNizTWLPzfMXSXX2Hf+/8HewePXz+F0g9WiY7z/6yL9Bl
3kQxIU/AT2s11atBCA7PEQgA1IkiyHQ8A06DwAmOAo4zHB7OEYA0NcW2tJPW
xefaOZjnBhJ8WaosMyQPJuM6Y+W0dEtY5WNfmqDAtRVhIAanVigVyQqCCPMO
iuqJ0Tm4PPuVXfjx6BwrI4GapIRfMHSmrrS8UhC9mJed+VVLhI5qFsIefOTB
A3kaxL1TeQ3bfhDkJ1f44FaIYdGuSc8kmFIXKaBlRhAglbdhiutMYRxkV2nT
Sld90CoH0GnAUXgJldP5RJpJsD6Y7T34OFga5ML0fiSURYWlWIAFWSVgD2D0
NqROuSPJucE+pf4FjEBBB/CVY0LRGez1t99+k1Xukvi4/VnKG0pyNYTss6DQ
D/QItARh8qF/+MiPxJ8Uj3QbGAWJuLn9oftmB9I868ov4P1tY8fnF/s/oEJ0
Au/CGZ3jGb2jE5QnfFQv+aiEOC4+7699GY4eESicDphAwR7+p2YzTsILAdui
bIjCJuZje5DsInAaiLbeX8j9wJ9QGA8mb3JwJuOlcAudmskSjxw1BLw283pO
3jlXH+l3luNQAU5QrF1HMa/QwG81ilbCvVLTxpy+ghSdN5u9nlkMLFDHoa8v
pYX3Ep3QTCCVApEvKVXBhs4tYKarwKC4Xo0MMOynEx202zZIVTeGhB8V5jcv
/XNEfWCWvEccgpGPIE47t4WWcSIQNzfnmnKe3HmKaiG/gfSI1l/KzEwmIIoS
ACUaVTVSyCIlGNCUqKTwZuedhMUHAEXNjr3boE5zTB58PuyijmzsrepT1YJ5
iJkvaPk0rzMyx+jdaCBfgIvqjwreAVG7Z2g9eczWfr49GDz+9tt9jgu7UOAF
jR2fv9vHQDmnye/BJzkeXAgXJkvDLlk6J7IE2EV1RJdJJcykAMfe6w6Ob6Rd
cw0lR8aECABLeabItqcIKERULMlJadHVGwKE+XpcKXA0nBsRLxrXMswB0xlP
ADdyP4+c7k5docCbayBDlyJwLqJZOBRd6LgKtFG2tLEvUac5na0ngh0SuRdt
BvfTahwJIY3YMP2QhYQ3FDDla6SUhh1+NKQazpc1I5960B0VeS9UlQN5ig5e
BX4puvxSRvzSQVDaunIm4xNkQ1G0mJJ3i6nbOBGz0JgP38lI+5RovUsziqAh
xZvT8wufPJRyV1PxTeJ/vpFf+GlG4mDxKbjSpy/N+xQZ/ROt983vWM//V7Ck
+/984hnPkZa/f/8+iUKMSkKwSuMBP8qvXePhGbifnss/yWPnashawACw1tLZ
o89p9bv3gVaQHd/ze4i9nbex/7VrkK02/dBKSRT9X2crArxha3WJzQNK6IDh
ebfOw/hs18N+E0SFhTjDBKKgbrQm1X0iAyVlSJgM9KjOK4P+7nGoDfEfohiX
C5NeOso6phKuXmApzAUocS5ItrbUMT5wVkYtMI1mFh4VtoKATy0k5l+xOhlC
7YKp8eluXXpa6TZXUzHThOCXC6TMxVQ8vLnh/sDt7SOksvLAFhMzrX0/T/jS
frWypw6Zg5I6Ht0Avm8MAI8EONCirIsiEJuNEIwAPeiu3OZKsPHCQuKTb89O
XD9YDlEpoBCaCGCYu3ZU3IaCuwHWBvuAbSnnbGpgRCYIGrVKZxFYLCxIWSLy
O9xeRTtBMdxU6ZTnHp//CwrKM+u5JA49NC5F9FvCgkxMAKtXa/cH8qgsYcGX
MAO5PnZdGgMD60JzchcJMmZbr3RsN5BDOXq8vT0Ct3ALbNRKKPeENx7yjM0o
FHkpAj94S6XzPM5JnKyVwKZlGbIMqdUKj2GgC/1QOU3R1HJmpkCyZG7m4PWY
C6+sybjugNRrUt4EkFVXwyl0OkzBi3wpDBU7JzgxLbUi4ljWuXabTAtG2d3e
iYziefmXrQHcBZJvwxLbI2lpIh5Jn/J6wftQaaoXFfKuO/pPggOBYCMEAkiy
dZlqOsHd7SeRsl0VWtcUdYFlTGVt5vtnZH6dsZcEp5djiO8MrIxowboRD8fJ
wbupZIooGBMpYHUkAo8PousKGQIceAyR4Cm5nlShIuew8i7UAA5x7ahFJyjq
G2YRWmxHmyhF0wFAFR+EuE32vTsQifgcS0aODFVApPMHxAekyZ4kKxL5gWL7
Y+WpcqTLQfAFz5b/LEeNe4wIEjwzbZF3tGn6iAG532DvgnrULeAyIxJf5Am9
59Fukub5fq8v7kh7ECD5/Mce77QXauQHIbSfgznZsBAqE47vVJsrLsaaBfox
HACIu5ZeynV6KQJ7X+vk3p86ioAf5DDIGgPyOAYI5ULt1q5CdS3RVzHqnu2I
Kwac0Qa4cZ7RI3x7N54YCKsG5JTz5bjZvAciBhRBSL9gSc3WbbHiX3dXubUl
VX6tli6EeR/gQ7c3Ea0/N1vzrtyo8XlH9j3xTe68LmGDK0eO7MuwSDg3O0Ll
RDVMFBed3h++RE6WiVUb92WnJFvJnmjxI+8uJY1rgYyLPnTndinjCMvWZqAO
o/UdjwZfPDtvf4bUGE/w8BqJyVQX+BtajUZKQwxzwldWXVACfhIERJCSoDUS
75NpwMSA93Tkub7z2CG5jjYPGPXlqF14hCZidQZN8g3NbmRNAO4CTlQhq5nj
5Wjq8HoXAHtjiMQZYH5/rJs3hvsdSNdMWgc7iMU2g5J3rBTZgRu0pcYZA8FI
Pux43SPP98Q96vGQINteRdxKQCGxudp2Ql+ObV1kPN24DhhboFTINxrENR5+
miYAG3lTxdbWNYkfDKZef7gf2W8jnF3Ee/JXXSHAI/sxk7nbgCu1XUR+2JZ+
JyvD9pphq8rz01b7zgXGnduRiWxi4b5I3S77LwN1u7GvRurRBhmbeMcfD9Yr
hfIfitW+/b42gbj+xi3fG6wboPhQl+b5zmDw+L93niY7DLlvz47DJptxEc5H
klfYI/rpxtP8d6ULH66rUsamoHa5dwAFBaOd2hpvsu4CUP6BuS0GBal4lGcv
DuT33373nd9kHFYHPMq7LDlVx7qNY7WOiwZ+GLHDmxt4gp0HBEduzHho5JL/
mhr0qyy02/3C5heUNzOLl3uFjaJq0Oa+DXpj8uuexag1tVupvPxRYG3PFRXo
H7UUqPHBZQ1gdlvaHdLdAyM8P3MC6nOq7LPmnRfutcDGjwG3dzNVhmLRgWni
VHLRXAGG+7rCFgke3zL0xFc8JBwGeoiLq0cVLlib1IX4RV+E9bFgr8wcy2dI
VtdYqjbr+BtEBZtIsVPSwkGq0hlVEmCsEgp6tRQz3+IY8EcJD8OXN4/2xM4A
byux0oR4h0jBr80oZlAtLvAntlx1+AGwn+WYGmNuZus8a1oe3SO9P+2I0skf
zzsg0XQT0r8913TACqz/oV7g13xrmSdWK47kO+ZvTBaxjGGRveWRYnPiWO2w
fjZx3MVmOv3nztnFbwIdGIJTYSapNN1dInNlrw8ZBmJ2aq50Efp5+HEIAOlH
UFxsyGV3UAne96qHo4P7+2eZWerJ0DcF4RK4KYipRdan5k2OH16Fdi6mQoCC
jL+gwP7YQJ4SD+xsBq/pQ9Ol6UzxRVy/qZ2Zr3GZ//bspO0xpbwJbO9NdJXO
AGJ+PvxaN229kJ3mQ+Bna97HJltNk/52f3XYvheHIsL3FuuiWhdeWXyj63pf
/SNIDouiz8BazF4nur5WgMMI7H0PKD8Qej4bseGzsbaL0U0BcqHw8hL7N5lx
eCddGzfzBVdfjKKdg6s2xQLi8iiEs6L2T7eVO1il+ZRk8LJjw36a28VGZKOV
2CgcU73DzwpxEs+hD7M4zbe7L/FrzcKJ2nFnlWStSZqr8rIjCm+Xx45qUEvf
ERTsKfmSPmSGGnZloZVal+noqjJUzzZVr+CMhCftt1hIC9GLrIDVGBCHDxb5
DIG/y5G/xOE3Vke8HgBi8/VRhIz8MmDiEV56rLg3G8BDSLdpFr6dQryA8634
syzM9BAlrQqO+uKASpXmsdErjizlewOIaoiFJAIPeEDfnZ3rFJgjsAsgaXhB
zZdBjm+62p5j5/4l7jwHOhQ6fM0V9LmnHhw4+PU3+gdd0uwJxOi21cWchT/6
ZCqzxw7afMeASOuPP9gAKEFkTTXFg66IUy00kfn2vkU8DhmBvwAi4Ocrpmv+
QALTj+M1a48qsHfNvc45XR0dD18P14yE/fJN33SsfrhX6ikYADNS9P3sHZ/O
qtjakA0/83HIbT8k0N7d35e4nuDlS38LQUNfEDS/xgrgHsp2AIhRHfE6dBd6
L8HDSqpg6N9I4O1t+BBbPsT1HkULQjnB6vRAn6O7v/olt41yctBrQzboo2uL
Vef0H1mPVXqJJzhMLwt7netsSqWtuNnjf3ahsx97E4gX3btll4WKI4wE5/l/
b5yAQSoyAAA=

-->

</rfc>
