pep-trustwords to rev 05: update terms and references
authorHernâni Marques <hernani@pep.foundation>
Thu, 09 Jan 2020 11:38:44 +0100
changeset 12134f56bef55f87
parent 1212 d0098200118a
child 1214 b8d126cde962
pep-trustwords to rev 05: update terms and references
pep-trustwords/archive/draft-birk-pep-trustwords-05.html
pep-trustwords/archive/draft-birk-pep-trustwords-05.txt
pep-trustwords/archive/draft-birk-pep-trustwords-05.xml
pep-trustwords/draft-birk-pep-trustwords.mkd
     1.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     1.2 +++ b/pep-trustwords/archive/draft-birk-pep-trustwords-05.html	Thu Jan 09 11:38:44 2020 +0100
     1.3 @@ -0,0 +1,1038 @@
     1.4 +<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" 
     1.5 +  "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">
     1.6 +
     1.7 +<html lang="en" xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
     1.8 +<head profile="http://www.w3.org/2006/03/hcard http://dublincore.org/documents/2008/08/04/dc-html/">
     1.9 +  <meta http-equiv="Content-Type" content="text/html; charset=us-ascii" />
    1.10 +
    1.11 +  <title>IANA Registration of Trustword Lists: Guide, Template and IANA Considerations</title>
    1.12 +
    1.13 +  <style type="text/css" title="Xml2Rfc (sans serif)">
    1.14 +  /*<![CDATA[*/
    1.15 +	  a {
    1.16 +	  text-decoration: none;
    1.17 +	  }
    1.18 +      /* info code from SantaKlauss at http://www.madaboutstyle.com/tooltip2.html */
    1.19 +      a.info {
    1.20 +          /* This is the key. */
    1.21 +          position: relative;
    1.22 +          z-index: 24;
    1.23 +          text-decoration: none;
    1.24 +      }
    1.25 +      a.info:hover {
    1.26 +          z-index: 25;
    1.27 +          color: #FFF; background-color: #900;
    1.28 +      }
    1.29 +      a.info span { display: none; }
    1.30 +      a.info:hover span.info {
    1.31 +          /* The span will display just on :hover state. */
    1.32 +          display: block;
    1.33 +          position: absolute;
    1.34 +          font-size: smaller;
    1.35 +          top: 2em; left: -5em; width: 15em;
    1.36 +          padding: 2px; border: 1px solid #333;
    1.37 +          color: #900; background-color: #EEE;
    1.38 +          text-align: left;
    1.39 +      }
    1.40 +	  a.smpl {
    1.41 +	  color: black;
    1.42 +	  }
    1.43 +	  a:hover {
    1.44 +	  text-decoration: underline;
    1.45 +	  }
    1.46 +	  a:active {
    1.47 +	  text-decoration: underline;
    1.48 +	  }
    1.49 +	  address {
    1.50 +	  margin-top: 1em;
    1.51 +	  margin-left: 2em;
    1.52 +	  font-style: normal;
    1.53 +	  }
    1.54 +	  body {
    1.55 +	  color: black;
    1.56 +	  font-family: verdana, helvetica, arial, sans-serif;
    1.57 +	  font-size: 10pt;
    1.58 +	  max-width: 55em;
    1.59 +	  
    1.60 +	  }
    1.61 +	  cite {
    1.62 +	  font-style: normal;
    1.63 +	  }
    1.64 +	  dd {
    1.65 +	  margin-right: 2em;
    1.66 +	  }
    1.67 +	  dl {
    1.68 +	  margin-left: 2em;
    1.69 +	  }
    1.70 +	
    1.71 +	  ul.empty {
    1.72 +	  list-style-type: none;
    1.73 +	  }
    1.74 +	  ul.empty li {
    1.75 +	  margin-top: .5em;
    1.76 +	  }
    1.77 +	  dl p {
    1.78 +	  margin-left: 0em;
    1.79 +	  }
    1.80 +	  dt {
    1.81 +	  margin-top: .5em;
    1.82 +	  }
    1.83 +	  h1 {
    1.84 +	  font-size: 14pt;
    1.85 +	  line-height: 21pt;
    1.86 +	  page-break-after: avoid;
    1.87 +	  }
    1.88 +	  h1.np {
    1.89 +	  page-break-before: always;
    1.90 +	  }
    1.91 +	  h1 a {
    1.92 +	  color: #333333;
    1.93 +	  }
    1.94 +	  h2 {
    1.95 +	  font-size: 12pt;
    1.96 +	  line-height: 15pt;
    1.97 +	  page-break-after: avoid;
    1.98 +	  }
    1.99 +	  h3, h4, h5, h6 {
   1.100 +	  font-size: 10pt;
   1.101 +	  page-break-after: avoid;
   1.102 +	  }
   1.103 +	  h2 a, h3 a, h4 a, h5 a, h6 a {
   1.104 +	  color: black;
   1.105 +	  }
   1.106 +	  img {
   1.107 +	  margin-left: 3em;
   1.108 +	  }
   1.109 +	  li {
   1.110 +	  margin-left: 2em;
   1.111 +	  margin-right: 2em;
   1.112 +	  }
   1.113 +	  ol {
   1.114 +	  margin-left: 2em;
   1.115 +	  margin-right: 2em;
   1.116 +	  }
   1.117 +	  ol p {
   1.118 +	  margin-left: 0em;
   1.119 +	  }
   1.120 +	  p {
   1.121 +	  margin-left: 2em;
   1.122 +	  margin-right: 2em;
   1.123 +	  }
   1.124 +	  pre {
   1.125 +	  margin-left: 3em;
   1.126 +	  background-color: lightyellow;
   1.127 +	  padding: .25em;
   1.128 +	  }
   1.129 +	  pre.text2 {
   1.130 +	  border-style: dotted;
   1.131 +	  border-width: 1px;
   1.132 +	  background-color: #f0f0f0;
   1.133 +	  width: 69em;
   1.134 +	  }
   1.135 +	  pre.inline {
   1.136 +	  background-color: white;
   1.137 +	  padding: 0em;
   1.138 +	  }
   1.139 +	  pre.text {
   1.140 +	  border-style: dotted;
   1.141 +	  border-width: 1px;
   1.142 +	  background-color: #f8f8f8;
   1.143 +	  width: 69em;
   1.144 +	  }
   1.145 +	  pre.drawing {
   1.146 +	  border-style: solid;
   1.147 +	  border-width: 1px;
   1.148 +	  background-color: #f8f8f8;
   1.149 +	  padding: 2em;
   1.150 +	  }
   1.151 +	  table {
   1.152 +	  margin-left: 2em;
   1.153 +	  }
   1.154 +	  table.tt {
   1.155 +	  vertical-align: top;
   1.156 +	  }
   1.157 +	  table.full {
   1.158 +	  border-style: outset;
   1.159 +	  border-width: 1px;
   1.160 +	  }
   1.161 +	  table.headers {
   1.162 +	  border-style: outset;
   1.163 +	  border-width: 1px;
   1.164 +	  }
   1.165 +	  table.tt td {
   1.166 +	  vertical-align: top;
   1.167 +	  }
   1.168 +	  table.full td {
   1.169 +	  border-style: inset;
   1.170 +	  border-width: 1px;
   1.171 +	  }
   1.172 +	  table.tt th {
   1.173 +	  vertical-align: top;
   1.174 +	  }
   1.175 +	  table.full th {
   1.176 +	  border-style: inset;
   1.177 +	  border-width: 1px;
   1.178 +	  }
   1.179 +	  table.headers th {
   1.180 +	  border-style: none none inset none;
   1.181 +	  border-width: 1px;
   1.182 +	  }
   1.183 +	  table.left {
   1.184 +	  margin-right: auto;
   1.185 +	  }
   1.186 +	  table.right {
   1.187 +	  margin-left: auto;
   1.188 +	  }
   1.189 +	  table.center {
   1.190 +	  margin-left: auto;
   1.191 +	  margin-right: auto;
   1.192 +	  }
   1.193 +	  caption {
   1.194 +	  caption-side: bottom;
   1.195 +	  font-weight: bold;
   1.196 +	  font-size: 9pt;
   1.197 +	  margin-top: .5em;
   1.198 +	  }
   1.199 +	
   1.200 +	  table.header {
   1.201 +	  border-spacing: 1px;
   1.202 +	  width: 95%;
   1.203 +	  font-size: 10pt;
   1.204 +	  color: white;
   1.205 +	  }
   1.206 +	  td.top {
   1.207 +	  vertical-align: top;
   1.208 +	  }
   1.209 +	  td.topnowrap {
   1.210 +	  vertical-align: top;
   1.211 +	  white-space: nowrap; 
   1.212 +	  }
   1.213 +	  table.header td {
   1.214 +	  background-color: gray;
   1.215 +	  width: 50%;
   1.216 +	  }
   1.217 +	  table.header a {
   1.218 +	  color: white;
   1.219 +	  }
   1.220 +	  td.reference {
   1.221 +	  vertical-align: top;
   1.222 +	  white-space: nowrap;
   1.223 +	  padding-right: 1em;
   1.224 +	  }
   1.225 +	  thead {
   1.226 +	  display:table-header-group;
   1.227 +	  }
   1.228 +	  ul.toc, ul.toc ul {
   1.229 +	  list-style: none;
   1.230 +	  margin-left: 1.5em;
   1.231 +	  margin-right: 0em;
   1.232 +	  padding-left: 0em;
   1.233 +	  }
   1.234 +	  ul.toc li {
   1.235 +	  line-height: 150%;
   1.236 +	  font-weight: bold;
   1.237 +	  font-size: 10pt;
   1.238 +	  margin-left: 0em;
   1.239 +	  margin-right: 0em;
   1.240 +	  }
   1.241 +	  ul.toc li li {
   1.242 +	  line-height: normal;
   1.243 +	  font-weight: normal;
   1.244 +	  font-size: 9pt;
   1.245 +	  margin-left: 0em;
   1.246 +	  margin-right: 0em;
   1.247 +	  }
   1.248 +	  li.excluded {
   1.249 +	  font-size: 0pt;
   1.250 +	  }
   1.251 +	  ul p {
   1.252 +	  margin-left: 0em;
   1.253 +	  }
   1.254 +	
   1.255 +	  .comment {
   1.256 +	  background-color: yellow;
   1.257 +	  }
   1.258 +	  .center {
   1.259 +	  text-align: center;
   1.260 +	  }
   1.261 +	  .error {
   1.262 +	  color: red;
   1.263 +	  font-style: italic;
   1.264 +	  font-weight: bold;
   1.265 +	  }
   1.266 +	  .figure {
   1.267 +	  font-weight: bold;
   1.268 +	  text-align: center;
   1.269 +	  font-size: 9pt;
   1.270 +	  }
   1.271 +	  .filename {
   1.272 +	  color: #333333;
   1.273 +	  font-weight: bold;
   1.274 +	  font-size: 12pt;
   1.275 +	  line-height: 21pt;
   1.276 +	  text-align: center;
   1.277 +	  }
   1.278 +	  .fn {
   1.279 +	  font-weight: bold;
   1.280 +	  }
   1.281 +	  .hidden {
   1.282 +	  display: none;
   1.283 +	  }
   1.284 +	  .left {
   1.285 +	  text-align: left;
   1.286 +	  }
   1.287 +	  .right {
   1.288 +	  text-align: right;
   1.289 +	  }
   1.290 +	  .title {
   1.291 +	  color: #990000;
   1.292 +	  font-size: 18pt;
   1.293 +	  line-height: 18pt;
   1.294 +	  font-weight: bold;
   1.295 +	  text-align: center;
   1.296 +	  margin-top: 36pt;
   1.297 +	  }
   1.298 +	  .vcardline {
   1.299 +	  display: block;
   1.300 +	  }
   1.301 +	  .warning {
   1.302 +	  font-size: 14pt;
   1.303 +	  background-color: yellow;
   1.304 +	  }
   1.305 +	
   1.306 +	
   1.307 +	  @media print {
   1.308 +	  .noprint {
   1.309 +		display: none;
   1.310 +	  }
   1.311 +	
   1.312 +	  a {
   1.313 +		color: black;
   1.314 +		text-decoration: none;
   1.315 +	  }
   1.316 +	
   1.317 +	  table.header {
   1.318 +		width: 90%;
   1.319 +	  }
   1.320 +	
   1.321 +	  td.header {
   1.322 +		width: 50%;
   1.323 +		color: black;
   1.324 +		background-color: white;
   1.325 +		vertical-align: top;
   1.326 +		font-size: 12pt;
   1.327 +	  }
   1.328 +	
   1.329 +	  ul.toc a::after {
   1.330 +		content: leader('.') target-counter(attr(href), page);
   1.331 +	  }
   1.332 +	
   1.333 +	  ul.ind li li a {
   1.334 +		content: target-counter(attr(href), page);
   1.335 +	  }
   1.336 +	
   1.337 +	  .print2col {
   1.338 +		column-count: 2;
   1.339 +		-moz-column-count: 2;
   1.340 +		column-fill: auto;
   1.341 +	  }
   1.342 +	  }
   1.343 +	
   1.344 +	  @page {
   1.345 +	  @top-left {
   1.346 +		   content: "Internet-Draft"; 
   1.347 +	  } 
   1.348 +	  @top-right {
   1.349 +		   content: "December 2010"; 
   1.350 +	  } 
   1.351 +	  @top-center {
   1.352 +		   content: "Abbreviated Title";
   1.353 +	  } 
   1.354 +	  @bottom-left {
   1.355 +		   content: "Doe"; 
   1.356 +	  } 
   1.357 +	  @bottom-center {
   1.358 +		   content: "Expires June 2011"; 
   1.359 +	  } 
   1.360 +	  @bottom-right {
   1.361 +		   content: "[Page " counter(page) "]"; 
   1.362 +	  } 
   1.363 +	  }
   1.364 +	
   1.365 +	  @page:first { 
   1.366 +		@top-left {
   1.367 +		  content: normal;
   1.368 +		}
   1.369 +		@top-right {
   1.370 +		  content: normal;
   1.371 +		}
   1.372 +		@top-center {
   1.373 +		  content: normal;
   1.374 +		}
   1.375 +	  }
   1.376 +  /*]]>*/
   1.377 +  </style>
   1.378 +
   1.379 +  <link href="#rfc.toc" rel="Contents">
   1.380 +<link href="#rfc.section.1" rel="Chapter" title="1 Introduction">
   1.381 +<link href="#rfc.section.1.1" rel="Chapter" title="1.1 Requirements Language">
   1.382 +<link href="#rfc.section.1.2" rel="Chapter" title="1.2 Terms">
   1.383 +<link href="#rfc.section.2" rel="Chapter" title="2 The Concept of Trustword Mapping">
   1.384 +<link href="#rfc.section.2.1" rel="Chapter" title="2.1 Example">
   1.385 +<link href="#rfc.section.2.2" rel="Chapter" title="2.2 Previous work">
   1.386 +<link href="#rfc.section.2.3" rel="Chapter" title="2.3 Number of Trustwords for a language">
   1.387 +<link href="#rfc.section.2.4" rel="Chapter" title="2.4 Language">
   1.388 +<link href="#rfc.section.2.5" rel="Chapter" title="2.5 The nature of the words">
   1.389 +<link href="#rfc.section.3" rel="Chapter" title="3 Security Considerations">
   1.390 +<link href="#rfc.section.4" rel="Chapter" title="4 Privacy Considerations">
   1.391 +<link href="#rfc.section.5" rel="Chapter" title="5 IANA Considerations">
   1.392 +<link href="#rfc.section.5.1" rel="Chapter" title="5.1 Registration Template (XML chunk)">
   1.393 +<link href="#rfc.section.5.2" rel="Chapter" title="5.2 IANA Registration">
   1.394 +<link href="#rfc.section.5.2.1" rel="Chapter" title="5.2.1 Language Code (&lt;languagecode&gt;)">
   1.395 +<link href="#rfc.section.5.2.2" rel="Chapter" title="5.2.2 Bit Size (&lt;bitsize&gt;)">
   1.396 +<link href="#rfc.section.5.2.3" rel="Chapter" title="5.2.3 Number Of Unique Words (&lt;numberofuniquewords&gt;)">
   1.397 +<link href="#rfc.section.5.2.4" rel="Chapter" title="5.2.4 Bijectivity (&lt;bijective&gt;)">
   1.398 +<link href="#rfc.section.5.2.5" rel="Chapter" title="5.2.5 Version (&lt;version&gt;)">
   1.399 +<link href="#rfc.section.5.2.6" rel="Chapter" title="5.2.6 Registration Document(s) (&lt;registrationdocs&gt;)">
   1.400 +<link href="#rfc.section.5.2.7" rel="Chapter" title="5.2.7 Requesters (&lt;requesters&gt;)">
   1.401 +<link href="#rfc.section.5.2.8" rel="Chapter" title="5.2.8 Further Information (&lt;additionalinfo&gt;)">
   1.402 +<link href="#rfc.section.5.2.9" rel="Chapter" title="5.2.9 Wordlist (&lt;wordlist&gt;)">
   1.403 +<link href="#rfc.section.6" rel="Chapter" title="6 Acknowledgments">
   1.404 +<link href="#rfc.references" rel="Chapter" title="7 References">
   1.405 +<link href="#rfc.references.1" rel="Chapter" title="7.1 Normative References">
   1.406 +<link href="#rfc.references.2" rel="Chapter" title="7.2 Informative References">
   1.407 +<link href="#rfc.appendix.A" rel="Chapter" title="A IANA XML Template Example">
   1.408 +<link href="#rfc.appendix.B" rel="Chapter" title="B Document Changelog">
   1.409 +<link href="#rfc.appendix.C" rel="Chapter" title="C Open Issues">
   1.410 +<link href="#rfc.authors" rel="Chapter">
   1.411 +
   1.412 +
   1.413 +  <meta name="generator" content="xml2rfc version 2.37.3 - https://tools.ietf.org/tools/xml2rfc" />
   1.414 +  <link rel="schema.dct" href="http://purl.org/dc/terms/" />
   1.415 +
   1.416 +  <meta name="dct.creator" content="Hoeneisen, B. and H. Marques" />
   1.417 +  <meta name="dct.identifier" content="urn:ietf:id:draft-birk-pep-trustwords-05" />
   1.418 +  <meta name="dct.issued" scheme="ISO8601" content="2020-01-09" />
   1.419 +  <meta name="dct.abstract" content="This document specifies the IANA Registration Guidelines for Trustwords, describes corresponding registration procedures, and provides a guideline for creating Trustword list specifications.Trustwords are common words in a natural language (e.g., English), which hexadecimal strings are mapped to. Such a mapping makes verification processes like fingerprint comparisons more practical, and less prone to misunderstandings." />
   1.420 +  <meta name="description" content="This document specifies the IANA Registration Guidelines for Trustwords, describes corresponding registration procedures, and provides a guideline for creating Trustword list specifications.Trustwords are common words in a natural language (e.g., English), which hexadecimal strings are mapped to. Such a mapping makes verification processes like fingerprint comparisons more practical, and less prone to misunderstandings." />
   1.421 +
   1.422 +</head>
   1.423 +
   1.424 +<body>
   1.425 +
   1.426 +  <table class="header">
   1.427 +    <tbody>
   1.428 +    
   1.429 +    	<tr>
   1.430 +<td class="left">Network Working Group</td>
   1.431 +<td class="right">B. Hoeneisen</td>
   1.432 +</tr>
   1.433 +<tr>
   1.434 +<td class="left">Internet-Draft</td>
   1.435 +<td class="right">H. Marques</td>
   1.436 +</tr>
   1.437 +<tr>
   1.438 +<td class="left">Intended status: Standards Track</td>
   1.439 +<td class="right">pEp Foundation</td>
   1.440 +</tr>
   1.441 +<tr>
   1.442 +<td class="left">Expires: July 12, 2020</td>
   1.443 +<td class="right">January 09, 2020</td>
   1.444 +</tr>
   1.445 +
   1.446 +    	
   1.447 +    </tbody>
   1.448 +  </table>
   1.449 +
   1.450 +  <p class="title">IANA Registration of Trustword Lists: Guide, Template and IANA Considerations<br />
   1.451 +  <span class="filename">draft-birk-pep-trustwords-05</span></p>
   1.452 +  
   1.453 +  <h1 id="rfc.abstract"><a href="#rfc.abstract">Abstract</a></h1>
   1.454 +<p>This document specifies the IANA Registration Guidelines for Trustwords, describes corresponding registration procedures, and provides a guideline for creating Trustword list specifications.</p>
   1.455 +<p>Trustwords are common words in a natural language (e.g., English), which hexadecimal strings are mapped to. Such a mapping makes verification processes like fingerprint comparisons more practical, and less prone to misunderstandings.</p>
   1.456 +<h1 id="rfc.status"><a href="#rfc.status">Status of This Memo</a></h1>
   1.457 +<p>This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.</p>
   1.458 +<p>Internet-Drafts are working documents of the Internet Engineering Task Force (IETF).  Note that other groups may also distribute working documents as Internet-Drafts.  The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.</p>
   1.459 +<p>Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time.  It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."</p>
   1.460 +<p>This Internet-Draft will expire on July 12, 2020.</p>
   1.461 +<h1 id="rfc.copyrightnotice"><a href="#rfc.copyrightnotice">Copyright Notice</a></h1>
   1.462 +<p>Copyright (c) 2020 IETF Trust and the persons identified as the document authors.  All rights reserved.</p>
   1.463 +<p>This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document.  Please review these documents carefully, as they describe your rights and restrictions with respect to this document.  Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.</p>
   1.464 +
   1.465 +  
   1.466 +  <hr class="noprint" />
   1.467 +  <h1 class="np" id="rfc.toc"><a href="#rfc.toc">Table of Contents</a></h1>
   1.468 +  <ul class="toc">
   1.469 +
   1.470 +  	<li>1.   <a href="#rfc.section.1">Introduction</a>
   1.471 +</li>
   1.472 +<ul><li>1.1.   <a href="#rfc.section.1.1">Requirements Language</a>
   1.473 +</li>
   1.474 +<li>1.2.   <a href="#rfc.section.1.2">Terms</a>
   1.475 +</li>
   1.476 +</ul><li>2.   <a href="#rfc.section.2">The Concept of Trustword Mapping</a>
   1.477 +</li>
   1.478 +<ul><li>2.1.   <a href="#rfc.section.2.1">Example</a>
   1.479 +</li>
   1.480 +<li>2.2.   <a href="#rfc.section.2.2">Previous work</a>
   1.481 +</li>
   1.482 +<li>2.3.   <a href="#rfc.section.2.3">Number of Trustwords for a language</a>
   1.483 +</li>
   1.484 +<li>2.4.   <a href="#rfc.section.2.4">Language</a>
   1.485 +</li>
   1.486 +<li>2.5.   <a href="#rfc.section.2.5">The nature of the words</a>
   1.487 +</li>
   1.488 +</ul><li>3.   <a href="#rfc.section.3">Security Considerations</a>
   1.489 +</li>
   1.490 +<li>4.   <a href="#rfc.section.4">Privacy Considerations</a>
   1.491 +</li>
   1.492 +<li>5.   <a href="#rfc.section.5">IANA Considerations</a>
   1.493 +</li>
   1.494 +<ul><li>5.1.   <a href="#rfc.section.5.1">Registration Template (XML chunk)</a>
   1.495 +</li>
   1.496 +<li>5.2.   <a href="#rfc.section.5.2">IANA Registration</a>
   1.497 +</li>
   1.498 +<ul><li>5.2.1.   <a href="#rfc.section.5.2.1">Language Code (&lt;languagecode&gt;)</a>
   1.499 +</li>
   1.500 +<li>5.2.2.   <a href="#rfc.section.5.2.2">Bit Size (&lt;bitsize&gt;)</a>
   1.501 +</li>
   1.502 +<li>5.2.3.   <a href="#rfc.section.5.2.3">Number Of Unique Words (&lt;numberofuniquewords&gt;)</a>
   1.503 +</li>
   1.504 +<li>5.2.4.   <a href="#rfc.section.5.2.4">Bijectivity (&lt;bijective&gt;)</a>
   1.505 +</li>
   1.506 +<li>5.2.5.   <a href="#rfc.section.5.2.5">Version (&lt;version&gt;)</a>
   1.507 +</li>
   1.508 +<li>5.2.6.   <a href="#rfc.section.5.2.6">Registration Document(s) (&lt;registrationdocs&gt;)</a>
   1.509 +</li>
   1.510 +<li>5.2.7.   <a href="#rfc.section.5.2.7">Requesters (&lt;requesters&gt;)</a>
   1.511 +</li>
   1.512 +<li>5.2.8.   <a href="#rfc.section.5.2.8">Further Information (&lt;additionalinfo&gt;)</a>
   1.513 +</li>
   1.514 +<li>5.2.9.   <a href="#rfc.section.5.2.9">Wordlist (&lt;wordlist&gt;)</a>
   1.515 +</li>
   1.516 +</ul></ul><li>6.   <a href="#rfc.section.6">Acknowledgments</a>
   1.517 +</li>
   1.518 +<li>7.   <a href="#rfc.references">References</a>
   1.519 +</li>
   1.520 +<ul><li>7.1.   <a href="#rfc.references.1">Normative References</a>
   1.521 +</li>
   1.522 +<li>7.2.   <a href="#rfc.references.2">Informative References</a>
   1.523 +</li>
   1.524 +</ul><li>Appendix A.   <a href="#rfc.appendix.A">IANA XML Template Example</a>
   1.525 +</li>
   1.526 +<li>Appendix B.   <a href="#rfc.appendix.B">Document Changelog</a>
   1.527 +</li>
   1.528 +<li>Appendix C.   <a href="#rfc.appendix.C">Open Issues</a>
   1.529 +</li>
   1.530 +<li><a href="#rfc.authors">Authors' Addresses</a>
   1.531 +</li>
   1.532 +
   1.533 +
   1.534 +  </ul>
   1.535 +
   1.536 +  <h1 id="rfc.section.1">
   1.537 +<a href="#rfc.section.1">1.</a> <a href="#introduction" id="introduction">Introduction</a>
   1.538 +</h1>
   1.539 +<p id="rfc.section.1.p.1">In public-key cryptography, comparing the respective public key fingerprints for each of the communication partners involved is vital to ensure that there is no Man-in-the-Middle (MITM) attack on the communication channel. These fingerprints normally consist of a chain of hexadecimal characters, which are often impractical, cumbersome, and prone to misunderstandings for end-users.</p>
   1.540 +<p id="rfc.section.1.p.2">To mitigate these challenges, several systems offer Trustword comparison as an alternative to these hexadecimal strings.  Trustwords are common words in a natural language (e.g., English), which these hexadecimal strings are mapped to. Using Trustwords makes verification processes like fingerprint comparisons more natural for users.</p>
   1.541 +<p id="rfc.section.1.p.3">For example, in pEp&#8217;s Privacy by Default proposition <a href="#I-D.birk-pep" class="xref">[I-D.birk-pep]</a> Trustwords are used to facilitate easy contact verification for end-to-end encryption. Trustword comparison is offered after the peers have opportunistically exchanged public keys. Examples of Trustword lists used by current pEp implementations can be found here in CSV format: https://pep.foundation/dev/repos/pEpEngine/file/tip/db.</p>
   1.542 +<p id="rfc.section.1.p.4">In addition to contact verification, Trustwords are also used for other purposes, such as Human-Readable 128-bit Keys <a href="#RFC1751" class="xref">[RFC1751]</a>, One Time Passwords (OTP) <a href="#RFC1760" class="xref">[RFC1760]</a> <a href="#RFC2289" class="xref">[RFC2289]</a>, SSH host-key verification, VPN server certificate verification, deriving private keys in blockchain applications for cryptocurrencies, and to import or synchronize secret keys across multiple devices owned by a single user <a href="#I-D.pep-keysync" class="xref">[I-D.pep-keysync]</a>.  Further ideas include the use of Trustwords for private key recovery in case of loss, contact verification in Extensible Messaging and Presence Protocol (XMPP) <a href="#RFC6120" class="xref">[RFC6120]</a>, or for X.509 certificate verification in browsers <a href="#RFC3647" class="xref">[RFC3647]</a>.</p>
   1.543 +<h1 id="rfc.section.1.1">
   1.544 +<a href="#rfc.section.1.1">1.1.</a> <a href="#requirements-language" id="requirements-language">Requirements Language</a>
   1.545 +</h1>
   1.546 +<p id="rfc.section.1.1.p.1">The key words &#8220;MUST&#8221;, &#8220;MUST NOT&#8221;, &#8220;REQUIRED&#8221;, &#8220;SHALL&#8221;, &#8220;SHALL NOT&#8221;, &#8220;SHOULD&#8221;, &#8220;SHOULD NOT&#8221;, &#8220;RECOMMENDED&#8221;, &#8220;MAY&#8221;, and &#8220;OPTIONAL&#8221; in this document are to be interpreted as described in <a href="#RFC2119" class="xref">[RFC2119]</a>.</p>
   1.547 +<h1 id="rfc.section.1.2">
   1.548 +<a href="#rfc.section.1.2">1.2.</a> <a href="#terms" id="terms">Terms</a>
   1.549 +</h1>
   1.550 +<p id="rfc.section.1.2.p.1">The following terms are defined for the scope of this document:</p>
   1.551 +<p></p>
   1.552 +
   1.553 +<ul>
   1.554 +<li>pEp Handshake: The process of one user contacting another over an independent channel in order to verify Trustwords (or fingerprints as a fallback). This can be done in-person or through established verbal communication channels, like a phone call. <a href="#I-D.marques-pep-handshake" class="xref">[I-D.marques-pep-handshake]</a> </li>
   1.555 +<li>Man-in-the-middle (MITM) attack: cf. <a href="#RFC4949" class="xref">[RFC4949]</a>, which states: &#8220;A form of active wiretapping attack in which the attacker intercepts and selectively modifies communicated data to masquerade as one or more of the entities involved in a communication association.&#8221;</li>
   1.556 +</ul>
   1.557 +<h1 id="rfc.section.2">
   1.558 +<a href="#rfc.section.2">2.</a> <a href="#the-concept-of-trustword-mapping" id="the-concept-of-trustword-mapping">The Concept of Trustword Mapping</a>
   1.559 +</h1>
   1.560 +<h1 id="rfc.section.2.1">
   1.561 +<a href="#rfc.section.2.1">2.1.</a> <a href="#example" id="example">Example</a>
   1.562 +</h1>
   1.563 +<p id="rfc.section.2.1.p.1">As already discussed, fingerprints normally consist of a string of hexadecimal characters. A typical fingerprint looks like this:</p>
   1.564 +<p></p>
   1.565 +
   1.566 +<ul class="empty"><li>F482 E952 2F48 618B 01BC 31DC 5428 D7FA ACDC 3F13</li></ul>
   1.567 +<p id="rfc.section.2.1.p.3">Instead of the hexadecimal string, Trustwords allow users to compare ten common words of a language of their choosing. For example, the above fingerprint, mapped to English Trustwords, might appear as:</p>
   1.568 +<p></p>
   1.569 +
   1.570 +<ul class="empty"><li>dog house brother town fat bath school banana kite task</li></ul>
   1.571 +<p id="rfc.section.2.1.p.5">The same fingerprint might appear in German Trustwords as:</p>
   1.572 +<p></p>
   1.573 +
   1.574 +<ul class="empty"><li>klima gelb lappen weg trinken alles kaputt rasen rucksack durch</li></ul>
   1.575 +<p id="rfc.section.2.1.p.7">Note: These examples are for illustration purposes only, and are not derived from any published Trustword list.</p>
   1.576 +<h1 id="rfc.section.2.2">
   1.577 +<a href="#rfc.section.2.2">2.2.</a> <a href="#previous-work" id="previous-work">Previous work</a>
   1.578 +</h1>
   1.579 +<p id="rfc.section.2.2.p.1">The basic concept of Trustword mapping - also known as a biometric word list - for fingerprint comparison is well-documented. Examples of this concept are used with One-Time Passwords (OTP) <a href="#RFC1751" class="xref">[RFC1751]</a> <a href="#RFC1760" class="xref">[RFC1760]</a> <a href="#RFC2289" class="xref">[RFC2289]</a>, as well as the PGP Word List (&#8220;Pretty Good Privacy word list&#8221; <a href="#PGP.wl" class="xref">[PGP.wl]</a>.  Furthermore, cryptocurrencies use a similar concept for deriving private keys <a href="#bitcoin.wl" class="xref">[bitcoin.wl]</a>.</p>
   1.580 +<p id="rfc.section.2.2.p.2">[[ TODO: Explain each previous usage a bit further and synchronize with section <a href="#introduction" class="xref">Section 1</a>. ]]</p>
   1.581 +<p id="rfc.section.2.2.p.3">Regarding today&#8217;s needs, previous proposals have the following shortcomings:</p>
   1.582 +<p></p>
   1.583 +
   1.584 +<ul>
   1.585 +<li>Small/limited word lists, which generally result in more words to compare</li>
   1.586 +<li>Existing word lists are usually only available in English, which limits their usefulness for non-English speakers</li>
   1.587 +</ul>
   1.588 +<p id="rfc.section.2.2.p.5">Furthermore, there are differences in the basic concept:</p>
   1.589 +<p></p>
   1.590 +
   1.591 +<ul>
   1.592 +<li>The Trustword concept suggested herein intends to improve usability and security for all users, instead of only the technically-savvy.</li>
   1.593 +<li>In many use cases, Trustwords are only read (aloud) during the comparison process, rather than being written or typed. For example, two users might compare their respective Trustwords during a phone call.  Verbal comparison reduces the need to keep the actual Trustwords short. The use of longer Trustwords increases the entropy within the system, as it allows for a larger dictionary, and thus reduces the likelihood of phonetic collisions.</li>
   1.594 +</ul>
   1.595 +<h1 id="rfc.section.2.3">
   1.596 +<a href="#rfc.section.2.3">2.3.</a> <a href="#number-of-trustwords-for-a-language" id="number-of-trustwords-for-a-language">Number of Trustwords for a language</a>
   1.597 +</h1>
   1.598 +<p id="rfc.section.2.3.p.1">If the number of Trustwords in a dictionary is low, shorter parts of the original string (e.g., fingerprint) can be mapped to a single Trustword. Thus, many Trustwords will need to be compared, which results in a potentially cumbersome process for users, and lead to reduced usability.</p>
   1.599 +<p id="rfc.section.2.3.p.2">To reduce the number of Trustwords that need to be compared, pEp&#8217;s Privacy by Default proposition <a href="#I-D.birk-pep" class="xref">[I-D.birk-pep]</a> calls for 16-bit scalars to be mapped to natural language words.  Therefore, the size (by number of key-value pairs) of any key-value pair structure is 65536.  However, the number of unique values to be used in a language may be smaller than this number.  This discrepancy can be addressed by using the same value, or Trustword, for more than one key.  In such cases, the entropy of the representation is slightly reduced.  For example, a Trustword list of 42000 words still allows for an entropy of log_2(42000), which is roughly 15.36 bits in 16-bit mappings. As a consequence such Trustword lists are not bijective.</p>
   1.600 +<p id="rfc.section.2.3.p.3">On the other hand, small Trustword lists allow for Trustwords consisting of words with shorter strings (number of short words per natural language is normally limited), which are easier to use in implementations where Trustwords have to be typed or written, such as in OTP applications.</p>
   1.601 +<p id="rfc.section.2.3.p.4">Note: This specification allows for registration of variable numbers of Trustwords per dictionary.</p>
   1.602 +<h1 id="rfc.section.2.4">
   1.603 +<a href="#rfc.section.2.4">2.4.</a> <a href="#language" id="language">Language</a>
   1.604 +</h1>
   1.605 +<p id="rfc.section.2.4.p.1">Although English is used around the world, the vast majority of the global population is not English-speaking.  For an application to be useful to as wide of a user base as possible, localization is essential. Therefore, this specification allows for registration of Trustword lists in different languages.</p>
   1.606 +<p id="rfc.section.2.4.p.2">In applications where two humans are attempting to establish secure communications, it is likely that they share a common language.  At this time, no real-world use cases for Trustword list translation capability have been identified.  Because the translation process inherently - and drastically - increases complexity from an IANA registration standpoint, the topic of Trustword translation is beyond the scope of this document.</p>
   1.607 +<h1 id="rfc.section.2.5">
   1.608 +<a href="#rfc.section.2.5">2.5.</a> <a href="#the-nature-of-the-words" id="the-nature-of-the-words">The nature of the words</a>
   1.609 +</h1>
   1.610 +<p id="rfc.section.2.5.p.1">Every Trustword list SHOULD be clear of offensive language (i.e., swear/curse words, slurs, derogatory language, etc.).  This process SHOULD be performed by native speakers of each respective language.</p>
   1.611 +<h1 id="rfc.section.3">
   1.612 +<a href="#rfc.section.3">3.</a> <a href="#security-considerations" id="security-considerations">Security Considerations</a>
   1.613 +</h1>
   1.614 +<p id="rfc.section.3.p.1">There are no specific security considerations.</p>
   1.615 +<h1 id="rfc.section.4">
   1.616 +<a href="#rfc.section.4">4.</a> <a href="#privacy-considerations" id="privacy-considerations">Privacy Considerations</a>
   1.617 +</h1>
   1.618 +<p id="rfc.section.4.p.1">[[ TODO ]]</p>
   1.619 +<h1 id="rfc.section.5">
   1.620 +<a href="#rfc.section.5">5.</a> <a href="#iana-considerations" id="iana-considerations">IANA Considerations</a>
   1.621 +</h1>
   1.622 +<p id="rfc.section.5.p.1">Each natural language requires a different set of Trustwords. To allow implementers for identical Trustword lists, a IANA registry is to be established. The IANA registration policy according to <a href="#RFC8126" class="xref">[RFC8126]</a> is &#8220;Expert Review&#8221; and &#8220;Specification Required&#8221;.</p>
   1.623 +<p id="rfc.section.5.p.2">[[ Note: Further details of the IANA registry and requirements for the expert to assess the specification are for further study. A similar approach as used in <a href="#RFC6117" class="xref">[RFC6117]</a> is likely followed. ]]</p>
   1.624 +<h1 id="rfc.section.5.1">
   1.625 +<a href="#rfc.section.5.1">5.1.</a> <a href="#registration-template-xml-chunk" id="registration-template-xml-chunk">Registration Template (XML chunk)</a>
   1.626 +</h1>
   1.627 +<pre>
   1.628 +  &lt;record&gt;
   1.629 +    &lt;languagecode&gt;
   1.630 +      &lt;!--  ISO 639-3 (e.g. eng, deu, ...) --&gt;
   1.631 +    &lt;/languagecode&gt;
   1.632 +    &lt;bitsize&gt;
   1.633 +      &lt;!-- How many bits can be mapped with this list
   1.634 +           (e.g. 8, 16, ...) --&gt;
   1.635 +    &lt;/bitsize&gt;
   1.636 +    &lt;numberofuniquewords&gt;
   1.637 +      &lt;!-- number of unique words registered
   1.638 +           (e.g. 256, 65536, ...) --&gt;
   1.639 +    &lt;/numberofuniquewords&gt;
   1.640 +    &lt;bijective&gt;
   1.641 +      &lt;!-- whether or not the list allows for a two-way-mapping
   1.642 +           (e.g. yes, no) --&gt;
   1.643 +    &lt;/bijective&gt;
   1.644 +    &lt;version&gt;
   1.645 +      &lt;!-- version number within language
   1.646 +           (e.g. b.1.2, n.0.1, ...)  --&gt;
   1.647 +    &lt;/version&gt;
   1.648 +    &lt;registrationdocs&gt;
   1.649 +      &lt;!-- Change accordingly --&gt;
   1.650 +      &lt;xref type="rfc" data="rfc2551"/&gt;
   1.651 +    &lt;/registrationdocs&gt;
   1.652 +    &lt;requesters&gt;
   1.653 +      &lt;!-- Change accordingly --&gt;
   1.654 +      &lt;xref type="person" data="John_Doe"/&gt;
   1.655 +      &lt;xref type="person" data="Jane_Dale"/&gt;
   1.656 +    &lt;/requesters&gt;
   1.657 +    &lt;additionalinfo&gt;
   1.658 +      &lt;paragraph&gt;
   1.659 +        &lt;!-- Text with additional information about
   1.660 +             the Wordlist to be registered --&gt;
   1.661 +      &lt;/paragraph&gt;
   1.662 +      &lt;artwork&gt;
   1.663 +        &lt;!-- There can be artwork sections, too --&gt;
   1.664 +      &lt;/artwork&gt;
   1.665 +    &lt;/additionalinfo&gt;
   1.666 +    &lt;wordlist&gt;
   1.667 +      &lt;!-- Change accordingly --&gt;
   1.668 +      &lt;w0&gt;first&lt;/w0&gt;
   1.669 +      &lt;w1&gt;second&lt;/w1&gt;
   1.670 +      [...]
   1.671 +      &lt;w65535&gt;last&lt;w65535&gt;
   1.672 +    &lt;/wordlist&gt;
   1.673 +  &lt;/record&gt;
   1.674 + 
   1.675 +  &lt;people&gt;
   1.676 +    &lt;person id="John_Doe"&gt;
   1.677 +      &lt;name&gt; &lt;!-- Firstname Lastname --&gt; &lt;/name&gt;
   1.678 +      &lt;org&gt; &lt;!-- Organization Name --&gt; &lt;/org&gt;
   1.679 +      &lt;uri&gt; &lt;!-- mailto: or http: URI --&gt; &lt;/uri&gt;
   1.680 +      &lt;updated&gt; &lt;!-- date format YYYY-MM-DD --&gt; &lt;/updated&gt;
   1.681 +    &lt;/person&gt;
   1.682 +    &lt;!-- repeat person section for each person --&gt;
   1.683 +  &lt;/people&gt;
   1.684 +</pre>
   1.685 +<p id="rfc.section.5.1.p.1">Authors of a Wordlist are encouraged to use these XML chunks as a template to create the IANA Registration Template.</p>
   1.686 +<h1 id="rfc.section.5.2">
   1.687 +<a href="#rfc.section.5.2">5.2.</a> <a href="#iana-registration" id="iana-registration">IANA Registration</a>
   1.688 +</h1>
   1.689 +<p id="rfc.section.5.2.p.1">An IANA registration will contain the fallowing elements:</p>
   1.690 +<h1 id="rfc.section.5.2.1">
   1.691 +<a href="#rfc.section.5.2.1">5.2.1.</a> <a href="#language-code-languagecode" id="language-code-languagecode">Language Code (&lt;languagecode&gt;)</a>
   1.692 +</h1>
   1.693 +<p id="rfc.section.5.2.1.p.1">The language code follows the ISO 639-3 specification <a href="#ISO639" class="xref">[ISO639]</a>, e.g., eng, deu.</p>
   1.694 +<p id="rfc.section.5.2.1.p.2">[[ Note: It is for further study, which of the ISO 639 Specifications is most suitable to address the Trustwords&#8217; challenge. ]]</p>
   1.695 +<p id="rfc.section.5.2.1.p.3">Example usage for German:</p>
   1.696 +<pre>
   1.697 +e.g.  &lt;languagecode&gt;deu&lt;/languagecode&gt;
   1.698 +</pre>
   1.699 +<h1 id="rfc.section.5.2.2">
   1.700 +<a href="#rfc.section.5.2.2">5.2.2.</a> <a href="#bit-size-bitsize" id="bit-size-bitsize">Bit Size (&lt;bitsize&gt;)</a>
   1.701 +</h1>
   1.702 +<p id="rfc.section.5.2.2.p.1">The bit size is the number of bits that can be mapped with the Wordlist. The number of registered words in a word list MUST be 2 ^ <samp>(&lt;bitsize&gt;)</samp>.</p>
   1.703 +<p id="rfc.section.5.2.2.p.2">Example usage for 16-bit Wordlist:</p>
   1.704 +<pre>
   1.705 +e.g.  &lt;bitsize&gt;16&lt;/bitsize&gt;
   1.706 +</pre>
   1.707 +<h1 id="rfc.section.5.2.3">
   1.708 +<a href="#rfc.section.5.2.3">5.2.3.</a> <a href="#number-of-unique-words-numberofuniquewords" id="number-of-unique-words-numberofuniquewords">Number Of Unique Words (&lt;numberofuniquewords&gt;)</a>
   1.709 +</h1>
   1.710 +<p id="rfc.section.5.2.3.p.1">The number of unique words that are registered.</p>
   1.711 +<pre>
   1.712 +e.g.  &lt;numberofuniquewords&gt;65536&lt;/numberofuniquewords&gt;
   1.713 +</pre>
   1.714 +<h1 id="rfc.section.5.2.4">
   1.715 +<a href="#rfc.section.5.2.4">5.2.4.</a> <a href="#bijectivity-bijective" id="bijectivity-bijective">Bijectivity (&lt;bijective&gt;)</a>
   1.716 +</h1>
   1.717 +<p id="rfc.section.5.2.4.p.1">Whether the registered Wordlist has a one-to-one mapping, meaning the number of unique words registered equals 2 ^ <samp>(&lt;bitsize&gt;)</samp>.</p>
   1.718 +<p id="rfc.section.5.2.4.p.2">Valid content: ( yes | no )</p>
   1.719 +<pre>
   1.720 +e.g.  &lt;bijective&gt;yes&lt;/bijective&gt;
   1.721 +</pre>
   1.722 +<h1 id="rfc.section.5.2.5">
   1.723 +<a href="#rfc.section.5.2.5">5.2.5.</a> <a href="#version-version" id="version-version">Version (&lt;version&gt;)</a>
   1.724 +</h1>
   1.725 +<p id="rfc.section.5.2.5.p.1">The version of the Wordlist MUST be unique within a language code.</p>
   1.726 +<p id="rfc.section.5.2.5.p.2">[[ Note: Requirements to a &#8220;smart&#8221; composition of the version number are for further study ]]</p>
   1.727 +<pre>
   1.728 +e.g.  &lt;version&gt;b.1.2&lt;/version&gt;
   1.729 +</pre>
   1.730 +<h1 id="rfc.section.5.2.6">
   1.731 +<a href="#rfc.section.5.2.6">5.2.6.</a> <a href="#registration-documents-registrationdocs" id="registration-documents-registrationdocs">Registration Document(s) (&lt;registrationdocs&gt;)</a>
   1.732 +</h1>
   1.733 +<p id="rfc.section.5.2.6.p.1">Reference(s) to the Document(s) containing the Wordlist</p>
   1.734 +<pre>
   1.735 +e.g.  &lt;registrationdocs&gt;
   1.736 +        &lt;xref type="rfc" data="rfc4979"/&gt;
   1.737 +      &lt;/registrationdocs&gt;
   1.738 +
   1.739 +e.g.  &lt;registrationdocs&gt;
   1.740 +        &lt;xref type="rfc" data="rfc8888"/&gt; (obsoleted by RFC 9999)
   1.741 +        &lt;xref type="rfc" data="rfc9999"/&gt;
   1.742 +      &lt;/registrationdocs&gt;
   1.743 +
   1.744 +e.g.  &lt;registrationdocs&gt;
   1.745 +        [International Telecommunications Union,
   1.746 +        "Wordlist for Foobar application",
   1.747 +        ITU-F Recommendation B.193, Release 73, Mar 2009.]
   1.748 +      &lt;/registrationdocs&gt;
   1.749 +</pre>
   1.750 +<h1 id="rfc.section.5.2.7">
   1.751 +<a href="#rfc.section.5.2.7">5.2.7.</a> <a href="#requesters-requesters" id="requesters-requesters">Requesters (&lt;requesters&gt;)</a>
   1.752 +</h1>
   1.753 +<p id="rfc.section.5.2.7.p.1">The persons requesting the registration of the Wordlist. Usually these are the authors of the Wordlist.</p>
   1.754 +<pre>
   1.755 +e.g.  &lt;requesters&gt;
   1.756 +        &lt;xref type="person" data="John_Doe"/&gt;
   1.757 +      &lt;/requesters&gt;
   1.758 +
   1.759 +      &lt;people&gt;
   1.760 +        &lt;person id="John_Doe"&gt;
   1.761 +          &lt;name&gt;John Doe&lt;/name&gt;
   1.762 +          &lt;org&gt;Example Inc.&lt;/org&gt;
   1.763 +          &lt;uri&gt;mailto:john.doe@example.com&lt;/uri&gt;
   1.764 +          &lt;updated&gt;2018-06-20&lt;/updated&gt;
   1.765 +        &lt;/person&gt;
   1.766 +      &lt;/people&gt;
   1.767 +</pre>
   1.768 +<p id="rfc.section.5.2.7.p.2">Note: If there is more than one requester, there must be one &lt;xref&gt; element per requester in the &lt;requesters&gt; element, and one &lt;person&gt; chunk per requester in the &lt;people&gt; element.</p>
   1.769 +<h1 id="rfc.section.5.2.8">
   1.770 +<a href="#rfc.section.5.2.8">5.2.8.</a> <a href="#further-information-additionalinfo" id="further-information-additionalinfo">Further Information (&lt;additionalinfo&gt;)</a>
   1.771 +</h1>
   1.772 +<p id="rfc.section.5.2.8.p.1">Any other information the authors deem interesting.</p>
   1.773 +<pre>
   1.774 +e.g.  &lt;additionalinfo&gt;
   1.775 +        &lt;paragraph&gt;more info goes here&lt;/paragraph&gt;
   1.776 +      &lt;/additionalinfo&gt;
   1.777 +</pre>
   1.778 +<p id="rfc.section.5.2.8.p.2">Note: If there is no such additional information, then the &lt;additionalinfo&gt; element is omitted.</p>
   1.779 +<h1 id="rfc.section.5.2.9">
   1.780 +<a href="#rfc.section.5.2.9">5.2.9.</a> <a href="#wordlist-wordlist" id="wordlist-wordlist">Wordlist (&lt;wordlist&gt;)</a>
   1.781 +</h1>
   1.782 +<p id="rfc.section.5.2.9.p.1">The full Wordlist to be registered. The number of words MUST be a power of 2 as specified above. The element names serve as key used for enumeration of the Trustwords (starting at 0) and the elements contains the values being individual natural language words in the respective language.</p>
   1.783 +<pre>
   1.784 +e.g.  &lt;wordlist&gt;
   1.785 +        &lt;w0&gt;first&lt;/w0&gt;
   1.786 +        &lt;w1&gt;second&lt;/w1&gt;
   1.787 +        [...]
   1.788 +        &lt;w65535&gt;last&lt;w65535&gt;
   1.789 +      &lt;/wordlist&gt;
   1.790 +
   1.791 +] ]&gt;
   1.792 +</pre>
   1.793 +<p id="rfc.section.5.2.9.p.2">[[ Note: The exact representation of the Wordlist is for further study.  ]]</p>
   1.794 +<h1 id="rfc.section.6">
   1.795 +<a href="#rfc.section.6">6.</a> <a href="#acknowledgments" id="acknowledgments">Acknowledgments</a>
   1.796 +</h1>
   1.797 +<p id="rfc.section.6.p.1">The authors would like to thank the following people who have provided feedback or significant contributions to the development of this document: Andrew Sullivan, Claudio Luck, Daniel Kahn Gilmore, Kelly Bristol, Michael Richardson, Rich Salz, Volker Birk, and Yoav Nir.</p>
   1.798 +<p id="rfc.section.6.p.2">This work was initially created by pEp Foundation, and then reviewed and extended with funding by the Internet Society&#8217;s Beyond the Net Programme on standardizing pEp. <a href="#ISOC.bnet" class="xref">[ISOC.bnet]</a></p>
   1.799 +<h1 id="rfc.references">
   1.800 +<a href="#rfc.references">7.</a> References</h1>
   1.801 +<h1 id="rfc.references.1">
   1.802 +<a href="#rfc.references.1">7.1.</a> Normative References</h1>
   1.803 +<table><tbody>
   1.804 +<tr>
   1.805 +<td class="reference"><b id="RFC2119">[RFC2119]</b></td>
   1.806 +<td class="top">
   1.807 +<a>Bradner, S.</a>, "<a href="https://tools.ietf.org/html/rfc2119">Key words for use in RFCs to Indicate Requirement Levels</a>", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997.</td>
   1.808 +</tr>
   1.809 +<tr>
   1.810 +<td class="reference"><b id="RFC4949">[RFC4949]</b></td>
   1.811 +<td class="top">
   1.812 +<a>Shirey, R.</a>, "<a href="https://tools.ietf.org/html/rfc4949">Internet Security Glossary, Version 2</a>", FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007.</td>
   1.813 +</tr>
   1.814 +<tr>
   1.815 +<td class="reference"><b id="RFC8126">[RFC8126]</b></td>
   1.816 +<td class="top">
   1.817 +<a>Cotton, M.</a>, <a>Leiba, B.</a> and <a>T. Narten</a>, "<a href="https://tools.ietf.org/html/rfc8126">Guidelines for Writing an IANA Considerations Section in RFCs</a>", BCP 26, RFC 8126, DOI 10.17487/RFC8126, June 2017.</td>
   1.818 +</tr>
   1.819 +</tbody></table>
   1.820 +<h1 id="rfc.references.2">
   1.821 +<a href="#rfc.references.2">7.2.</a> Informative References</h1>
   1.822 +<table><tbody>
   1.823 +<tr>
   1.824 +<td class="reference"><b id="bitcoin.wl">[bitcoin.wl]</b></td>
   1.825 +<td class="top">"<a href="https://en.bitcoin.it/w/index.php?title=Seed_phrase&amp;oldid=66492#Word_Lists">Seed Phrase</a>", June 2019.</td>
   1.826 +</tr>
   1.827 +<tr>
   1.828 +<td class="reference"><b id="I-D.birk-pep">[I-D.birk-pep]</b></td>
   1.829 +<td class="top">
   1.830 +<a>Birk, V.</a>, <a>Marques, H.</a> and <a>B. Hoeneisen</a>, "<a href="https://tools.ietf.org/html/draft-birk-pep-05">pretty Easy privacy (pEp): Privacy by Default</a>", Internet-Draft draft-birk-pep-05, November 2019.</td>
   1.831 +</tr>
   1.832 +<tr>
   1.833 +<td class="reference"><b id="I-D.marques-pep-handshake">[I-D.marques-pep-handshake]</b></td>
   1.834 +<td class="top">
   1.835 +<a>Marques, H.</a> and <a>B. Hoeneisen</a>, "<a href="https://tools.ietf.org/html/draft-marques-pep-handshake-04">pretty Easy privacy (pEp): Contact and Channel Authentication through Handshake</a>", Internet-Draft draft-marques-pep-handshake-04, January 2020.</td>
   1.836 +</tr>
   1.837 +<tr>
   1.838 +<td class="reference"><b id="I-D.pep-keysync">[I-D.pep-keysync]</b></td>
   1.839 +<td class="top">
   1.840 +<a>Birk, V.</a>, <a>Hoeneisen, B.</a> and <a>K. Bristol</a>, "<a href="https://tools.ietf.org/html/draft-pep-keysync-00">pretty Easy privacy (pEp): Key Synchronization Protocol (KeySync)</a>", Internet-Draft draft-pep-keysync-00, November 2019.</td>
   1.841 +</tr>
   1.842 +<tr>
   1.843 +<td class="reference"><b id="ISO639">[ISO639]</b></td>
   1.844 +<td class="top">"<a href="https://www.iso.org/iso-639-language-codes.html">Language codes - ISO 639</a>", n.d..</td>
   1.845 +</tr>
   1.846 +<tr>
   1.847 +<td class="reference"><b id="ISOC.bnet">[ISOC.bnet]</b></td>
   1.848 +<td class="top">
   1.849 +<a>Simao, I.</a>, "<a href="https://www.internetsociety.org/blog/2017/06/12-innovative-projects-selected-for-beyond-the-net-funding/">Beyond the Net. 12 Innovative Projects Selected for Beyond the Net Funding. Implementing Privacy via Mass Encryption: Standardizing pretty Easy privacy&#8217;s protocols</a>", June 2017.</td>
   1.850 +</tr>
   1.851 +<tr>
   1.852 +<td class="reference"><b id="PGP.wl">[PGP.wl]</b></td>
   1.853 +<td class="top">"<a href="https://en.wikipedia.org/w/index.php?title=PGP_word_list&amp;oldid=749481933">PGP word list</a>", November 2017.</td>
   1.854 +</tr>
   1.855 +<tr>
   1.856 +<td class="reference"><b id="RFC1751">[RFC1751]</b></td>
   1.857 +<td class="top">
   1.858 +<a>McDonald, D.</a>, "<a href="https://tools.ietf.org/html/rfc1751">A Convention for Human-Readable 128-bit Keys</a>", RFC 1751, DOI 10.17487/RFC1751, December 1994.</td>
   1.859 +</tr>
   1.860 +<tr>
   1.861 +<td class="reference"><b id="RFC1760">[RFC1760]</b></td>
   1.862 +<td class="top">
   1.863 +<a>Haller, N.</a>, "<a href="https://tools.ietf.org/html/rfc1760">The S/KEY One-Time Password System</a>", RFC 1760, DOI 10.17487/RFC1760, February 1995.</td>
   1.864 +</tr>
   1.865 +<tr>
   1.866 +<td class="reference"><b id="RFC2289">[RFC2289]</b></td>
   1.867 +<td class="top">
   1.868 +<a>Haller, N.</a>, <a>Metz, C.</a>, <a>Nesser, P.</a> and <a>M. Straw</a>, "<a href="https://tools.ietf.org/html/rfc2289">A One-Time Password System</a>", STD 61, RFC 2289, DOI 10.17487/RFC2289, February 1998.</td>
   1.869 +</tr>
   1.870 +<tr>
   1.871 +<td class="reference"><b id="RFC3647">[RFC3647]</b></td>
   1.872 +<td class="top">
   1.873 +<a>Chokhani, S.</a>, <a>Ford, W.</a>, <a>Sabett, R.</a>, <a>Merrill, C.</a> and <a>S. Wu</a>, "<a href="https://tools.ietf.org/html/rfc3647">Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework</a>", RFC 3647, DOI 10.17487/RFC3647, November 2003.</td>
   1.874 +</tr>
   1.875 +<tr>
   1.876 +<td class="reference"><b id="RFC6117">[RFC6117]</b></td>
   1.877 +<td class="top">
   1.878 +<a>Hoeneisen, B.</a>, <a>Mayrhofer, A.</a> and <a>J. Livingood</a>, "<a href="https://tools.ietf.org/html/rfc6117">IANA Registration of Enumservices: Guide, Template, and IANA Considerations</a>", RFC 6117, DOI 10.17487/RFC6117, March 2011.</td>
   1.879 +</tr>
   1.880 +<tr>
   1.881 +<td class="reference"><b id="RFC6120">[RFC6120]</b></td>
   1.882 +<td class="top">
   1.883 +<a>Saint-Andre, P.</a>, "<a href="https://tools.ietf.org/html/rfc6120">Extensible Messaging and Presence Protocol (XMPP): Core</a>", RFC 6120, DOI 10.17487/RFC6120, March 2011.</td>
   1.884 +</tr>
   1.885 +</tbody></table>
   1.886 +<h1 id="rfc.appendix.A">
   1.887 +<a href="#rfc.appendix.A">Appendix A.</a> <a href="#iana-xml-template-example" id="iana-xml-template-example">IANA XML Template Example</a>
   1.888 +</h1>
   1.889 +<p id="rfc.section.A.p.1">This section contains a non-normative example of the IANA Registration Template XML chunk.</p>
   1.890 +<pre>
   1.891 +  &lt;record&gt;
   1.892 +    &lt;languagecode&gt;lat&lt;/languagecode&gt;
   1.893 +    &lt;bitsize&gt;16&lt;/bitsize&gt;
   1.894 +    &lt;numberofuniquewords&gt;57337&lt;/numberofuniquewords&gt;
   1.895 +    &lt;bijective&gt;no&lt;/bijective&gt;
   1.896 +    &lt;version&gt;n.0.1&lt;/version&gt;
   1.897 +    &lt;registrationdocs&gt;
   1.898 +      &lt;xref type="rfc" data="rfc2551"/&gt;
   1.899 +    &lt;/registrationdocs&gt;
   1.900 +    &lt;requesters&gt;
   1.901 +      &lt;xref type="person" data="Julius_Caesar"/&gt;
   1.902 +    &lt;/requesters&gt;
   1.903 +    &lt;additionalinfo&gt;
   1.904 +      &lt;paragraph&gt;
   1.905 +        This Wordlist has been optimized for
   1.906 +        the Roman Standards Process.
   1.907 +      &lt;/paragraph&gt;
   1.908 +    &lt;/additionalinfo&gt;
   1.909 +    &lt;wordlist&gt;
   1.910 +      &lt;w0&gt;errare&lt;/w0&gt;
   1.911 +      &lt;w1&gt;humanum&lt;/w1&gt;
   1.912 +      [...]
   1.913 +      &lt;w65535&gt;est&lt;w65535&gt;
   1.914 +    &lt;/wordlist&gt;
   1.915 +  &lt;/record&gt;
   1.916 +
   1.917 +  &lt;people&gt;
   1.918 +    &lt;person id="Julius_Caesar"&gt;
   1.919 +      &lt;name&gt;Julius Caesar&lt;/name&gt;
   1.920 +      &lt;org&gt;Curia Romana&lt;/org&gt;
   1.921 +      &lt;uri&gt;mailto:julius.cesar@example.com&lt;/uri&gt;
   1.922 +      &lt;updated&gt;1999-12-31&lt;/updated&gt;
   1.923 +    &lt;/person&gt;
   1.924 +  &lt;/people&gt; 
   1.925 +</pre>
   1.926 +<h1 id="rfc.appendix.B">
   1.927 +<a href="#rfc.appendix.B">Appendix B.</a> <a href="#document-changelog" id="document-changelog">Document Changelog</a>
   1.928 +</h1>
   1.929 +<p id="rfc.section.B.p.1">[[ RFC Editor: This section is to be removed before publication ]]</p>
   1.930 +<p></p>
   1.931 +
   1.932 +<ul>
   1.933 +<li>draft-birk-pep-trustwords-05: <ul><li>Update terms and references</li></ul>
   1.934 +</li>
   1.935 +<li>draft-birk-pep-trustwords-04: <ul>
   1.936 +<li>Add Privacy Considerations section</li>
   1.937 +<li>Swapped Security and IANA Consideration Sections</li>
   1.938 +<li>Corrected typo in ISO references</li>
   1.939 +<li>Updated Introduction, Terms and concept Sections</li>
   1.940 +</ul>
   1.941 +</li>
   1.942 +<li>draft-birk-pep-trustwords-03: <ul>
   1.943 +<li>Update references</li>
   1.944 +<li>Minor edits</li>
   1.945 +</ul>
   1.946 +</li>
   1.947 +<li>draft-birk-pep-trustwords-02: <ul>
   1.948 +<li>Minor editorial changes and bug fixes</li>
   1.949 +<li>Added more items to Open Issues</li>
   1.950 +<li>Add usage example</li>
   1.951 +</ul>
   1.952 +</li>
   1.953 +<li>draft-birk-pep-trustwords-01: <ul>
   1.954 +<li>Included feedback from mailing list and IETF-101 SECDISPATCH WG, e.g.  <ul>
   1.955 +<li>Added more explanatory text / less focused on the main use case</li>
   1.956 +<li>Bit size as parameter</li>
   1.957 +</ul>
   1.958 +</li>
   1.959 +<li>Explicitly stated translations are out-of-scope for this document</li>
   1.960 +<li>Added draft IANA XML Registration template, considerations, explanation and examples</li>
   1.961 +<li>Added Changelog to Appendix</li>
   1.962 +<li>Added Open Issue section to Appendix</li>
   1.963 +</ul>
   1.964 +</li>
   1.965 +</ul>
   1.966 +<h1 id="rfc.appendix.C">
   1.967 +<a href="#rfc.appendix.C">Appendix C.</a> <a href="#open-issues" id="open-issues">Open Issues</a>
   1.968 +</h1>
   1.969 +<p id="rfc.section.C.p.1">[[ RFC Editor: This section should be empty and is to be removed before publication. ]]</p>
   1.970 +<p></p>
   1.971 +
   1.972 +<ul>
   1.973 +<li>Better explain previous work on Trustwords</li>
   1.974 +<li>More explanatory text for Trustword use cases, properties and requirements</li>
   1.975 +<li>Further details of the IANA registry and requirements for the expert to assess the specification</li>
   1.976 +<li>Decide which ISO language code either 639-1 or 639-3 to use, i.e., ISO-639-1 (e.g., ca, de, en, &#8230;) as currently used in pEp implementations (running code) or ISO-639-3 (eng, deu, ita, &#8230;)</li>
   1.977 +<li>Adjust exact representation of wordlists <ul>
   1.978 +<li>e.g. XML, CSV, &#8230;</li>
   1.979 +<li>Syntax for non-ASCII letters or language symbols (UTF-8) in Wordlists</li>
   1.980 +</ul>
   1.981 +</li>
   1.982 +<li>Need for optional entropy value assigned to words, to account for similar phonetics among words in the same wordlist?</li>
   1.983 +<li>Need for an additional field, to define what a wordlist is optimized for, e.g., &#8220;entropy&#8221;, &#8220;minimize word lengths&#8221;, &#8230;?</li>
   1.984 +<li>Work out (requirements for) &#8220;smart&#8221; composition of the version number</li>
   1.985 +<li>Decide whether in non-bijective Wordlists the redundant words need to be repeated in the IANA Registration</li>
   1.986 +<li>Register only a hash over the wordlist with IANA?</li>
   1.987 +<li>Does it make sense to open registrations for other patterns than just words, e.g., images?</li>
   1.988 +</ul>
   1.989 +<h1 id="rfc.authors"><a href="#rfc.authors">Authors' Addresses</a></h1>
   1.990 +<div class="avoidbreak">
   1.991 +  <address class="vcard">
   1.992 +	<span class="vcardline">
   1.993 +	  <span class="fn">Bernie Hoeneisen</span> 
   1.994 +	  <span class="n hidden">
   1.995 +		<span class="family-name">Hoeneisen</span>
   1.996 +	  </span>
   1.997 +	</span>
   1.998 +	<span class="org vcardline">pEp Foundation</span>
   1.999 +	<span class="adr">
  1.1000 +	  <span class="vcardline">Oberer Graben 4</span>
  1.1001 +
  1.1002 +	  <span class="vcardline">
  1.1003 +		<span class="locality">CH-8400 Winterthur</span>,  
  1.1004 +		<span class="region"></span>
  1.1005 +		<span class="code"></span>
  1.1006 +	  </span>
  1.1007 +	  <span class="country-name vcardline">Switzerland</span>
  1.1008 +	</span>
  1.1009 +	<span class="vcardline">EMail: <a href="mailto:bernie.hoeneisen@pep.foundation">bernie.hoeneisen@pep.foundation</a></span>
  1.1010 +
  1.1011 +<span class="vcardline">URI: <a href="https://pep.foundation/">https://pep.foundation/</a></span>
  1.1012 +
  1.1013 +  </address>
  1.1014 +</div><div class="avoidbreak">
  1.1015 +  <address class="vcard">
  1.1016 +	<span class="vcardline">
  1.1017 +	  <span class="fn">Hernani Marques</span> 
  1.1018 +	  <span class="n hidden">
  1.1019 +		<span class="family-name">Marques</span>
  1.1020 +	  </span>
  1.1021 +	</span>
  1.1022 +	<span class="org vcardline">pEp Foundation</span>
  1.1023 +	<span class="adr">
  1.1024 +	  <span class="vcardline">Oberer Graben 4</span>
  1.1025 +
  1.1026 +	  <span class="vcardline">
  1.1027 +		<span class="locality">CH-8400 Winterthur</span>,  
  1.1028 +		<span class="region"></span>
  1.1029 +		<span class="code"></span>
  1.1030 +	  </span>
  1.1031 +	  <span class="country-name vcardline">Switzerland</span>
  1.1032 +	</span>
  1.1033 +	<span class="vcardline">EMail: <a href="mailto:hernani.marques@pep.foundation">hernani.marques@pep.foundation</a></span>
  1.1034 +
  1.1035 +<span class="vcardline">URI: <a href="https://pep.foundation/">https://pep.foundation/</a></span>
  1.1036 +
  1.1037 +  </address>
  1.1038 +</div>
  1.1039 +
  1.1040 +</body>
  1.1041 +</html>
     2.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     2.2 +++ b/pep-trustwords/archive/draft-birk-pep-trustwords-05.txt	Thu Jan 09 11:38:44 2020 +0100
     2.3 @@ -0,0 +1,896 @@
     2.4 +
     2.5 +
     2.6 +
     2.7 +
     2.8 +Network Working Group                                       B. Hoeneisen
     2.9 +Internet-Draft                                                H. Marques
    2.10 +Intended status: Standards Track                          pEp Foundation
    2.11 +Expires: July 12, 2020                                  January 09, 2020
    2.12 +
    2.13 +
    2.14 +     IANA Registration of Trustword Lists: Guide, Template and IANA
    2.15 +                             Considerations
    2.16 +                      draft-birk-pep-trustwords-05
    2.17 +
    2.18 +Abstract
    2.19 +
    2.20 +   This document specifies the IANA Registration Guidelines for
    2.21 +   Trustwords, describes corresponding registration procedures, and
    2.22 +   provides a guideline for creating Trustword list specifications.
    2.23 +
    2.24 +   Trustwords are common words in a natural language (e.g., English),
    2.25 +   which hexadecimal strings are mapped to.  Such a mapping makes
    2.26 +   verification processes like fingerprint comparisons more practical,
    2.27 +   and less prone to misunderstandings.
    2.28 +
    2.29 +Status of This Memo
    2.30 +
    2.31 +   This Internet-Draft is submitted in full conformance with the
    2.32 +   provisions of BCP 78 and BCP 79.
    2.33 +
    2.34 +   Internet-Drafts are working documents of the Internet Engineering
    2.35 +   Task Force (IETF).  Note that other groups may also distribute
    2.36 +   working documents as Internet-Drafts.  The list of current Internet-
    2.37 +   Drafts is at https://datatracker.ietf.org/drafts/current/.
    2.38 +
    2.39 +   Internet-Drafts are draft documents valid for a maximum of six months
    2.40 +   and may be updated, replaced, or obsoleted by other documents at any
    2.41 +   time.  It is inappropriate to use Internet-Drafts as reference
    2.42 +   material or to cite them other than as "work in progress."
    2.43 +
    2.44 +   This Internet-Draft will expire on July 12, 2020.
    2.45 +
    2.46 +Copyright Notice
    2.47 +
    2.48 +   Copyright (c) 2020 IETF Trust and the persons identified as the
    2.49 +   document authors.  All rights reserved.
    2.50 +
    2.51 +   This document is subject to BCP 78 and the IETF Trust's Legal
    2.52 +   Provisions Relating to IETF Documents
    2.53 +   (https://trustee.ietf.org/license-info) in effect on the date of
    2.54 +   publication of this document.  Please review these documents
    2.55 +   carefully, as they describe your rights and restrictions with respect
    2.56 +
    2.57 +
    2.58 +
    2.59 +Hoeneisen & Marques       Expires July 12, 2020                 [Page 1]
    2.60 +
    2.61 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
    2.62 +
    2.63 +
    2.64 +   to this document.  Code Components extracted from this document must
    2.65 +   include Simplified BSD License text as described in Section 4.e of
    2.66 +   the Trust Legal Provisions and are provided without warranty as
    2.67 +   described in the Simplified BSD License.
    2.68 +
    2.69 +Table of Contents
    2.70 +
    2.71 +   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
    2.72 +     1.1.  Requirements Language . . . . . . . . . . . . . . . . . .   3
    2.73 +     1.2.  Terms . . . . . . . . . . . . . . . . . . . . . . . . . .   3
    2.74 +   2.  The Concept of Trustword Mapping  . . . . . . . . . . . . . .   4
    2.75 +     2.1.  Example . . . . . . . . . . . . . . . . . . . . . . . . .   4
    2.76 +     2.2.  Previous work . . . . . . . . . . . . . . . . . . . . . .   4
    2.77 +     2.3.  Number of Trustwords for a language . . . . . . . . . . .   5
    2.78 +     2.4.  Language  . . . . . . . . . . . . . . . . . . . . . . . .   5
    2.79 +     2.5.  The nature of the words . . . . . . . . . . . . . . . . .   6
    2.80 +   3.  Security Considerations . . . . . . . . . . . . . . . . . . .   6
    2.81 +   4.  Privacy Considerations  . . . . . . . . . . . . . . . . . . .   6
    2.82 +   5.  IANA Considerations . . . . . . . . . . . . . . . . . . . . .   6
    2.83 +     5.1.  Registration Template (XML chunk) . . . . . . . . . . . .   6
    2.84 +     5.2.  IANA Registration . . . . . . . . . . . . . . . . . . . .   8
    2.85 +       5.2.1.  Language Code (<languagecode>)  . . . . . . . . . . .   8
    2.86 +       5.2.2.  Bit Size (<bitsize>)  . . . . . . . . . . . . . . . .   8
    2.87 +       5.2.3.  Number Of Unique Words (<numberofuniquewords>)  . . .   8
    2.88 +       5.2.4.  Bijectivity (<bijective>) . . . . . . . . . . . . . .   8
    2.89 +       5.2.5.  Version (<version>) . . . . . . . . . . . . . . . . .   8
    2.90 +       5.2.6.  Registration Document(s) (<registrationdocs>) . . . .   9
    2.91 +       5.2.7.  Requesters (<requesters>) . . . . . . . . . . . . . .   9
    2.92 +       5.2.8.  Further Information (<additionalinfo>)  . . . . . . .   9
    2.93 +       5.2.9.  Wordlist (<wordlist>) . . . . . . . . . . . . . . . .  10
    2.94 +   6.  Acknowledgments . . . . . . . . . . . . . . . . . . . . . . .  10
    2.95 +   7.  References  . . . . . . . . . . . . . . . . . . . . . . . . .  10
    2.96 +     7.1.  Normative References  . . . . . . . . . . . . . . . . . .  10
    2.97 +     7.2.  Informative References  . . . . . . . . . . . . . . . . .  11
    2.98 +   Appendix A.  IANA XML Template Example  . . . . . . . . . . . . .  12
    2.99 +   Appendix B.  Document Changelog . . . . . . . . . . . . . . . . .  13
   2.100 +   Appendix C.  Open Issues  . . . . . . . . . . . . . . . . . . . .  14
   2.101 +   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .  15
   2.102 +
   2.103 +1.  Introduction
   2.104 +
   2.105 +   In public-key cryptography, comparing the respective public key
   2.106 +   fingerprints for each of the communication partners involved is vital
   2.107 +   to ensure that there is no Man-in-the-Middle (MITM) attack on the
   2.108 +   communication channel.  These fingerprints normally consist of a
   2.109 +   chain of hexadecimal characters, which are often impractical,
   2.110 +   cumbersome, and prone to misunderstandings for end-users.
   2.111 +
   2.112 +
   2.113 +
   2.114 +
   2.115 +Hoeneisen & Marques       Expires July 12, 2020                 [Page 2]
   2.116 +
   2.117 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
   2.118 +
   2.119 +
   2.120 +   To mitigate these challenges, several systems offer Trustword
   2.121 +   comparison as an alternative to these hexadecimal strings.
   2.122 +   Trustwords are common words in a natural language (e.g., English),
   2.123 +   which these hexadecimal strings are mapped to.  Using Trustwords
   2.124 +   makes verification processes like fingerprint comparisons more
   2.125 +   natural for users.
   2.126 +
   2.127 +   For example, in pEp's Privacy by Default proposition [I-D.birk-pep]
   2.128 +   Trustwords are used to facilitate easy contact verification for end-
   2.129 +   to-end encryption.  Trustword comparison is offered after the peers
   2.130 +   have opportunistically exchanged public keys.  Examples of Trustword
   2.131 +   lists used by current pEp implementations can be found here in CSV
   2.132 +   format: https://pep.foundation/dev/repos/pEpEngine/file/tip/db.
   2.133 +
   2.134 +   In addition to contact verification, Trustwords are also used for
   2.135 +   other purposes, such as Human-Readable 128-bit Keys [RFC1751], One
   2.136 +   Time Passwords (OTP) [RFC1760] [RFC2289], SSH host-key verification,
   2.137 +   VPN server certificate verification, deriving private keys in
   2.138 +   blockchain applications for cryptocurrencies, and to import or
   2.139 +   synchronize secret keys across multiple devices owned by a single
   2.140 +   user [I-D.pep-keysync].  Further ideas include the use of Trustwords
   2.141 +   for private key recovery in case of loss, contact verification in
   2.142 +   Extensible Messaging and Presence Protocol (XMPP) [RFC6120], or for
   2.143 +   X.509 certificate verification in browsers [RFC3647].
   2.144 +
   2.145 +1.1.  Requirements Language
   2.146 +
   2.147 +   The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
   2.148 +   "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
   2.149 +   document are to be interpreted as described in [RFC2119].
   2.150 +
   2.151 +1.2.  Terms
   2.152 +
   2.153 +   The following terms are defined for the scope of this document:
   2.154 +
   2.155 +   o  pEp Handshake: The process of one user contacting another over an
   2.156 +      independent channel in order to verify Trustwords (or fingerprints
   2.157 +      as a fallback).  This can be done in-person or through established
   2.158 +      verbal communication channels, like a phone call.
   2.159 +      [I-D.marques-pep-handshake]
   2.160 +
   2.161 +   o  Man-in-the-middle (MITM) attack: cf. [RFC4949], which states: "A
   2.162 +      form of active wiretapping attack in which the attacker intercepts
   2.163 +      and selectively modifies communicated data to masquerade as one or
   2.164 +      more of the entities involved in a communication association."
   2.165 +
   2.166 +
   2.167 +
   2.168 +
   2.169 +
   2.170 +
   2.171 +Hoeneisen & Marques       Expires July 12, 2020                 [Page 3]
   2.172 +
   2.173 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
   2.174 +
   2.175 +
   2.176 +2.  The Concept of Trustword Mapping
   2.177 +
   2.178 +2.1.  Example
   2.179 +
   2.180 +   As already discussed, fingerprints normally consist of a string of
   2.181 +   hexadecimal characters.  A typical fingerprint looks like this:
   2.182 +
   2.183 +      F482 E952 2F48 618B 01BC 31DC 5428 D7FA ACDC 3F13
   2.184 +
   2.185 +   Instead of the hexadecimal string, Trustwords allow users to compare
   2.186 +   ten common words of a language of their choosing.  For example, the
   2.187 +   above fingerprint, mapped to English Trustwords, might appear as:
   2.188 +
   2.189 +      dog house brother town fat bath school banana kite task
   2.190 +
   2.191 +   The same fingerprint might appear in German Trustwords as:
   2.192 +
   2.193 +      klima gelb lappen weg trinken alles kaputt rasen rucksack durch
   2.194 +
   2.195 +   Note: These examples are for illustration purposes only, and are not
   2.196 +   derived from any published Trustword list.
   2.197 +
   2.198 +2.2.  Previous work
   2.199 +
   2.200 +   The basic concept of Trustword mapping - also known as a biometric
   2.201 +   word list - for fingerprint comparison is well-documented.  Examples
   2.202 +   of this concept are used with One-Time Passwords (OTP) [RFC1751]
   2.203 +   [RFC1760] [RFC2289], as well as the PGP Word List ("Pretty Good
   2.204 +   Privacy word list" [PGP.wl].  Furthermore, cryptocurrencies use a
   2.205 +   similar concept for deriving private keys [bitcoin.wl].
   2.206 +
   2.207 +   [[ TODO: Explain each previous usage a bit further and synchronize
   2.208 +   with section Section 1. ]]
   2.209 +
   2.210 +   Regarding today's needs, previous proposals have the following
   2.211 +   shortcomings:
   2.212 +
   2.213 +   o  Small/limited word lists, which generally result in more words to
   2.214 +      compare
   2.215 +
   2.216 +   o  Existing word lists are usually only available in English, which
   2.217 +      limits their usefulness for non-English speakers
   2.218 +
   2.219 +   Furthermore, there are differences in the basic concept:
   2.220 +
   2.221 +   o  The Trustword concept suggested herein intends to improve
   2.222 +      usability and security for all users, instead of only the
   2.223 +      technically-savvy.
   2.224 +
   2.225 +
   2.226 +
   2.227 +Hoeneisen & Marques       Expires July 12, 2020                 [Page 4]
   2.228 +
   2.229 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
   2.230 +
   2.231 +
   2.232 +   o  In many use cases, Trustwords are only read (aloud) during the
   2.233 +      comparison process, rather than being written or typed.  For
   2.234 +      example, two users might compare their respective Trustwords
   2.235 +      during a phone call.  Verbal comparison reduces the need to keep
   2.236 +      the actual Trustwords short.  The use of longer Trustwords
   2.237 +      increases the entropy within the system, as it allows for a larger
   2.238 +      dictionary, and thus reduces the likelihood of phonetic
   2.239 +      collisions.
   2.240 +
   2.241 +2.3.  Number of Trustwords for a language
   2.242 +
   2.243 +   If the number of Trustwords in a dictionary is low, shorter parts of
   2.244 +   the original string (e.g., fingerprint) can be mapped to a single
   2.245 +   Trustword.  Thus, many Trustwords will need to be compared, which
   2.246 +   results in a potentially cumbersome process for users, and lead to
   2.247 +   reduced usability.
   2.248 +
   2.249 +   To reduce the number of Trustwords that need to be compared, pEp's
   2.250 +   Privacy by Default proposition [I-D.birk-pep] calls for 16-bit
   2.251 +   scalars to be mapped to natural language words.  Therefore, the size
   2.252 +   (by number of key-value pairs) of any key-value pair structure is
   2.253 +   65536.  However, the number of unique values to be used in a language
   2.254 +   may be smaller than this number.  This discrepancy can be addressed
   2.255 +   by using the same value, or Trustword, for more than one key.  In
   2.256 +   such cases, the entropy of the representation is slightly reduced.
   2.257 +   For example, a Trustword list of 42000 words still allows for an
   2.258 +   entropy of log_2(42000), which is roughly 15.36 bits in 16-bit
   2.259 +   mappings.  As a consequence such Trustword lists are not bijective.
   2.260 +
   2.261 +   On the other hand, small Trustword lists allow for Trustwords
   2.262 +   consisting of words with shorter strings (number of short words per
   2.263 +   natural language is normally limited), which are easier to use in
   2.264 +   implementations where Trustwords have to be typed or written, such as
   2.265 +   in OTP applications.
   2.266 +
   2.267 +   Note: This specification allows for registration of variable numbers
   2.268 +   of Trustwords per dictionary.
   2.269 +
   2.270 +2.4.  Language
   2.271 +
   2.272 +   Although English is used around the world, the vast majority of the
   2.273 +   global population is not English-speaking.  For an application to be
   2.274 +   useful to as wide of a user base as possible, localization is
   2.275 +   essential.  Therefore, this specification allows for registration of
   2.276 +   Trustword lists in different languages.
   2.277 +
   2.278 +   In applications where two humans are attempting to establish secure
   2.279 +   communications, it is likely that they share a common language.  At
   2.280 +
   2.281 +
   2.282 +
   2.283 +Hoeneisen & Marques       Expires July 12, 2020                 [Page 5]
   2.284 +
   2.285 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
   2.286 +
   2.287 +
   2.288 +   this time, no real-world use cases for Trustword list translation
   2.289 +   capability have been identified.  Because the translation process
   2.290 +   inherently - and drastically - increases complexity from an IANA
   2.291 +   registration standpoint, the topic of Trustword translation is beyond
   2.292 +   the scope of this document.
   2.293 +
   2.294 +2.5.  The nature of the words
   2.295 +
   2.296 +   Every Trustword list SHOULD be clear of offensive language (i.e.,
   2.297 +   swear/curse words, slurs, derogatory language, etc.).  This process
   2.298 +   SHOULD be performed by native speakers of each respective language.
   2.299 +
   2.300 +3.  Security Considerations
   2.301 +
   2.302 +   There are no specific security considerations.
   2.303 +
   2.304 +4.  Privacy Considerations
   2.305 +
   2.306 +   [[ TODO ]]
   2.307 +
   2.308 +5.  IANA Considerations
   2.309 +
   2.310 +   Each natural language requires a different set of Trustwords.  To
   2.311 +   allow implementers for identical Trustword lists, a IANA registry is
   2.312 +   to be established.  The IANA registration policy according to
   2.313 +   [RFC8126] is "Expert Review" and "Specification Required".
   2.314 +
   2.315 +   [[ Note: Further details of the IANA registry and requirements for
   2.316 +   the expert to assess the specification are for further study.  A
   2.317 +   similar approach as used in [RFC6117] is likely followed. ]]
   2.318 +
   2.319 +5.1.  Registration Template (XML chunk)
   2.320 +
   2.321 +     <record>
   2.322 +       <languagecode>
   2.323 +         <!--  ISO 639-3 (e.g. eng, deu, ...) -->
   2.324 +       </languagecode>
   2.325 +       <bitsize>
   2.326 +         <!-- How many bits can be mapped with this list
   2.327 +              (e.g. 8, 16, ...) -->
   2.328 +       </bitsize>
   2.329 +       <numberofuniquewords>
   2.330 +         <!-- number of unique words registered
   2.331 +              (e.g. 256, 65536, ...) -->
   2.332 +       </numberofuniquewords>
   2.333 +       <bijective>
   2.334 +         <!-- whether or not the list allows for a two-way-mapping
   2.335 +              (e.g. yes, no) -->
   2.336 +
   2.337 +
   2.338 +
   2.339 +Hoeneisen & Marques       Expires July 12, 2020                 [Page 6]
   2.340 +
   2.341 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
   2.342 +
   2.343 +
   2.344 +       </bijective>
   2.345 +       <version>
   2.346 +         <!-- version number within language
   2.347 +              (e.g. b.1.2, n.0.1, ...)  -->
   2.348 +       </version>
   2.349 +       <registrationdocs>
   2.350 +         <!-- Change accordingly -->
   2.351 +         <xref type="rfc" data="rfc2551"/>
   2.352 +       </registrationdocs>
   2.353 +       <requesters>
   2.354 +         <!-- Change accordingly -->
   2.355 +         <xref type="person" data="John_Doe"/>
   2.356 +         <xref type="person" data="Jane_Dale"/>
   2.357 +       </requesters>
   2.358 +       <additionalinfo>
   2.359 +         <paragraph>
   2.360 +           <!-- Text with additional information about
   2.361 +                the Wordlist to be registered -->
   2.362 +         </paragraph>
   2.363 +         <artwork>
   2.364 +           <!-- There can be artwork sections, too -->
   2.365 +         </artwork>
   2.366 +       </additionalinfo>
   2.367 +       <wordlist>
   2.368 +         <!-- Change accordingly -->
   2.369 +         <w0>first</w0>
   2.370 +         <w1>second</w1>
   2.371 +         [...]
   2.372 +         <w65535>last<w65535>
   2.373 +       </wordlist>
   2.374 +     </record>
   2.375 +
   2.376 +     <people>
   2.377 +       <person id="John_Doe">
   2.378 +         <name> <!-- Firstname Lastname --> </name>
   2.379 +         <org> <!-- Organization Name --> </org>
   2.380 +         <uri> <!-- mailto: or http: URI --> </uri>
   2.381 +         <updated> <!-- date format YYYY-MM-DD --> </updated>
   2.382 +       </person>
   2.383 +       <!-- repeat person section for each person -->
   2.384 +     </people>
   2.385 +
   2.386 +   Authors of a Wordlist are encouraged to use these XML chunks as a
   2.387 +   template to create the IANA Registration Template.
   2.388 +
   2.389 +
   2.390 +
   2.391 +
   2.392 +
   2.393 +
   2.394 +
   2.395 +Hoeneisen & Marques       Expires July 12, 2020                 [Page 7]
   2.396 +
   2.397 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
   2.398 +
   2.399 +
   2.400 +5.2.  IANA Registration
   2.401 +
   2.402 +   An IANA registration will contain the fallowing elements:
   2.403 +
   2.404 +5.2.1.  Language Code (<languagecode>)
   2.405 +
   2.406 +   The language code follows the ISO 639-3 specification [ISO639], e.g.,
   2.407 +   eng, deu.
   2.408 +
   2.409 +   [[ Note: It is for further study, which of the ISO 639 Specifications
   2.410 +   is most suitable to address the Trustwords' challenge. ]]
   2.411 +
   2.412 +   Example usage for German:
   2.413 +
   2.414 +   e.g.  <languagecode>deu</languagecode>
   2.415 +
   2.416 +5.2.2.  Bit Size (<bitsize>)
   2.417 +
   2.418 +   The bit size is the number of bits that can be mapped with the
   2.419 +   Wordlist.  The number of registered words in a word list MUST be 2 ^
   2.420 +   "(<bitsize>)".
   2.421 +
   2.422 +   Example usage for 16-bit Wordlist:
   2.423 +
   2.424 +   e.g.  <bitsize>16</bitsize>
   2.425 +
   2.426 +5.2.3.  Number Of Unique Words (<numberofuniquewords>)
   2.427 +
   2.428 +   The number of unique words that are registered.
   2.429 +
   2.430 +   e.g.  <numberofuniquewords>65536</numberofuniquewords>
   2.431 +
   2.432 +5.2.4.  Bijectivity (<bijective>)
   2.433 +
   2.434 +   Whether the registered Wordlist has a one-to-one mapping, meaning the
   2.435 +   number of unique words registered equals 2 ^ "(<bitsize>)".
   2.436 +
   2.437 +   Valid content: ( yes | no )
   2.438 +
   2.439 +   e.g.  <bijective>yes</bijective>
   2.440 +
   2.441 +5.2.5.  Version (<version>)
   2.442 +
   2.443 +   The version of the Wordlist MUST be unique within a language code.
   2.444 +
   2.445 +   [[ Note: Requirements to a "smart" composition of the version number
   2.446 +   are for further study ]]
   2.447 +
   2.448 +
   2.449 +
   2.450 +
   2.451 +Hoeneisen & Marques       Expires July 12, 2020                 [Page 8]
   2.452 +
   2.453 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
   2.454 +
   2.455 +
   2.456 +   e.g.  <version>b.1.2</version>
   2.457 +
   2.458 +5.2.6.  Registration Document(s) (<registrationdocs>)
   2.459 +
   2.460 +   Reference(s) to the Document(s) containing the Wordlist
   2.461 +
   2.462 +   e.g.  <registrationdocs>
   2.463 +           <xref type="rfc" data="rfc4979"/>
   2.464 +         </registrationdocs>
   2.465 +
   2.466 +   e.g.  <registrationdocs>
   2.467 +           <xref type="rfc" data="rfc8888"/> (obsoleted by RFC 9999)
   2.468 +           <xref type="rfc" data="rfc9999"/>
   2.469 +         </registrationdocs>
   2.470 +
   2.471 +   e.g.  <registrationdocs>
   2.472 +           [International Telecommunications Union,
   2.473 +           "Wordlist for Foobar application",
   2.474 +           ITU-F Recommendation B.193, Release 73, Mar 2009.]
   2.475 +         </registrationdocs>
   2.476 +
   2.477 +5.2.7.  Requesters (<requesters>)
   2.478 +
   2.479 +   The persons requesting the registration of the Wordlist.  Usually
   2.480 +   these are the authors of the Wordlist.
   2.481 +
   2.482 +   e.g.  <requesters>
   2.483 +           <xref type="person" data="John_Doe"/>
   2.484 +         </requesters>
   2.485 +
   2.486 +         <people>
   2.487 +           <person id="John_Doe">
   2.488 +             <name>John Doe</name>
   2.489 +             <org>Example Inc.</org>
   2.490 +             <uri>mailto:john.doe@example.com</uri>
   2.491 +             <updated>2018-06-20</updated>
   2.492 +           </person>
   2.493 +         </people>
   2.494 +
   2.495 +   Note: If there is more than one requester, there must be one <xref>
   2.496 +   element per requester in the <requesters> element, and one <person>
   2.497 +   chunk per requester in the <people> element.
   2.498 +
   2.499 +5.2.8.  Further Information (<additionalinfo>)
   2.500 +
   2.501 +   Any other information the authors deem interesting.
   2.502 +
   2.503 +
   2.504 +
   2.505 +
   2.506 +
   2.507 +Hoeneisen & Marques       Expires July 12, 2020                 [Page 9]
   2.508 +
   2.509 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
   2.510 +
   2.511 +
   2.512 +   e.g.  <additionalinfo>
   2.513 +           <paragraph>more info goes here</paragraph>
   2.514 +         </additionalinfo>
   2.515 +
   2.516 +   Note: If there is no such additional information, then the
   2.517 +   <additionalinfo> element is omitted.
   2.518 +
   2.519 +5.2.9.  Wordlist (<wordlist>)
   2.520 +
   2.521 +   The full Wordlist to be registered.  The number of words MUST be a
   2.522 +   power of 2 as specified above.  The element names serve as key used
   2.523 +   for enumeration of the Trustwords (starting at 0) and the elements
   2.524 +   contains the values being individual natural language words in the
   2.525 +   respective language.
   2.526 +
   2.527 +   e.g.  <wordlist>
   2.528 +           <w0>first</w0>
   2.529 +           <w1>second</w1>
   2.530 +           [...]
   2.531 +           <w65535>last<w65535>
   2.532 +         </wordlist>
   2.533 +
   2.534 +   ] ]>
   2.535 +
   2.536 +   [[ Note: The exact representation of the Wordlist is for further
   2.537 +   study.  ]]
   2.538 +
   2.539 +6.  Acknowledgments
   2.540 +
   2.541 +   The authors would like to thank the following people who have
   2.542 +   provided feedback or significant contributions to the development of
   2.543 +   this document: Andrew Sullivan, Claudio Luck, Daniel Kahn Gilmore,
   2.544 +   Kelly Bristol, Michael Richardson, Rich Salz, Volker Birk, and Yoav
   2.545 +   Nir.
   2.546 +
   2.547 +   This work was initially created by pEp Foundation, and then reviewed
   2.548 +   and extended with funding by the Internet Society's Beyond the Net
   2.549 +   Programme on standardizing pEp.  [ISOC.bnet]
   2.550 +
   2.551 +7.  References
   2.552 +
   2.553 +7.1.  Normative References
   2.554 +
   2.555 +   [RFC2119]  Bradner, S., "Key words for use in RFCs to Indicate
   2.556 +              Requirement Levels", BCP 14, RFC 2119,
   2.557 +              DOI 10.17487/RFC2119, March 1997,
   2.558 +              <https://www.rfc-editor.org/info/rfc2119>.
   2.559 +
   2.560 +
   2.561 +
   2.562 +
   2.563 +Hoeneisen & Marques       Expires July 12, 2020                [Page 10]
   2.564 +
   2.565 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
   2.566 +
   2.567 +
   2.568 +   [RFC4949]  Shirey, R., "Internet Security Glossary, Version 2",
   2.569 +              FYI 36, RFC 4949, DOI 10.17487/RFC4949, August 2007,
   2.570 +              <https://www.rfc-editor.org/info/rfc4949>.
   2.571 +
   2.572 +   [RFC8126]  Cotton, M., Leiba, B., and T. Narten, "Guidelines for
   2.573 +              Writing an IANA Considerations Section in RFCs", BCP 26,
   2.574 +              RFC 8126, DOI 10.17487/RFC8126, June 2017,
   2.575 +              <https://www.rfc-editor.org/info/rfc8126>.
   2.576 +
   2.577 +7.2.  Informative References
   2.578 +
   2.579 +   [bitcoin.wl]
   2.580 +              "Seed Phrase", June 2019, <https://en.bitcoin.it/w/
   2.581 +              index.php?title=Seed_phrase&oldid=66492#Word_Lists>.
   2.582 +
   2.583 +   [I-D.birk-pep]
   2.584 +              Birk, V., Marques, H., and B. Hoeneisen, "pretty Easy
   2.585 +              privacy (pEp): Privacy by Default", draft-birk-pep-05
   2.586 +              (work in progress), November 2019.
   2.587 +
   2.588 +   [I-D.marques-pep-handshake]
   2.589 +              Marques, H. and B. Hoeneisen, "pretty Easy privacy (pEp):
   2.590 +              Contact and Channel Authentication through Handshake",
   2.591 +              draft-marques-pep-handshake-04 (work in progress), January
   2.592 +              2020.
   2.593 +
   2.594 +   [I-D.pep-keysync]
   2.595 +              Birk, V., Hoeneisen, B., and K. Bristol, "pretty Easy
   2.596 +              privacy (pEp): Key Synchronization Protocol (KeySync)",
   2.597 +              draft-pep-keysync-00 (work in progress), November 2019.
   2.598 +
   2.599 +   [ISO639]   "Language codes - ISO 639", n.d.,
   2.600 +              <https://www.iso.org/iso-639-language-codes.html>.
   2.601 +
   2.602 +   [ISOC.bnet]
   2.603 +              Simao, I., "Beyond the Net. 12 Innovative Projects
   2.604 +              Selected for Beyond the Net Funding. Implementing Privacy
   2.605 +              via Mass Encryption: Standardizing pretty Easy privacy's
   2.606 +              protocols", June 2017, <https://www.internetsociety.org/
   2.607 +              blog/2017/06/12-innovative-projects-selected-for-beyond-
   2.608 +              the-net-funding/>.
   2.609 +
   2.610 +   [PGP.wl]   "PGP word list", November 2017,
   2.611 +              <https://en.wikipedia.org/w/
   2.612 +              index.php?title=PGP_word_list&oldid=749481933>.
   2.613 +
   2.614 +
   2.615 +
   2.616 +
   2.617 +
   2.618 +
   2.619 +Hoeneisen & Marques       Expires July 12, 2020                [Page 11]
   2.620 +
   2.621 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
   2.622 +
   2.623 +
   2.624 +   [RFC1751]  McDonald, D., "A Convention for Human-Readable 128-bit
   2.625 +              Keys", RFC 1751, DOI 10.17487/RFC1751, December 1994,
   2.626 +              <https://www.rfc-editor.org/info/rfc1751>.
   2.627 +
   2.628 +   [RFC1760]  Haller, N., "The S/KEY One-Time Password System",
   2.629 +              RFC 1760, DOI 10.17487/RFC1760, February 1995,
   2.630 +              <https://www.rfc-editor.org/info/rfc1760>.
   2.631 +
   2.632 +   [RFC2289]  Haller, N., Metz, C., Nesser, P., and M. Straw, "A One-
   2.633 +              Time Password System", STD 61, RFC 2289,
   2.634 +              DOI 10.17487/RFC2289, February 1998,
   2.635 +              <https://www.rfc-editor.org/info/rfc2289>.
   2.636 +
   2.637 +   [RFC3647]  Chokhani, S., Ford, W., Sabett, R., Merrill, C., and S.
   2.638 +              Wu, "Internet X.509 Public Key Infrastructure Certificate
   2.639 +              Policy and Certification Practices Framework", RFC 3647,
   2.640 +              DOI 10.17487/RFC3647, November 2003,
   2.641 +              <https://www.rfc-editor.org/info/rfc3647>.
   2.642 +
   2.643 +   [RFC6117]  Hoeneisen, B., Mayrhofer, A., and J. Livingood, "IANA
   2.644 +              Registration of Enumservices: Guide, Template, and IANA
   2.645 +              Considerations", RFC 6117, DOI 10.17487/RFC6117, March
   2.646 +              2011, <https://www.rfc-editor.org/info/rfc6117>.
   2.647 +
   2.648 +   [RFC6120]  Saint-Andre, P., "Extensible Messaging and Presence
   2.649 +              Protocol (XMPP): Core", RFC 6120, DOI 10.17487/RFC6120,
   2.650 +              March 2011, <https://www.rfc-editor.org/info/rfc6120>.
   2.651 +
   2.652 +Appendix A.  IANA XML Template Example
   2.653 +
   2.654 +   This section contains a non-normative example of the IANA
   2.655 +   Registration Template XML chunk.
   2.656 +
   2.657 +
   2.658 +
   2.659 +
   2.660 +
   2.661 +
   2.662 +
   2.663 +
   2.664 +
   2.665 +
   2.666 +
   2.667 +
   2.668 +
   2.669 +
   2.670 +
   2.671 +
   2.672 +
   2.673 +
   2.674 +
   2.675 +Hoeneisen & Marques       Expires July 12, 2020                [Page 12]
   2.676 +
   2.677 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
   2.678 +
   2.679 +
   2.680 +     <record>
   2.681 +       <languagecode>lat</languagecode>
   2.682 +       <bitsize>16</bitsize>
   2.683 +       <numberofuniquewords>57337</numberofuniquewords>
   2.684 +       <bijective>no</bijective>
   2.685 +       <version>n.0.1</version>
   2.686 +       <registrationdocs>
   2.687 +         <xref type="rfc" data="rfc2551"/>
   2.688 +       </registrationdocs>
   2.689 +       <requesters>
   2.690 +         <xref type="person" data="Julius_Caesar"/>
   2.691 +       </requesters>
   2.692 +       <additionalinfo>
   2.693 +         <paragraph>
   2.694 +           This Wordlist has been optimized for
   2.695 +           the Roman Standards Process.
   2.696 +         </paragraph>
   2.697 +       </additionalinfo>
   2.698 +       <wordlist>
   2.699 +         <w0>errare</w0>
   2.700 +         <w1>humanum</w1>
   2.701 +         [...]
   2.702 +         <w65535>est<w65535>
   2.703 +       </wordlist>
   2.704 +     </record>
   2.705 +
   2.706 +     <people>
   2.707 +       <person id="Julius_Caesar">
   2.708 +         <name>Julius Caesar</name>
   2.709 +         <org>Curia Romana</org>
   2.710 +         <uri>mailto:julius.cesar@example.com</uri>
   2.711 +         <updated>1999-12-31</updated>
   2.712 +       </person>
   2.713 +     </people>
   2.714 +
   2.715 +Appendix B.  Document Changelog
   2.716 +
   2.717 +   [[ RFC Editor: This section is to be removed before publication ]]
   2.718 +
   2.719 +   o  draft-birk-pep-trustwords-05:
   2.720 +
   2.721 +      *  Update terms and references
   2.722 +
   2.723 +   o  draft-birk-pep-trustwords-04:
   2.724 +
   2.725 +      *  Add Privacy Considerations section
   2.726 +
   2.727 +      *  Swapped Security and IANA Consideration Sections
   2.728 +
   2.729 +
   2.730 +
   2.731 +Hoeneisen & Marques       Expires July 12, 2020                [Page 13]
   2.732 +
   2.733 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
   2.734 +
   2.735 +
   2.736 +      *  Corrected typo in ISO references
   2.737 +
   2.738 +      *  Updated Introduction, Terms and concept Sections
   2.739 +
   2.740 +   o  draft-birk-pep-trustwords-03:
   2.741 +
   2.742 +      *  Update references
   2.743 +
   2.744 +      *  Minor edits
   2.745 +
   2.746 +   o  draft-birk-pep-trustwords-02:
   2.747 +
   2.748 +      *  Minor editorial changes and bug fixes
   2.749 +
   2.750 +      *  Added more items to Open Issues
   2.751 +
   2.752 +      *  Add usage example
   2.753 +
   2.754 +   o  draft-birk-pep-trustwords-01:
   2.755 +
   2.756 +      *  Included feedback from mailing list and IETF-101 SECDISPATCH
   2.757 +         WG, e.g.
   2.758 +
   2.759 +         +  Added more explanatory text / less focused on the main use
   2.760 +            case
   2.761 +
   2.762 +         +  Bit size as parameter
   2.763 +
   2.764 +      *  Explicitly stated translations are out-of-scope for this
   2.765 +         document
   2.766 +
   2.767 +      *  Added draft IANA XML Registration template, considerations,
   2.768 +         explanation and examples
   2.769 +
   2.770 +      *  Added Changelog to Appendix
   2.771 +
   2.772 +      *  Added Open Issue section to Appendix
   2.773 +
   2.774 +Appendix C.  Open Issues
   2.775 +
   2.776 +   [[ RFC Editor: This section should be empty and is to be removed
   2.777 +   before publication. ]]
   2.778 +
   2.779 +   o  Better explain previous work on Trustwords
   2.780 +
   2.781 +   o  More explanatory text for Trustword use cases, properties and
   2.782 +      requirements
   2.783 +
   2.784 +
   2.785 +
   2.786 +
   2.787 +Hoeneisen & Marques       Expires July 12, 2020                [Page 14]
   2.788 +
   2.789 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
   2.790 +
   2.791 +
   2.792 +   o  Further details of the IANA registry and requirements for the
   2.793 +      expert to assess the specification
   2.794 +
   2.795 +   o  Decide which ISO language code either 639-1 or 639-3 to use, i.e.,
   2.796 +      ISO-639-1 (e.g., ca, de, en, ...) as currently used in pEp
   2.797 +      implementations (running code) or ISO-639-3 (eng, deu, ita, ...)
   2.798 +
   2.799 +   o  Adjust exact representation of wordlists
   2.800 +
   2.801 +      *  e.g.  XML, CSV, ...
   2.802 +
   2.803 +      *  Syntax for non-ASCII letters or language symbols (UTF-8) in
   2.804 +         Wordlists
   2.805 +
   2.806 +   o  Need for optional entropy value assigned to words, to account for
   2.807 +      similar phonetics among words in the same wordlist?
   2.808 +
   2.809 +   o  Need for an additional field, to define what a wordlist is
   2.810 +      optimized for, e.g., "entropy", "minimize word lengths", ...?
   2.811 +
   2.812 +   o  Work out (requirements for) "smart" composition of the version
   2.813 +      number
   2.814 +
   2.815 +   o  Decide whether in non-bijective Wordlists the redundant words need
   2.816 +      to be repeated in the IANA Registration
   2.817 +
   2.818 +   o  Register only a hash over the wordlist with IANA?
   2.819 +
   2.820 +   o  Does it make sense to open registrations for other patterns than
   2.821 +      just words, e.g., images?
   2.822 +
   2.823 +Authors' Addresses
   2.824 +
   2.825 +   Bernie Hoeneisen
   2.826 +   pEp Foundation
   2.827 +   Oberer Graben 4
   2.828 +   CH-8400 Winterthur
   2.829 +   Switzerland
   2.830 +
   2.831 +   Email: bernie.hoeneisen@pep.foundation
   2.832 +   URI:   https://pep.foundation/
   2.833 +
   2.834 +
   2.835 +
   2.836 +
   2.837 +
   2.838 +
   2.839 +
   2.840 +
   2.841 +
   2.842 +
   2.843 +Hoeneisen & Marques       Expires July 12, 2020                [Page 15]
   2.844 +
   2.845 +Internet-Draft    IANA Registration of Trustword Lists      January 2020
   2.846 +
   2.847 +
   2.848 +   Hernani Marques
   2.849 +   pEp Foundation
   2.850 +   Oberer Graben 4
   2.851 +   CH-8400 Winterthur
   2.852 +   Switzerland
   2.853 +
   2.854 +   Email: hernani.marques@pep.foundation
   2.855 +   URI:   https://pep.foundation/
   2.856 +
   2.857 +
   2.858 +
   2.859 +
   2.860 +
   2.861 +
   2.862 +
   2.863 +
   2.864 +
   2.865 +
   2.866 +
   2.867 +
   2.868 +
   2.869 +
   2.870 +
   2.871 +
   2.872 +
   2.873 +
   2.874 +
   2.875 +
   2.876 +
   2.877 +
   2.878 +
   2.879 +
   2.880 +
   2.881 +
   2.882 +
   2.883 +
   2.884 +
   2.885 +
   2.886 +
   2.887 +
   2.888 +
   2.889 +
   2.890 +
   2.891 +
   2.892 +
   2.893 +
   2.894 +
   2.895 +
   2.896 +
   2.897 +
   2.898 +
   2.899 +Hoeneisen & Marques       Expires July 12, 2020                [Page 16]
     3.1 --- /dev/null	Thu Jan 01 00:00:00 1970 +0000
     3.2 +++ b/pep-trustwords/archive/draft-birk-pep-trustwords-05.xml	Thu Jan 09 11:38:44 2020 +0100
     3.3 @@ -0,0 +1,1093 @@
     3.4 +<?xml version="1.0" encoding="utf-8"?>
     3.5 +  <?xml-stylesheet type="text/xsl" href="rfc2629.xslt" ?>
     3.6 +  <!-- generated by https://github.com/cabo/kramdown-rfc2629 version  -->
     3.7 +
     3.8 +<!DOCTYPE rfc SYSTEM "rfc2629.dtd" [
     3.9 +]>
    3.10 +
    3.11 +<?rfc toc="yes"?>
    3.12 +<?rfc sortrefs="yes"?>
    3.13 +<?rfc symrefs="yes"?>
    3.14 +<?rfc comments="yes"?>
    3.15 +
    3.16 +<rfc docName="draft-birk-pep-trustwords-05" category="std">
    3.17 +
    3.18 +  <front>
    3.19 +    <title abbrev="IANA Registration of Trustword Lists">IANA Registration of Trustword Lists: Guide, Template and IANA Considerations</title>
    3.20 +
    3.21 +    <author initials="B." surname="Hoeneisen" fullname="Bernie Hoeneisen">
    3.22 +      <organization>pEp Foundation</organization>
    3.23 +      <address>
    3.24 +        <postal>
    3.25 +          <street>Oberer Graben 4</street>
    3.26 +          <city>CH-8400 Winterthur</city>
    3.27 +          <country>Switzerland</country>
    3.28 +        </postal>
    3.29 +        <email>bernie.hoeneisen@pep.foundation</email>
    3.30 +        <uri>https://pep.foundation/</uri>
    3.31 +      </address>
    3.32 +    </author>
    3.33 +    <author initials="H." surname="Marques" fullname="Hernani Marques">
    3.34 +      <organization>pEp Foundation</organization>
    3.35 +      <address>
    3.36 +        <postal>
    3.37 +          <street>Oberer Graben 4</street>
    3.38 +          <city>CH-8400 Winterthur</city>
    3.39 +          <country>Switzerland</country>
    3.40 +        </postal>
    3.41 +        <email>hernani.marques@pep.foundation</email>
    3.42 +        <uri>https://pep.foundation/</uri>
    3.43 +      </address>
    3.44 +    </author>
    3.45 +
    3.46 +    <date year="2020" month="January" day="09"/>
    3.47 +
    3.48 +    
    3.49 +    
    3.50 +    
    3.51 +
    3.52 +    <abstract>
    3.53 +
    3.54 +
    3.55 +<t>This document specifies the IANA Registration Guidelines for
    3.56 +Trustwords, describes corresponding registration procedures, and
    3.57 +provides a guideline for creating Trustword list specifications.</t>
    3.58 +
    3.59 +<t>Trustwords are common words in a natural language (e.g., English),
    3.60 +which hexadecimal strings are mapped to. Such a mapping makes
    3.61 +verification processes like fingerprint comparisons more practical,
    3.62 +and less prone to misunderstandings.</t>
    3.63 +
    3.64 +
    3.65 +
    3.66 +    </abstract>
    3.67 +
    3.68 +
    3.69 +  </front>
    3.70 +
    3.71 +  <middle>
    3.72 +
    3.73 +
    3.74 +<section anchor="introduction" title="Introduction">
    3.75 +
    3.76 +<t>In public-key cryptography, comparing the respective public key
    3.77 +fingerprints for each of the communication partners involved is vital
    3.78 +to ensure that there is no Man-in-the-Middle (MITM) attack on the
    3.79 +communication channel. These fingerprints normally consist of a chain
    3.80 +of hexadecimal characters, which are often impractical, cumbersome,
    3.81 +and prone to misunderstandings for end-users.</t>
    3.82 +
    3.83 +<t>To mitigate these challenges, several systems offer Trustword
    3.84 +comparison as an alternative to these hexadecimal strings.  Trustwords
    3.85 +are common words in a natural language (e.g., English), which these
    3.86 +hexadecimal strings are mapped to. Using Trustwords makes verification
    3.87 +processes like fingerprint comparisons more natural for users.</t>
    3.88 +
    3.89 +<t>For example, in pEp’s Privacy by Default proposition <xref target="I-D.birk-pep"/>
    3.90 +Trustwords are used to facilitate easy contact verification for
    3.91 +end-to-end encryption. Trustword comparison is offered after the peers
    3.92 +have opportunistically exchanged public keys. Examples of Trustword
    3.93 +lists used by current pEp implementations can be found here in CSV
    3.94 +format:
    3.95 +https://pep.foundation/dev/repos/pEpEngine/file/tip/db.</t>
    3.96 +
    3.97 +<t>In addition to contact verification, Trustwords are also used for
    3.98 +other purposes, such as Human-Readable 128-bit Keys <xref target="RFC1751"/>, One
    3.99 +Time Passwords (OTP) <xref target="RFC1760"/> <xref target="RFC2289"/>, SSH host-key
   3.100 +verification, VPN server certificate verification, deriving private
   3.101 +keys in blockchain applications for cryptocurrencies, and to import or
   3.102 +synchronize secret keys across multiple devices owned by a single user
   3.103 +<xref target="I-D.pep-keysync"/>.  Further ideas include the use of
   3.104 +Trustwords for private key recovery in case of loss, contact
   3.105 +verification in Extensible Messaging and Presence Protocol (XMPP)
   3.106 +<xref target="RFC6120"/>, or for X.509 certificate verification in browsers
   3.107 +<xref target="RFC3647"/>.</t>
   3.108 +
   3.109 +<section anchor="requirements-language" title="Requirements Language">
   3.110 +
   3.111 +<t>The key words “MUST”, “MUST NOT”, “REQUIRED”, “SHALL”, “SHALL NOT”,
   3.112 +“SHOULD”, “SHOULD NOT”, “RECOMMENDED”, “MAY”, and “OPTIONAL” in this
   3.113 +document are to be interpreted as described in <xref target="RFC2119"/>.</t>
   3.114 +
   3.115 +</section>
   3.116 +<section anchor="terms" title="Terms">
   3.117 +
   3.118 +<t>The following terms are defined for the scope of this document:</t>
   3.119 +
   3.120 +<t><list style="symbols">
   3.121 +  <t>pEp Handshake: The process of one user contacting another over an
   3.122 +independent channel in order to verify Trustwords (or fingerprints
   3.123 +as a fallback). This can be done in-person or through established
   3.124 +verbal communication channels, like a phone
   3.125 +call. <xref target="I-D.marques-pep-handshake"/>
   3.126 +<!-- {::include ../shared/text-blocks/trustwords.mkd} -->
   3.127 +<!-- {::include ../shared/text-blocks/tofu.mkd} --></t>
   3.128 +  <t>Man-in-the-middle (MITM) attack: cf. <xref target="RFC4949"/>, which states: “A
   3.129 +form of active wiretapping attack in which the attacker intercepts
   3.130 +and selectively modifies communicated data to masquerade as one or
   3.131 +more of the entities involved in a communication association.”</t>
   3.132 +</list></t>
   3.133 +
   3.134 +</section>
   3.135 +</section>
   3.136 +<section anchor="the-concept-of-trustword-mapping" title="The Concept of Trustword Mapping">
   3.137 +
   3.138 +<section anchor="example" title="Example">
   3.139 +
   3.140 +<t>As already discussed, fingerprints normally consist of a string
   3.141 +of hexadecimal characters. A typical fingerprint looks like this:</t>
   3.142 +
   3.143 +<t><list style='empty'>
   3.144 +  <t>F482 E952 2F48 618B 01BC 31DC 5428 D7FA ACDC 3F13</t>
   3.145 +</list></t>
   3.146 +
   3.147 +<t>Instead of the hexadecimal string, Trustwords allow users to
   3.148 +compare ten common words of a language of their choosing. For example,
   3.149 +the above fingerprint, mapped to English Trustwords, might appear as:</t>
   3.150 +
   3.151 +<t><list style='empty'>
   3.152 +  <t>dog house brother town fat bath school banana kite task</t>
   3.153 +</list></t>
   3.154 +
   3.155 +<t>The same fingerprint might appear in German Trustwords as:</t>
   3.156 +
   3.157 +<t><list style='empty'>
   3.158 +  <t>klima gelb lappen weg trinken alles kaputt rasen rucksack durch</t>
   3.159 +</list></t>
   3.160 +
   3.161 +<t>Note: These examples are for illustration purposes only, and are not
   3.162 +derived from any published Trustword list.</t>
   3.163 +
   3.164 +</section>
   3.165 +<section anchor="previous-work" title="Previous work">
   3.166 +
   3.167 +<t>The basic concept of Trustword mapping - also known as a biometric
   3.168 +word list - for fingerprint comparison is well-documented. Examples of
   3.169 +this concept are used with One-Time Passwords (OTP) <xref target="RFC1751"/>
   3.170 +<xref target="RFC1760"/> <xref target="RFC2289"/>, as well as the PGP Word List (“Pretty Good
   3.171 +Privacy word list” <xref target="PGP.wl"/>.  Furthermore, cryptocurrencies use a
   3.172 +similar concept for deriving private keys <xref target="bitcoin.wl"/>.</t>
   3.173 +
   3.174 +<t>[[ TODO: Explain each previous usage a bit further and synchronize
   3.175 +with section <xref target="introduction"/>. ]]</t>
   3.176 +
   3.177 +<t>Regarding today’s needs, previous proposals have the following
   3.178 +shortcomings:</t>
   3.179 +
   3.180 +<t><list style="symbols">
   3.181 +  <t>Small/limited word lists, which generally result in more words to
   3.182 +compare</t>
   3.183 +  <t>Existing word lists are usually only available in English, which
   3.184 +limits their usefulness for non-English speakers</t>
   3.185 +</list></t>
   3.186 +
   3.187 +<t>Furthermore, there are differences in the basic concept:</t>
   3.188 +
   3.189 +<t><list style="symbols">
   3.190 +  <t>The Trustword concept suggested herein intends to improve usability
   3.191 +and security for all users, instead of only the technically-savvy.</t>
   3.192 +  <t>In many use cases, Trustwords are only read (aloud) during the
   3.193 +comparison process, rather than being written or typed. For
   3.194 +example, two users might compare their respective Trustwords during
   3.195 +a phone call.  Verbal comparison reduces the need to keep the actual
   3.196 +Trustwords short. The use of longer Trustwords increases the
   3.197 +entropy within the system, as it allows for a larger dictionary, and
   3.198 +thus reduces the likelihood of phonetic collisions.</t>
   3.199 +</list></t>
   3.200 +
   3.201 +</section>
   3.202 +<section anchor="number-of-trustwords-for-a-language" title="Number of Trustwords for a language">
   3.203 +
   3.204 +<t>If the number of Trustwords in a dictionary is low, shorter parts of
   3.205 +the original string (e.g., fingerprint) can be mapped to a single
   3.206 +Trustword. Thus, many Trustwords will need to be compared, which
   3.207 +results in a potentially cumbersome process for users, and lead to
   3.208 +reduced usability.</t>
   3.209 +
   3.210 +<t>To reduce the number of Trustwords that need to be compared, pEp’s
   3.211 +Privacy by Default proposition <xref target="I-D.birk-pep"/> calls for 16-bit
   3.212 +scalars to be mapped to natural language words.  Therefore, the size
   3.213 +(by number of key-value pairs) of any key-value pair structure
   3.214 +is 65536.  However, the number of unique values to be used in a
   3.215 +language may be smaller than this number.  This discrepancy can be
   3.216 +addressed by using the same value, or Trustword, for more than one
   3.217 +key.  In such cases, the entropy of the representation is slightly
   3.218 +reduced.  For example, a Trustword list of 42000 words still allows
   3.219 +for an entropy of log_2(42000), which is roughly 15.36 bits in 16-bit
   3.220 +mappings. As a consequence such Trustword lists are not bijective.</t>
   3.221 +
   3.222 +<t>On the other hand, small Trustword lists allow for Trustwords
   3.223 +consisting of words with shorter strings (number of short words per
   3.224 +natural language is normally limited), which are easier to use in
   3.225 +implementations where Trustwords have to be typed or written, such as
   3.226 +in OTP applications.</t>
   3.227 +
   3.228 +<t>Note: This specification allows for registration of variable numbers
   3.229 +of Trustwords per dictionary.</t>
   3.230 +
   3.231 +</section>
   3.232 +<section anchor="language" title="Language">
   3.233 +
   3.234 +<t>Although English is used around the world, the vast majority of the
   3.235 +global population is not English-speaking.  For an application to be
   3.236 +useful to as wide of a user base as possible, localization is
   3.237 +essential. Therefore, this specification allows for registration of
   3.238 +Trustword lists in different languages.</t>
   3.239 +
   3.240 +<t>In applications where two humans are attempting to establish
   3.241 +secure communications, it is likely that they share a common language.
   3.242 +At this time, no real-world use cases for Trustword list translation
   3.243 +capability have been identified.  Because the translation process
   3.244 +inherently - and drastically - increases complexity from an IANA
   3.245 +registration standpoint, the topic of Trustword translation is beyond
   3.246 +the scope of this document.</t>
   3.247 +
   3.248 +</section>
   3.249 +<section anchor="the-nature-of-the-words" title="The nature of the words">
   3.250 +
   3.251 +<t>Every Trustword list SHOULD be clear of offensive language (i.e.,
   3.252 +swear/curse words, slurs, derogatory language, etc.).  This process
   3.253 +SHOULD be performed by native speakers of each respective language.</t>
   3.254 +
   3.255 +</section>
   3.256 +</section>
   3.257 +<section anchor="security-considerations" title="Security Considerations">
   3.258 +
   3.259 +<t>There are no specific security considerations.</t>
   3.260 +
   3.261 +</section>
   3.262 +<section anchor="privacy-considerations" title="Privacy Considerations">
   3.263 +
   3.264 +<t>[[ TODO ]]</t>
   3.265 +
   3.266 +</section>
   3.267 +<section anchor="iana-considerations" title="IANA Considerations">
   3.268 +
   3.269 +<t>Each natural language requires a different set of Trustwords. To allow
   3.270 +implementers for identical Trustword lists, a IANA registry is to be
   3.271 +established. The IANA registration policy according to <xref target="RFC8126"/> is
   3.272 +“Expert Review” and “Specification Required”.</t>
   3.273 +
   3.274 +<t>[[ Note: Further details of the IANA registry and requirements for
   3.275 +the expert to assess the specification are for further study. A
   3.276 +similar approach as used in <xref target="RFC6117"/> is likely followed. ]]</t>
   3.277 +
   3.278 +<section anchor="registration-template-xml-chunk" title="Registration Template (XML chunk)">
   3.279 +
   3.280 +<figure><artwork><![CDATA[
   3.281 +  <record>
   3.282 +    <languagecode>
   3.283 +      <!--  ISO 639-3 (e.g. eng, deu, ...) -->
   3.284 +    </languagecode>
   3.285 +    <bitsize>
   3.286 +      <!-- How many bits can be mapped with this list
   3.287 +           (e.g. 8, 16, ...) -->
   3.288 +    </bitsize>
   3.289 +    <numberofuniquewords>
   3.290 +      <!-- number of unique words registered
   3.291 +           (e.g. 256, 65536, ...) -->
   3.292 +    </numberofuniquewords>
   3.293 +    <bijective>
   3.294 +      <!-- whether or not the list allows for a two-way-mapping
   3.295 +           (e.g. yes, no) -->
   3.296 +    </bijective>
   3.297 +    <version>
   3.298 +      <!-- version number within language
   3.299 +           (e.g. b.1.2, n.0.1, ...)  -->
   3.300 +    </version>
   3.301 +    <registrationdocs>
   3.302 +      <!-- Change accordingly -->
   3.303 +      <xref type="rfc" data="rfc2551"/>
   3.304 +    </registrationdocs>
   3.305 +    <requesters>
   3.306 +      <!-- Change accordingly -->
   3.307 +      <xref type="person" data="John_Doe"/>
   3.308 +      <xref type="person" data="Jane_Dale"/>
   3.309 +    </requesters>
   3.310 +    <additionalinfo>
   3.311 +      <paragraph>
   3.312 +        <!-- Text with additional information about
   3.313 +             the Wordlist to be registered -->
   3.314 +      </paragraph>
   3.315 +      <artwork>
   3.316 +        <!-- There can be artwork sections, too -->
   3.317 +      </artwork>
   3.318 +    </additionalinfo>
   3.319 +    <wordlist>
   3.320 +      <!-- Change accordingly -->
   3.321 +      <w0>first</w0>
   3.322 +      <w1>second</w1>
   3.323 +      [...]
   3.324 +      <w65535>last<w65535>
   3.325 +    </wordlist>
   3.326 +  </record>
   3.327 + 
   3.328 +  <people>
   3.329 +    <person id="John_Doe">
   3.330 +      <name> <!-- Firstname Lastname --> </name>
   3.331 +      <org> <!-- Organization Name --> </org>
   3.332 +      <uri> <!-- mailto: or http: URI --> </uri>
   3.333 +      <updated> <!-- date format YYYY-MM-DD --> </updated>
   3.334 +    </person>
   3.335 +    <!-- repeat person section for each person -->
   3.336 +  </people>
   3.337 +]]></artwork></figure>
   3.338 +
   3.339 +<t>Authors of a Wordlist are encouraged to use these
   3.340 +XML chunks as a template to create the IANA Registration Template.</t>
   3.341 +
   3.342 +</section>
   3.343 +<section anchor="iana-registration" title="IANA Registration">
   3.344 +
   3.345 +<t>An IANA registration will contain the fallowing elements:</t>
   3.346 +
   3.347 +<section anchor="language-code-languagecode" title="Language Code (&lt;languagecode&gt;)">
   3.348 +
   3.349 +<t>The language code follows the ISO 639-3 specification <xref target="ISO639"/>,
   3.350 +e.g., eng, deu.</t>
   3.351 +
   3.352 +<t>[[ Note: It is for further study, which of the ISO 639
   3.353 +Specifications is most suitable to address the Trustwords’
   3.354 +challenge. ]]</t>
   3.355 +
   3.356 +<t>Example usage for German:</t>
   3.357 +
   3.358 +<figure><artwork><![CDATA[
   3.359 +e.g.  <languagecode>deu</languagecode>
   3.360 +]]></artwork></figure>
   3.361 +
   3.362 +</section>
   3.363 +<section anchor="bit-size-bitsize" title="Bit Size (&lt;bitsize&gt;)">
   3.364 +
   3.365 +<t>The bit size is the number of bits that can be mapped with the
   3.366 +Wordlist. The number of registered words in a word list MUST be
   3.367 +2 ^ <spanx style="verb">(&lt;bitsize&gt;)</spanx>.</t>
   3.368 +
   3.369 +<t>Example usage for 16-bit Wordlist:</t>
   3.370 +
   3.371 +<figure><artwork><![CDATA[
   3.372 +e.g.  <bitsize>16</bitsize>
   3.373 +]]></artwork></figure>
   3.374 +
   3.375 +</section>
   3.376 +<section anchor="number-of-unique-words-numberofuniquewords" title="Number Of Unique Words (&lt;numberofuniquewords&gt;)">
   3.377 +
   3.378 +<t>The number of unique words that are registered.</t>
   3.379 +
   3.380 +<figure><artwork><![CDATA[
   3.381 +e.g.  <numberofuniquewords>65536</numberofuniquewords>
   3.382 +]]></artwork></figure>
   3.383 +
   3.384 +</section>
   3.385 +<section anchor="bijectivity-bijective" title="Bijectivity (&lt;bijective&gt;)">
   3.386 +
   3.387 +<t>Whether the registered Wordlist has a one-to-one mapping, meaning the
   3.388 +number of unique words registered equals 2 ^ <spanx style="verb">(&lt;bitsize&gt;)</spanx>.</t>
   3.389 +
   3.390 +<t>Valid content: ( yes | no )</t>
   3.391 +
   3.392 +<figure><artwork><![CDATA[
   3.393 +e.g.  <bijective>yes</bijective>
   3.394 +]]></artwork></figure>
   3.395 +
   3.396 +</section>
   3.397 +<section anchor="version-version" title="Version (&lt;version&gt;)">
   3.398 +
   3.399 +<t>The version of the Wordlist MUST be unique within a language code.</t>
   3.400 +
   3.401 +<t>[[ Note: Requirements to a “smart” composition of the version number
   3.402 +are for further study ]]</t>
   3.403 +
   3.404 +<figure><artwork><![CDATA[
   3.405 +e.g.  <version>b.1.2</version>
   3.406 +]]></artwork></figure>
   3.407 +
   3.408 +</section>
   3.409 +<section anchor="registration-documents-registrationdocs" title="Registration Document(s) (&lt;registrationdocs&gt;)">
   3.410 +
   3.411 +<t>Reference(s) to the Document(s) containing the Wordlist</t>
   3.412 +
   3.413 +<figure><artwork><![CDATA[
   3.414 +e.g.  <registrationdocs>
   3.415 +        <xref type="rfc" data="rfc4979"/>
   3.416 +      </registrationdocs>
   3.417 +
   3.418 +e.g.  <registrationdocs>
   3.419 +        <xref type="rfc" data="rfc8888"/> (obsoleted by RFC 9999)
   3.420 +        <xref type="rfc" data="rfc9999"/>
   3.421 +      </registrationdocs>
   3.422 +
   3.423 +e.g.  <registrationdocs>
   3.424 +        [International Telecommunications Union,
   3.425 +        "Wordlist for Foobar application",
   3.426 +        ITU-F Recommendation B.193, Release 73, Mar 2009.]
   3.427 +      </registrationdocs>
   3.428 +]]></artwork></figure>
   3.429 +
   3.430 +</section>
   3.431 +<section anchor="requesters-requesters" title="Requesters (&lt;requesters&gt;)">
   3.432 +
   3.433 +<t>The persons requesting the registration of the Wordlist. Usually
   3.434 +these are the authors of the Wordlist.</t>
   3.435 +
   3.436 +<figure><artwork><![CDATA[
   3.437 +e.g.  <requesters>
   3.438 +        <xref type="person" data="John_Doe"/>
   3.439 +      </requesters>
   3.440 +
   3.441 +      <people>
   3.442 +        <person id="John_Doe">
   3.443 +          <name>John Doe</name>
   3.444 +          <org>Example Inc.</org>
   3.445 +          <uri>mailto:john.doe@example.com</uri>
   3.446 +          <updated>2018-06-20</updated>
   3.447 +        </person>
   3.448 +      </people>
   3.449 +]]></artwork></figure>
   3.450 +
   3.451 +<t>Note: If there is more than one requester, there must be one &lt;xref&gt;
   3.452 +element per requester in the &lt;requesters&gt; element, and one
   3.453 +&lt;person&gt; chunk per requester in the &lt;people&gt; element.</t>
   3.454 +
   3.455 +</section>
   3.456 +<section anchor="further-information-additionalinfo" title="Further Information (&lt;additionalinfo&gt;)">
   3.457 +
   3.458 +<t>Any other information the authors deem interesting.</t>
   3.459 +
   3.460 +<figure><artwork><![CDATA[
   3.461 +e.g.  <additionalinfo>
   3.462 +        <paragraph>more info goes here</paragraph>
   3.463 +      </additionalinfo>
   3.464 +]]></artwork></figure>
   3.465 +
   3.466 +<t>Note: If there is no such additional information, then the
   3.467 +&lt;additionalinfo&gt; element is omitted.</t>
   3.468 +
   3.469 +</section>
   3.470 +<section anchor="wordlist-wordlist" title="Wordlist (&lt;wordlist&gt;)">
   3.471 +
   3.472 +<t>The full Wordlist to be registered. The number of words MUST be a
   3.473 +power of 2 as specified above. The element names serve as key used for
   3.474 +enumeration of the Trustwords (starting at 0) and the elements
   3.475 +contains the values being individual natural language words in the
   3.476 +respective language.</t>
   3.477 +
   3.478 +<figure><artwork><![CDATA[
   3.479 +e.g.  <wordlist>
   3.480 +        <w0>first</w0>
   3.481 +        <w1>second</w1>
   3.482 +        [...]
   3.483 +        <w65535>last<w65535>
   3.484 +      </wordlist>
   3.485 +
   3.486 +] ]>
   3.487 +]]></artwork></figure>
   3.488 +
   3.489 +<t>[[ Note: The exact representation of the Wordlist is for further study.
   3.490 +]]</t>
   3.491 +
   3.492 +</section>
   3.493 +</section>
   3.494 +</section>
   3.495 +<section anchor="acknowledgments" title="Acknowledgments">
   3.496 +
   3.497 +<t>The authors would like to thank the following people who have provided
   3.498 +feedback or significant contributions to the development of this
   3.499 +document: Andrew Sullivan, Claudio Luck, Daniel Kahn Gilmore, Kelly
   3.500 +Bristol, Michael Richardson, Rich Salz, Volker Birk, and Yoav Nir.</t>
   3.501 +
   3.502 +<t>This work was initially created by pEp Foundation, and then reviewed
   3.503 +and extended with funding by the Internet Society’s Beyond the Net
   3.504 +Programme on standardizing pEp. <xref target="ISOC.bnet"/></t>
   3.505 +
   3.506 +</section>
   3.507 +
   3.508 +
   3.509 +  </middle>
   3.510 +
   3.511 +  <back>
   3.512 +
   3.513 +    <references title='Normative References'>
   3.514 +
   3.515 +
   3.516 +
   3.517 +
   3.518 +
   3.519 +<reference  anchor="RFC4949" target='https://www.rfc-editor.org/info/rfc4949'>
   3.520 +<front>
   3.521 +<title>Internet Security Glossary, Version 2</title>
   3.522 +<author initials='R.' surname='Shirey' fullname='R. Shirey'><organization /></author>
   3.523 +<date year='2007' month='August' />
   3.524 +<abstract><t>This Glossary provides definitions, abbreviations, and explanations of terminology for information system security. The 334 pages of entries offer recommendations to improve the comprehensibility of written material that is generated in the Internet Standards Process (RFC 2026). The recommendations follow the principles that such writing should (a) use the same term or definition whenever the same concept is mentioned; (b) use terms in their plainest, dictionary sense; (c) use terms that are already well-established in open publications; and (d) avoid terms that either favor a particular vendor or favor a particular technology or mechanism over other, competing techniques that already exist or could be developed.  This memo provides information for the Internet community.</t></abstract>
   3.525 +</front>
   3.526 +<seriesInfo name='FYI' value='36'/>
   3.527 +<seriesInfo name='RFC' value='4949'/>
   3.528 +<seriesInfo name='DOI' value='10.17487/RFC4949'/>
   3.529 +</reference>
   3.530 +
   3.531 +
   3.532 +
   3.533 +<reference  anchor="RFC8126" target='https://www.rfc-editor.org/info/rfc8126'>
   3.534 +<front>
   3.535 +<title>Guidelines for Writing an IANA Considerations Section in RFCs</title>
   3.536 +<author initials='M.' surname='Cotton' fullname='M. Cotton'><organization /></author>
   3.537 +<author initials='B.' surname='Leiba' fullname='B. Leiba'><organization /></author>
   3.538 +<author initials='T.' surname='Narten' fullname='T. Narten'><organization /></author>
   3.539 +<date year='2017' month='June' />
   3.540 +<abstract><t>Many protocols make use of points of extensibility that use constants to identify various protocol parameters.  To ensure that the values in these fields do not have conflicting uses and to promote interoperability, their allocations are often coordinated by a central record keeper.  For IETF protocols, that role is filled by the Internet Assigned Numbers Authority (IANA).</t><t>To make assignments in a given registry prudently, guidance describing the conditions under which new values should be assigned, as well as when and how modifications to existing values can be made, is needed.  This document defines a framework for the documentation of these guidelines by specification authors, in order to assure that the provided guidance for the IANA Considerations is clear and addresses the various issues that are likely in the operation of a registry.</t><t>This is the third edition of this document; it obsoletes RFC 5226.</t></abstract>
   3.541 +</front>
   3.542 +<seriesInfo name='BCP' value='26'/>
   3.543 +<seriesInfo name='RFC' value='8126'/>
   3.544 +<seriesInfo name='DOI' value='10.17487/RFC8126'/>
   3.545 +</reference>
   3.546 +
   3.547 +
   3.548 +
   3.549 +<reference  anchor="RFC2119" target='https://www.rfc-editor.org/info/rfc2119'>
   3.550 +<front>
   3.551 +<title>Key words for use in RFCs to Indicate Requirement Levels</title>
   3.552 +<author initials='S.' surname='Bradner' fullname='S. Bradner'><organization /></author>
   3.553 +<date year='1997' month='March' />
   3.554 +<abstract><t>In many standards track documents several words are used to signify the requirements in the specification.  These words are often capitalized. This document defines these words as they should be interpreted in IETF documents.  This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t></abstract>
   3.555 +</front>
   3.556 +<seriesInfo name='BCP' value='14'/>
   3.557 +<seriesInfo name='RFC' value='2119'/>
   3.558 +<seriesInfo name='DOI' value='10.17487/RFC2119'/>
   3.559 +</reference>
   3.560 +
   3.561 +
   3.562 +
   3.563 +
   3.564 +    </references>
   3.565 +
   3.566 +    <references title='Informative References'>
   3.567 +
   3.568 +
   3.569 +
   3.570 +
   3.571 +
   3.572 +<reference anchor="I-D.birk-pep">
   3.573 +<front>
   3.574 +<title>pretty Easy privacy (pEp): Privacy by Default</title>
   3.575 +
   3.576 +<author initials='V' surname='Birk' fullname='Volker Birk'>
   3.577 +    <organization />
   3.578 +</author>
   3.579 +
   3.580 +<author initials='H' surname='Marques' fullname='Hernani Marques'>
   3.581 +    <organization />
   3.582 +</author>
   3.583 +
   3.584 +<author initials='B' surname='Hoeneisen' fullname='Bernie Hoeneisen'>
   3.585 +    <organization />
   3.586 +</author>
   3.587 +
   3.588 +<date month='November' day='4' year='2019' />
   3.589 +
   3.590 +<abstract><t>The pretty Easy privacy (pEp) model and protocols describe a set of conventions for the automation of operations traditionally seen as barriers to the use and deployment of secure, privacy-preserving end- to-end interpersonal messaging.  These include, but are not limited to, key management, key discovery, and private key handling (including peer-to-peer synchronization of private keys and other user data across devices).  Human Rights-enabling principles like Data Minimization, End-to-End and Interoperability are explicit design goals.  For the goal of usable privacy, pEp introduces means to verify communication between peers and proposes a trust-rating system to denote secure types of communications and signal the privacy level available on a per-user and per-message level. Significantly, the pEp protocols build on already available security formats and message transports (e.g., PGP/MIME with email), and are written with the intent to be interoperable with already widely- deployed systems in order to ease adoption and implementation.  This document outlines the general design choices and principles of pEp.</t></abstract>
   3.591 +
   3.592 +</front>
   3.593 +
   3.594 +<seriesInfo name='Internet-Draft' value='draft-birk-pep-05' />
   3.595 +<format type='TXT'
   3.596 +        target='http://www.ietf.org/internet-drafts/draft-birk-pep-05.txt' />
   3.597 +</reference>
   3.598 +
   3.599 +
   3.600 +
   3.601 +<reference  anchor="RFC1751" target='https://www.rfc-editor.org/info/rfc1751'>
   3.602 +<front>
   3.603 +<title>A Convention for Human-Readable 128-bit Keys</title>
   3.604 +<author initials='D.' surname='McDonald' fullname='D. McDonald'><organization /></author>
   3.605 +<date year='1994' month='December' />
   3.606 +<abstract><t>This memo proposes a convention for use with Internet applications &amp; protocols using 128-bit cryptographic keys. This memo provides information for the Internet community.  This memo does not specify an Internet standard of any kind.</t></abstract>
   3.607 +</front>
   3.608 +<seriesInfo name='RFC' value='1751'/>
   3.609 +<seriesInfo name='DOI' value='10.17487/RFC1751'/>
   3.610 +</reference>
   3.611 +
   3.612 +
   3.613 +
   3.614 +<reference  anchor="RFC1760" target='https://www.rfc-editor.org/info/rfc1760'>
   3.615 +<front>
   3.616 +<title>The S/KEY One-Time Password System</title>
   3.617 +<author initials='N.' surname='Haller' fullname='N. Haller'><organization /></author>
   3.618 +<date year='1995' month='February' />
   3.619 +<abstract><t>This document describes the S/KEY* One-Time Password system as released for public use by Bellcore. This memo provides information for the Internet community.  This memo does not specify an Internet standard of any kind.</t></abstract>
   3.620 +</front>
   3.621 +<seriesInfo name='RFC' value='1760'/>
   3.622 +<seriesInfo name='DOI' value='10.17487/RFC1760'/>
   3.623 +</reference>
   3.624 +
   3.625 +
   3.626 +
   3.627 +<reference  anchor="RFC2289" target='https://www.rfc-editor.org/info/rfc2289'>
   3.628 +<front>
   3.629 +<title>A One-Time Password System</title>
   3.630 +<author initials='N.' surname='Haller' fullname='N. Haller'><organization /></author>
   3.631 +<author initials='C.' surname='Metz' fullname='C. Metz'><organization /></author>
   3.632 +<author initials='P.' surname='Nesser' fullname='P. Nesser'><organization /></author>
   3.633 +<author initials='M.' surname='Straw' fullname='M. Straw'><organization /></author>
   3.634 +<date year='1998' month='February' />
   3.635 +<abstract><t>This document describes a one-time password authentication system (OTP). The system provides authentication for system access (login) and other applications requiring authentication that is secure against passive attacks based on replaying captured reusable passwords.  [STANDARDS-TRACK]</t></abstract>
   3.636 +</front>
   3.637 +<seriesInfo name='STD' value='61'/>
   3.638 +<seriesInfo name='RFC' value='2289'/>
   3.639 +<seriesInfo name='DOI' value='10.17487/RFC2289'/>
   3.640 +</reference>
   3.641 +
   3.642 +
   3.643 +
   3.644 +<reference  anchor="RFC3647" target='https://www.rfc-editor.org/info/rfc3647'>
   3.645 +<front>
   3.646 +<title>Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework</title>
   3.647 +<author initials='S.' surname='Chokhani' fullname='S. Chokhani'><organization /></author>
   3.648 +<author initials='W.' surname='Ford' fullname='W. Ford'><organization /></author>
   3.649 +<author initials='R.' surname='Sabett' fullname='R. Sabett'><organization /></author>
   3.650 +<author initials='C.' surname='Merrill' fullname='C. Merrill'><organization /></author>
   3.651 +<author initials='S.' surname='Wu' fullname='S. Wu'><organization /></author>
   3.652 +<date year='2003' month='November' />
   3.653 +<abstract><t>This document presents a framework to assist the writers of certificate policies or certification practice statements for participants within public key infrastructures, such as certification authorities, policy authorities, and communities of interest that wish to rely on certificates.  In particular, the framework provides a comprehensive list of topics that potentially (at the writer's discretion) need to be covered in a certificate policy or a certification practice statement.  This document supersedes RFC 2527.</t></abstract>
   3.654 +</front>
   3.655 +<seriesInfo name='RFC' value='3647'/>
   3.656 +<seriesInfo name='DOI' value='10.17487/RFC3647'/>
   3.657 +</reference>
   3.658 +
   3.659 +
   3.660 +
   3.661 +<reference  anchor="RFC6117" target='https://www.rfc-editor.org/info/rfc6117'>
   3.662 +<front>
   3.663 +<title>IANA Registration of Enumservices: Guide, Template, and IANA Considerations</title>
   3.664 +<author initials='B.' surname='Hoeneisen' fullname='B. Hoeneisen'><organization /></author>
   3.665 +<author initials='A.' surname='Mayrhofer' fullname='A. Mayrhofer'><organization /></author>
   3.666 +<author initials='J.' surname='Livingood' fullname='J. Livingood'><organization /></author>
   3.667 +<date year='2011' month='March' />
   3.668 +<abstract><t>This document specifies a revision of the IANA Registration Guidelines for Enumservices, describes corresponding registration procedures, and provides a guideline for creating Enumservice Specifications.  [STANDARDS-TRACK]</t></abstract>
   3.669 +</front>
   3.670 +<seriesInfo name='RFC' value='6117'/>
   3.671 +<seriesInfo name='DOI' value='10.17487/RFC6117'/>
   3.672 +</reference>
   3.673 +
   3.674 +
   3.675 +
   3.676 +<reference  anchor="RFC6120" target='https://www.rfc-editor.org/info/rfc6120'>
   3.677 +<front>
   3.678 +<title>Extensible Messaging and Presence Protocol (XMPP): Core</title>
   3.679 +<author initials='P.' surname='Saint-Andre' fullname='P. Saint-Andre'><organization /></author>
   3.680 +<date year='2011' month='March' />
   3.681 +<abstract><t>The Extensible Messaging and Presence Protocol (XMPP) is an application profile of the Extensible Markup Language (XML) that enables the near-real-time exchange of structured yet extensible data between any two or more network entities.  This document defines XMPP's core protocol methods: setup and teardown of XML streams, channel encryption, authentication, error handling, and communication primitives for messaging, network availability (&quot;presence&quot;), and request-response interactions.  This document obsoletes RFC 3920.  [STANDARDS-TRACK]</t></abstract>
   3.682 +</front>
   3.683 +<seriesInfo name='RFC' value='6120'/>
   3.684 +<seriesInfo name='DOI' value='10.17487/RFC6120'/>
   3.685 +</reference>
   3.686 +
   3.687 +
   3.688 +
   3.689 +<reference anchor="I-D.marques-pep-handshake">
   3.690 +<front>
   3.691 +<title>pretty Easy privacy (pEp): Contact and Channel Authentication through Handshake</title>
   3.692 +
   3.693 +<author initials='H' surname='Marques' fullname='Hernani Marques'>
   3.694 +    <organization />
   3.695 +</author>
   3.696 +
   3.697 +<author initials='B' surname='Hoeneisen' fullname='Bernie Hoeneisen'>
   3.698 +    <organization />
   3.699 +</author>
   3.700 +
   3.701 +<date month='January' day='8' year='2020' />
   3.702 +
   3.703 +<abstract><t>In interpersonal messaging end-to-end encryption means for public key distribution and verification of its authenticity are needed; the latter to prevent man-in-the-middle (MITM) attacks.  This document proposes a new method to easily verify a public key is authentic by a Handshake process that allows users to easily authenticate their communication channel.  The new method is targeted to Opportunistic Security scenarios and is already implemented in several applications of pretty Easy privacy (pEp).</t></abstract>
   3.704 +
   3.705 +</front>
   3.706 +
   3.707 +<seriesInfo name='Internet-Draft' value='draft-marques-pep-handshake-04' />
   3.708 +<format type='TXT'
   3.709 +        target='http://www.ietf.org/internet-drafts/draft-marques-pep-handshake-04.txt' />
   3.710 +</reference>
   3.711 +
   3.712 +
   3.713 +
   3.714 +<reference anchor="I-D.pep-keysync">
   3.715 +<front>
   3.716 +<title>pretty Easy privacy (pEp): Key Synchronization Protocol (KeySync)</title>
   3.717 +
   3.718 +<author initials='V' surname='Birk' fullname='Volker Birk'>
   3.719 +    <organization />
   3.720 +</author>
   3.721 +
   3.722 +<author initials='B' surname='Hoeneisen' fullname='Bernie Hoeneisen'>
   3.723 +    <organization />
   3.724 +</author>
   3.725 +
   3.726 +<author initials='K' surname='Bristol' fullname='Kelly Bristol'>
   3.727 +    <organization />
   3.728 +</author>
   3.729 +
   3.730 +<date month='November' day='4' year='2019' />
   3.731 +
   3.732 +<abstract><t>This document describes the pEp KeySync protocol, which is designed to perform secure peer-to-peer synchronization of private keys across devices belonging to the same user.  Modern users of messaging systems typically have multiple devices for communicating, and attempting to use encryption on all of these devices often leads to situations where messages cannot be decrypted on a given device due to missing private key data.  Current approaches to resolve key synchronicity issues are cumbersome and potentially unsecure.  The pEp KeySync protocol is designed to facilitate this personal key synchronization in a user-friendly manner.</t></abstract>
   3.733 +
   3.734 +</front>
   3.735 +
   3.736 +<seriesInfo name='Internet-Draft' value='draft-pep-keysync-00' />
   3.737 +<format type='TXT'
   3.738 +        target='http://www.ietf.org/internet-drafts/draft-pep-keysync-00.txt' />
   3.739 +</reference>
   3.740 +
   3.741 +
   3.742 +<reference anchor="PGP.wl" target="https://en.wikipedia.org/w/index.php?title=PGP_word_list&amp;oldid=749481933">
   3.743 +  <front>
   3.744 +    <title>PGP word list</title>
   3.745 +    <author >
   3.746 +      <organization></organization>
   3.747 +    </author>
   3.748 +    <date year="2017" month="November"/>
   3.749 +  </front>
   3.750 +</reference>
   3.751 +<reference anchor="bitcoin.wl" target="https://en.bitcoin.it/w/index.php?title=Seed_phrase&amp;oldid=66492#Word_Lists">
   3.752 +  <front>
   3.753 +    <title>Seed Phrase</title>
   3.754 +    <author >
   3.755 +      <organization></organization>
   3.756 +    </author>
   3.757 +    <date year="2019" month="June"/>
   3.758 +  </front>
   3.759 +</reference>
   3.760 +<reference anchor="ISO639" target="https://www.iso.org/iso-639-language-codes.html">
   3.761 +  <front>
   3.762 +    <title>Language codes - ISO 639</title>
   3.763 +    <author >
   3.764 +      <organization></organization>
   3.765 +    </author>
   3.766 +    <date year="n.d."/>
   3.767 +  </front>
   3.768 +</reference>
   3.769 +<reference anchor="ISOC.bnet" target="https://www.internetsociety.org/blog/2017/06/12-innovative-projects-selected-for-beyond-the-net-funding/">
   3.770 +  <front>
   3.771 +    <title>Beyond the Net. 12 Innovative Projects Selected for Beyond the Net Funding. Implementing Privacy via Mass Encryption: Standardizing pretty Easy privacy’s protocols</title>
   3.772 +    <author initials="I." surname="Simao" fullname="Ilda Simao">
   3.773 +      <organization></organization>
   3.774 +    </author>
   3.775 +    <date year="2017" month="June"/>
   3.776 +  </front>
   3.777 +</reference>
   3.778 +
   3.779 +
   3.780 +    </references>
   3.781 +
   3.782 +
   3.783 +<section anchor="iana-xml-template-example" title="IANA XML Template Example">
   3.784 +
   3.785 +<t>This section contains a non-normative example of the IANA Registration
   3.786 +Template XML chunk.</t>
   3.787 +
   3.788 +<figure><artwork><![CDATA[
   3.789 +  <record>
   3.790 +    <languagecode>lat</languagecode>
   3.791 +    <bitsize>16</bitsize>
   3.792 +    <numberofuniquewords>57337</numberofuniquewords>
   3.793 +    <bijective>no</bijective>
   3.794 +    <version>n.0.1</version>
   3.795 +    <registrationdocs>
   3.796 +      <xref type="rfc" data="rfc2551"/>
   3.797 +    </registrationdocs>
   3.798 +    <requesters>
   3.799 +      <xref type="person" data="Julius_Caesar"/>
   3.800 +    </requesters>
   3.801 +    <additionalinfo>
   3.802 +      <paragraph>
   3.803 +        This Wordlist has been optimized for
   3.804 +        the Roman Standards Process.
   3.805 +      </paragraph>
   3.806 +    </additionalinfo>
   3.807 +    <wordlist>
   3.808 +      <w0>errare</w0>
   3.809 +      <w1>humanum</w1>
   3.810 +      [...]
   3.811 +      <w65535>est<w65535>
   3.812 +    </wordlist>
   3.813 +  </record>
   3.814 +
   3.815 +  <people>
   3.816 +    <person id="Julius_Caesar">
   3.817 +      <name>Julius Caesar</name>
   3.818 +      <org>Curia Romana</org>
   3.819 +      <uri>mailto:julius.cesar@example.com</uri>
   3.820 +      <updated>1999-12-31</updated>
   3.821 +    </person>
   3.822 +  </people> 
   3.823 +]]></artwork></figure>
   3.824 +
   3.825 +</section>
   3.826 +<section anchor="document-changelog" title="Document Changelog">
   3.827 +
   3.828 +<t>[[ RFC Editor: This section is to be removed before publication ]]</t>
   3.829 +
   3.830 +<t><list style="symbols">
   3.831 +  <t>draft-birk-pep-trustwords-05:
   3.832 +  <list style="symbols">
   3.833 +      <t>Update terms and references</t>
   3.834 +    </list></t>
   3.835 +  <t>draft-birk-pep-trustwords-04:
   3.836 +  <list style="symbols">
   3.837 +      <t>Add Privacy Considerations section</t>
   3.838 +      <t>Swapped Security and IANA Consideration Sections</t>
   3.839 +      <t>Corrected typo in ISO references</t>
   3.840 +      <t>Updated Introduction, Terms and concept Sections</t>
   3.841 +    </list></t>
   3.842 +  <t>draft-birk-pep-trustwords-03:
   3.843 +  <list style="symbols">
   3.844 +      <t>Update references</t>
   3.845 +      <t>Minor edits</t>
   3.846 +    </list></t>
   3.847 +  <t>draft-birk-pep-trustwords-02:
   3.848 +  <list style="symbols">
   3.849 +      <t>Minor editorial changes and bug fixes</t>
   3.850 +      <t>Added more items to Open Issues</t>
   3.851 +      <t>Add usage example</t>
   3.852 +    </list></t>
   3.853 +  <t>draft-birk-pep-trustwords-01:
   3.854 +  <list style="symbols">
   3.855 +      <t>Included feedback from mailing list and IETF-101 SECDISPATCH WG,
   3.856 +e.g.
   3.857 +      <list style="symbols">
   3.858 +          <t>Added more explanatory text / less focused on the main use case</t>
   3.859 +          <t>Bit size as parameter</t>
   3.860 +        </list></t>
   3.861 +      <t>Explicitly stated translations are out-of-scope for this document</t>
   3.862 +      <t>Added draft IANA XML Registration template,
   3.863 +considerations, explanation and examples</t>
   3.864 +      <t>Added Changelog to Appendix</t>
   3.865 +      <t>Added Open Issue section to Appendix</t>
   3.866 +    </list></t>
   3.867 +</list></t>
   3.868 +
   3.869 +</section>
   3.870 +<section anchor="open-issues" title="Open Issues">
   3.871 +
   3.872 +<t>[[ RFC Editor: This section should be empty and is to be removed
   3.873 +     before publication. ]]</t>
   3.874 +
   3.875 +<t><list style="symbols">
   3.876 +  <t>Better explain previous work on Trustwords</t>
   3.877 +  <t>More explanatory text for Trustword use cases, properties and
   3.878 +requirements</t>
   3.879 +  <t>Further details of the IANA registry and requirements for the expert
   3.880 +to assess the specification</t>
   3.881 +  <t>Decide which ISO language code either 639-1 or 639-3 to use, i.e.,
   3.882 +ISO-639-1 (e.g., ca, de, en, …) as currently used in pEp
   3.883 +implementations (running code) or ISO-639-3 (eng, deu, ita, …)</t>
   3.884 +  <t>Adjust exact representation of wordlists
   3.885 +  <list style="symbols">
   3.886 +      <t>e.g. XML, CSV, …</t>
   3.887 +      <t>Syntax for non-ASCII letters or language symbols (UTF-8) in
   3.888 +Wordlists</t>
   3.889 +    </list></t>
   3.890 +  <t>Need for optional entropy value assigned to words, to account for
   3.891 +similar phonetics among words in the same wordlist?</t>
   3.892 +  <t>Need for an additional field, to define what a wordlist is optimized
   3.893 +for, e.g., “entropy”, “minimize word lengths”, …?</t>
   3.894 +  <t>Work out (requirements for) “smart” composition of the version
   3.895 +number</t>
   3.896 +  <t>Decide whether in non-bijective Wordlists the redundant words need
   3.897 +to be repeated in the IANA Registration</t>
   3.898 +  <t>Register only a hash over the wordlist with IANA?</t>
   3.899 +  <t>Does it make sense to open registrations for other patterns than
   3.900 +just words, e.g., images?</t>
   3.901 +</list></t>
   3.902 +
   3.903 +<!--  LocalWords:  utf docname toc sortrefs symrefs hoeneisen wl ACDC
   3.904 + -->
   3.905 +<!--  LocalWords:  oldid blockchain cryptocurrencies klima gelb weg
   3.906 + -->
   3.907 +<!--  LocalWords:  lappen trinken alles kaputt rasen durch eng deu WG
   3.908 + -->
   3.909 +<!--  LocalWords:  languagecode bitsize numberofuniquewords wordlist
   3.910 + -->
   3.911 +<!--  LocalWords:  registrationdocs requesters additionalinfo uri ITU
   3.912 + -->
   3.913 +<!--  LocalWords:  Firstname Lastname mailto http YYYY Bijectivity de
   3.914 + -->
   3.915 +<!--  LocalWords:  Kahn Salz Yoav Nir ISOC bnet errare humanum Romana
   3.916 + -->
   3.917 +<!--  LocalWords:  Changelog SECDISPATCH ita wordlists
   3.918 + -->
   3.919 +
   3.920 +</section>
   3.921 +
   3.922 +
   3.923 +  </back>
   3.924 +
   3.925 +<!-- ##markdown-source:
   3.926 +H4sIAH4CF14AA71c63LbyJX+j6foaKoSaYqERMmSJa3jRJbksRLL8lryOKnx
   3.927 +rAMCTRIjEM2gAdEcr7f2Nfb19kn2O+d048KLx5OkdlIVg0Bfz/U7p0+r3+8H
   3.928 +sUnSfHyqqnLUPw6CMi0zfaq2rs5enak3epzasojK1OTKjNRdUdlybopEvcR7
   3.929 +exoo9993VZronrrT01kWlVpFeaJ4hHOTW3ySIexWEA2HhX44VV8zfJCYOI+m
   3.930 +WE1SRKOyP0yL+/5Mz/qlb2f7e4dBjAnHplicKlsmQWBLTP4hykyOjgttg1l6
   3.931 +qn4oTdxT1hRloUcWT4upPMRmOtV5aX8MgqgqJ6Y4Db75dHqa5nFWJVqF4a6d
   3.932 +RIVOduXrhzIa290Hk93r4gOtJ5zeJ58D0KHPtEhze6qeheqF0blOrc75rWzi
   3.933 +mS7yVC99MgVIP7ucqeemyhOmBL8HWbQuT9XNUBe6UN8V0VDn6hF/i9MSmz1/
   3.934 +0T9+tLen3qV5qYtyUhXyEeOURIzbeVr+rIsM1OAPehql2aka8irCiV/FH0HQ
   3.935 +cNSdvCpAsklZzuzp7m73++7SXl+E6joq/l6Bzs1OX2COKE87X/7fNzqRRYRT
   3.936 +WcSv32duiimeHzSJ+Zvn549OHp1AOhT/ePzo4NC9Px7sH50GQZqP2h2u+heh
   3.937 +F1jXcPD4cFA/Hu25x/394xP3eHD06LF7PBoMmsf9vXreR8fHzY/H+4fHzY+T
   3.938 +R/vyg6Z2u2Z1EYLUn9ao0fp+pJiwDMHqlwloDb24r3dKL+/1wi7ymF69/u51
   3.939 +OM/EPJRRMSYGezrrPJyn9+lMJ2kUQip257tpnuiP4Wwy+wNbn9+j+wda14cM
   3.940 +ZuC30XT2byZL0uT3j8GC48HJwYEMLJYKjRXbDGrMH8BBvN/fGzzuDwZ4M0zL
   3.941 +2KT5l1bkm6TlmuXcap18mE2KyOrfykKOjh6d7H/zjpYolqq1HmqtXnPr7mpO
   3.942 ++ntHRK7bm6ODk/Urmc/nYWoNkwX/9tGwD7keV9FY92GotQ0n5TRrT7f10n1X
   3.943 +/F31aQKFjluBTHYeDnPMsXk+0iq0sCZOdbnguYeZGe8SAXf3jnYH+/00z80D
   3.944 +i3Z/VpifdFzavtUZ/tVJH2LfH+qFyZN+OdF9DNUfQY0gOrudhT7jNgpt1Ctd
   3.945 +hmqwr67qcdVrNy7oJ+MqjKu6fdRzGTdUV/Azmgw3fqFr+hDFC/WQRjA51qrL
   3.946 +PC4WM1JjsIPcQVQk6c/UdFboslyoy8gu8Mzd/ve//8fi2cBDmAweipbsXYE4
   3.947 +NzFqV1kSqdt0Ghn3mu3fVdh61xI8sPobtdaRwO/A0uWxtrup3wWbnD48V1lZ
   3.948 +51H6/b6KhuQd4zII7iapVXCHFbVWdqbjdJSC20SYVVfK3jhLczQAEYParcLf
   3.949 +QUTiIh3iS2yKQtuZYYqqot0f1Ih1UuFzjzx5gN8PKQlXpMZ+aGZPXGi2ES3P
   3.950 +TVroFxiL1w+D1hIUiMBeF/PIizTHuDm2XkSZ8tKutnU4Dntg5RgjTnZ6wXyS
   3.951 +xhNY9Y9RgsGnaIv1Ym4ZcRrNYFFUacCPCu0ifkNLm8JM2eBBF/WCZH/WYkNZ
   3.952 +eo+doJkuIA4gLVY2iwroXm7V1GDgGTEAHbNeQKAmQz/qDwKURk1TC4nUBWMO
   3.953 +WksojJumSZLpACJwBR9lkipmnxNcYe5qmKUxGUvFQmrGRTSbLHp+ZqyYmEqs
   3.954 +gRqQZkgPhR5Ba6XMWqUj7BXIiboQUau83mNUlDlWBvICrjyANpCgh7SMsgAL
   3.955 +17kFe9EtKqkvHvE1N1CfHMrOenzNe1Db11d31zsqKssovlcYGN+C7lQx3EGu
   3.956 +s1DdTbTtkJPGhE/MMmyWgCBEA4uNqEeaB3hssxMvidZYc08Js4mxZlQCD0BT
   3.957 +aj4oaAHAgjVTLTzZzA6hEQxTZfGW5JAalemYMGrJq8WsWaaxYkKFGmJCgrWw
   3.958 +pZ5azA1VbWQ7aIRDRRA7/H9GtlMMGOaXEdeIaKiaUWzwD2qAIwpPEnyFHry1
   3.959 +Hc20ogmqrQnBr9EEv0Ciqafnc6Lvx4jsWI+2AYD3O1sb5OFCXehRVGUl8Whm
   3.960 +bMry8ulTG4Z8/rxsHTA47UCNojjNILHglSaDDRGCEJadHbCBIw6Xpo9/wGxv
   3.961 ++sOWUWoxLnVsxRSIKcBeUp2ZxnaCSQQ2mtkMUQKE27K0QXL1RxLwMTo0mgiO
   3.962 +Xsq2bSdwCcj8WdkBdh9XsLGgJeHerrGH/YX8DMmMQmSVqGCuzm+/DwRGngYb
   3.963 +gGmiH+BDQMxdjArhgC3eHaWZ3i3T2W4yDNnKREkitAYZ15Gtp5ZoHmXWyLKJ
   3.964 +oIZsArZbYBpWDDapVr2opjAQb3SUREPYhsH+MYKyUv0ZBAFXHcT9/LmnbnId
   3.965 +3KVTuHX4Y5ll++bu9Y5vdbT3+bM8E/ylHre3L9TE2JIsY9Bd6vevX0E1C7xU
   3.966 +MQIA+aKX9gO1Tx/ExUP4Sh0Ql4ikwDLxPRscBd3IvFNy/osssHAJ6EfcHdEM
   3.967 +zIIUIGgJCNJOYGDSnzUWAYdXMv9VFBcGrmAK4U7BWMz/kMYkDfNceB8p0r+M
   3.968 +xbkIROZbMPnzZxiF51XBlIZPjWixghVIItEJgtXWDFqv2xutAB4iNiDBgvYY
   3.969 +R9xcZVhSzzO86/PQ6vIjTKlNiXPXUPpoTOSiDb+GtyFEQiCMYZDa/sv169c7
   3.970 +AXOI4g/iEOanNfwlPNw72cgIpnhh5mQfpDsFNdgsnCFijDf671VasBpY5ZEr
   3.971 +wRvZk+x06/rt7d1WT/5Vr274+c3lv7+9enN5Qc+3L85evqwfpEWAHzdvX7rv
   3.972 +9NT0PL+5vr58dSGdr8/+uiV83rp5fXd18+rs5RatugTECmqIRToBORiSVpZk
   3.973 +EjVBUjDJA6iE+nz69BsS4cHghHcoe7zTxdTKnkYmy8ycfTq95FETDSvr4C1x
   3.974 +2sZmpsWHtzAeAsrgW7YbL+pYi/yrxy7UgbweCZdnuLBTdJdEAz8CgqmJnsE0
   3.975 +0q6cp6alg9Jk/Ixwb9G2B9vE6ZYTxyDk7mCPs2wIFLBDnj6tLVhC6wBomJFP
   3.976 +poGxk8JU44nScMRDcl6aInNMNCQ3vw47QGrZAUVqNsFwaE22N3SuYm3oCb/x
   3.977 +5DfAWmtBdqk/ln3WfLvbhLkMrVW///Rre5pR1fT5to2OpmvQ0amKR6FYNcoV
   3.978 +kM6IyyZgrxEsbJ1hY2TeGQUJuptDHUoHVR3IAndqV+/ekY0gOYz1TPgB8ZUA
   3.979 +DGPAR01NIgFBQ12IGDxGxLgosqBfAcBAjCR2GcqhsFd34JFCqZIGaOAigZIu
   3.980 +s2DLESTyc7gVsLyzTJ6bnBbWTeFdy6ZYJ5yvDIIzyFGGoCFZqCS1cQXokfS+
   3.981 +BjEKxtkMGUN1psrFjFx2B8Vkxtw7cEP6BbV6CrP76HhfXZ4c7qt9PKqjwfEz
   3.982 +tTd4dq4OBhfn6vDR/rG6ePz8TJ2d4+fB88EB+VRAwijx5FqFX12PSmovIAn0
   3.983 +d7gRKwCS7QA/3loN+GTsFPo8McZynNvGVwGLwxCa3d5hr4F8HiqqdsA3TceT
   3.984 +kjyfjmAQHAESM4azJR8DW832ooTfgoKXahiVEFhaQYbnHP9T9ymh5cjei1Gz
   3.985 +CIc7NO5MAbH5DrYOpqFNDzfvfQaKqbHOhtg12oMOGrYRo9xrQtMEp+6jWVWW
   3.986 +ivInuSoq6CHpBKLReBIEr0wpdhBL1x6AEWnJmqZZVjUxrAMvEPdsIfae2sE8
   3.987 +BgwVyAIXZooPC8F1ZKWW4lhxWvCODymIRTxzJBhGFjgwXif2PuzsC6S6z4mw
   3.988 +bD6HKSIW7DUOmkC5zwtfD7sJqs51lvW9T9BJB3UG7DD8ImrgPE/BQOCv/pfw
   3.989 +F6G0YCMWi2Ri+pdkjjJs73xWXm1vvZYkynfGJIGH+vWWtjCUpP/aCIdMTW8F
   3.990 +bjHKiQKbTtMsKuqtEEmW4ZyArk+fmlwee9z3P7z/Qd3dXNycgjKzjEAeh8Qz
   3.991 +z7PKkmYR8TGuQ1tsPBtYFzDFrI5dcJK2Qnbaw/sf3/8YBG/0mLJI5MpNEi0Q
   3.992 +5eRak4LVU0mIA64rDiTKtv8P7AR4ErylQO2UXPstGbld6ENKlromXx37jnVO
   3.993 +sWhGQM9SBIWtscEWbpaUcXJ2hYa7/EgBC1bXjOREouJBSAtU9BCB0IT/CA2K
   3.994 +sXDzYTRei3UmCJwZVVlOSIPYkZu8762LhZ7fE7wLOsyVNAIjnHTkU1wCrJYU
   3.995 +hvdPatQO0IT1thojEieK0Ghpzl4v5/1yDoCMH1g6pLhwUftBSBR+8kKxWbG7
   3.996 +FI7WJpt3T+sodTzJJa7r2+jhYRHSWhAwTckOkDgSlLYr4REPQH5LbUeZqZId
   3.997 +MkguV1MzgpXW4bMeDJgY1gmjJGYNVkkugBDSYkba/Jz9cB1AY0LnNMSk1n6D
   3.998 +WdJKCbVWJ+sgUgh0csBJfV+jLb8yoJsqdjlDkl2i6b3WM4EZcQlBCdp5CsUy
   3.999 +y1kdF47Am5KharcBgAJZrAxLeyHlmS3YCjneSzaFrQqUkF2jCBW5voLGS1JW
  3.1000 +tqgQQ41hygkUqr1g8uBZCq/E/OSdlixRGWTSJRlhq19xaqhjkZu5fLRxJT48
  3.1001 +X9eWUU+zHrLBWG9PaEExcVSUzvgSikoRQ9UQwGdsWuZ8x4Pkxkn7uLCJ7YjE
  3.1002 +FblqksHWWuZwaDWnhtqLQ+JVVgyDW/MMnhEYTpBTnSCrw4U6aSOuMCNRhg0R
  3.1003 +EieNTkmOTF5vphLnDdeujBNAwa9MALHMyhoHR5RRCCzeRAyeusRbSZIJrlck
  3.1004 +pIUeeUMEEsOub2P6ZvlwIP2HKKtAkygt7A6DLxC8+55YCdNfwaqC9UeHhwdH
  3.1005 +GP2FmVNqsLdEESBj4GrFvf1a2QcTR4J6jdNoQV8sWXxvEdh3y0i8egr9AIgL
  3.1006 +PYtyEE6kJoiSpKD0HCcUKuuTw4zAeFaOymvG9JiE7CV4EoqksD1MAAvHORxn
  3.1007 +3RziZ011iBYzcxagdGE81D8jI5QtvJCQN2+n+6LlrD9GerS/t7fnXBT8EWEI
  3.1008 +1veAdTBvT5qZ8Yf9be5Q5zYxK0eOkOHBYXhwRG6b5duJhQNXhPYtRye51eAA
  3.1009 +pS54e90FWY/4MMxPYjkh3jdilQT2UjTZE86sdmYQP2oT2AYuKCFOYA9eTwk/
  3.1010 +OAPhk7HbjZjwJ9cWQXKwIsRpK+pxiGCnnQOHgU0lWCc7nObBci5xzr63paCC
  3.1011 +QFgg2dWQmDj3U2fzAtAVmLCTFQsbiE0S0D7GaVvuYqlw4wEuhnGFbNoGXXMx
  3.1012 +69h4sdRN8ucsKyecLvAAI3UJ1Kjg3ChxC+NkicjtQwRRm0Y/Gfb5Ir3BODPk
  3.1013 +7WZmVmW1ABPn3Zh9Bi0cUrEQR51koFAqEMzDNpqYmmiJzzjFMqQMG17DhnEG
  3.1014 +rQf5hY1Kf/azBaSnbIDDrjH6FXQMlkUQHPJgqqzFxboUbzuZKQJA+GFCKVqX
  3.1015 +0wW7p7NSMGuTjAkYMC2dFxFeKtnbkaNd1CdDC8V5EZcKwCr9KsLgrJTdlYgz
  3.1016 +enR4BCCQ9ZlTDZLq6o/YCWw4t8KmII5mzvOIzA41nfZQsoryGWRznuk4ouEY
  3.1017 +vjU9vWeDFE+YPlh0n31bgtDR5+77LYBCTirTHxkpSuTHR6dBhwl8dDQzHFjz
  3.1018 +jGYGmNGJ8NqLwPbl6DvYnMoTeScUxYpfp1zEoASXnMRdIpHLYJJrzSiqJgwL
  3.1019 +OYDtAY2aE6I01GEvsHM02QVPrRsUKp5VBZ/2FmYclQYT+E49pcs43PFOx1Ox
  3.1020 +mRDKSikq8TnubMtDfloHx1ctLNoIBKWDbj0Y7xZ+cdjswgNIileIBrvHneYy
  3.1021 +lkcRy0PVQZ8LzeiYdbXWDJSlla4Y20JS0JZxntctq7thPDwMYBBramNsiQCc
  3.1022 +Z2DxpEzTkr6ST+SVOJFi+Ci2pZUKFUTdbucE2kCfEaTFsfGBpoTlVGAEkAQb
  3.1023 +s4UgV8OXvEHIqedbksW+7VgXl2FPtnx0LPbcnzQkukQMaL0MdldLwxXtDD2d
  3.1024 +BTFWkGnZMlqCkyztXavmkjA+yLZllQB5nNXRPexVYSI5R/IgyZ0vDB7z9rzt
  3.1025 +kaiZCCX8hfZ0yhvqKsPtv1y/VPGkyu93guC/6v8QPzyh05EiecplGU8876lC
  3.1026 +5qmr3uAMsK+V6R8Idgc+GZPWVD0VhuEOp3258e7qEE8ImwBmdgYEUBQYz8Cl
  3.1027 +i/0ZJrBlqCuV3H8y93EPMGdl4s4sT8S/mpEgT5bUzvwr2FQcsHCYDj1Xp90/
  3.1028 +xKQMdFfm3jjbkxpQdWaHF5LDh4J9r8Rtdinmg77059Gi77Dc6oIWhFBz0yVC
  3.1029 +Z7onMJkU9HUmd+88CVwAWkd9K9MMw0G4j4nCvXDgdt6asTPDk7aewqx3aX7O
  3.1030 +p8ON3pLb6dctPgIJMAb7/VYxirc4J8+P+4eHg61dP9/6GZ6QNlI+pPgHp5Qz
  3.1031 +GT/rn8wk/3BhtJ/2i22jXH+4iDLdXmN3MU/8KTNwUD4y9ZgIBSOuanlaU51X
  3.1032 +fac/lqIFTUdVl02SDRmaqqMYimWIco8CHBjQNsLc3vTuyqxPEKpTynZ5FeyI
  3.1033 +nGq6Jj77R6GRMZ1hO4Pg55otP5m7Bf4KHs33no4QhZZPdvFUvxw8xUIgAHg7
  3.1034 +8G9/gGj+WLcgRT18mgHh+Ge3sPYaiFXO/NGvmTbwYK6hO6VLk5Y41AugSren
  3.1035 +svzntDr6DaTuHrB8MgrUxncwxdi1vynGUe7h8KumObXwreHqXWuqSC3NKVkK
  3.1036 +KnM4VW/fXLkO1KjuMKOSusR1omcl0qL+iv/619f9iwvfzTV15JBtul/UGfGt
  3.1037 +Rj+3fZ/trWuo3HvhEHUXkrWcSnDGRYHu0KaWSY7P8tgAZIwlR+HAqtVB7Z6s
  3.1038 +nACU3nFRVQaVzukNBXzewwl0XPmOteRrAATni/gs2GXeRpE/ftaCYCj1/E0r
  3.1039 ++AJkQpSz/b7jId8/3ZFTjqxdWeq8sis5rN1mFwR8+iTVrZ8/9wLJhXmH2kUj
  3.1040 +VxxqrMAFH/N6cCKzBB2AY6nn1FCRYZWWHHQSLJFECXdrQNzvgrq6y2MJd37i
  3.1041 +zgVoBXJaddoBEOwglnADNrEMA9rSQWR9hhDqlgpFQFHnt2ti0gEEvWBI2Mki
  3.1042 +DSXrDuFcixd04GVNgGPTsWUIW8nLJojg8glgz331H+pv2zVe2flbuI4OkmKp
  3.1043 +BXstQfwQg6MWMFmmgsvB3ozUW8Eg73hx77fXoZeaPhuQC9OFdKzZbLhuZeug
  3.1044 +CoOaDShmlXWCMCgWYe45wMHre+dwjeTJaqLXNmDC2m1yTVVolIN32KanphpG
  3.1045 +0R0T/CI2U/CvdHy0jl/fw+HwMQlleU/VNqEk9f4/KZjaWc8pj5jQsAOglnf+
  3.1046 +vcNN2LUDPTVPPKRy+ljv1wlWvQ+BWlHXYHQ1vlP4w1nwLTuFb93isNwnht1E
  3.1047 +XSgXrA0tnD6v7twjN8Z3LSC3vO+Owb1wsfq23SFCLKMxpsgbX7hNjaTas9PP
  3.1048 +WV6fpPXUWrfGTXjyS3jx0cnjkxZwW4MY/5nRj/EfRlfbZmhNxsVOCP8RnakT
  3.1049 +/LfzFSNQu392fT9c5a6glrHhHVW4dLJUZFJM3qs7bNUySQLy3JihRJo+M7bV
  3.1050 +NL26e9t/Dq7LjS8pplTPwsHJQQ9vM8oRqcd4vsYI+3t7Jw3oWrOVVWHy0FjE
  3.1051 +x/+qVUnwhVXuU1Pm3U2ktgWHKnj58DaQumJ3EuguJ9iV5usFbTl++JXxQQf0
  3.1052 +1wC/BSh/EVQ2wJI+QWN0F0PWONK7pKs8Dju4scaODjX+hHHCxOg/uqOIECzt
  3.1053 +4MYOdtzfGxz39476+3tLIHEVKG5Cfg60jJpS+c4Zi6pp5E/Bp0AgZCDp43um
  3.1054 +9/ungcNgnA2ve/gD8q7QeLwmh3V0jPPe0RjfGFFuGkWW34wQinz69M9VK9qC
  3.1055 +oHajGRbWs3zhzkbakVlb7hKtp1KNJoK8VvDWh4ad4JBpSF/V2MCZEeHWRXEr
  3.1056 +IdeXOUPZRT7fWBtiMoPkDsPq7j3NuEZ8SocliSNfbWVAMx9o1ao9qgC7N8ao
  3.1057 +y6BNnL73oFEwM3P5sE8xgr/Zk0ihl3T2yyKtsVIJTW2pYLau2NaYQXftSLui
  3.1058 +05bwtVJiqPZ2pMq5GZmPtch3WXfCwueZUrSQ5glQUQJDtOHw1clesD4lvCoZ
  3.1059 +y8HyhmB4UzjcDYi/EBJ3g+LgR/VjV3Ra4ISJ/JFq5JdOQZeBz7qgJQzqLPRZ
  3.1060 +TOVemU7GQlUWD682c1NliatENGw77rs1Qkp0FzGQkbMQd+0qCUZaJ0O+foM5
  3.1061 +03HOwRDXiuVlkQ4rcY0OkiT6QWdmxhLjjiLqsuZTdZYjUJqrW8hs+hBBH86z
  3.1062 +qEpSo15W8X1PXQCu6kz9OYKl/i7NpLLnz5qc0LMCFDAZHCRCtAiN3tC/EADS
  3.1063 +KnpWt1H2c099z5ejAaiLezFffzXRg3qVFqG7xsYJlznXu6e+YIGDYYYc3SvC
  3.1064 +PS+qVL5COW9Qg95oKmVPfJDkrhtSd44b3Y1GdStXGn9nl+4RBq8LunYFHKD8
  3.1065 +kU9zQ/ByFkocKxcnP38O5E4XMaA+aqDIvk5D19WtcmjqUgu1SkVcPVXfJvYH
  3.1066 +6J0UfCe6rweu8wfh16e30fGL2epO6Ca+eU18dPj44ODx1yWAc7M5P8vJ1a9O
  3.1067 +pv7LU6WbgU6VpZX9cB5pGxX/kgQns74TEPJJppmV6RSkFiPtGxPb3xiqkfW3
  3.1068 +U+nOFB/EhZvymV+beoQF1UURkS/tZhb5YLia/lJqUX9lZvGLicUOebvZRfmm
  3.1069 +5NuabOI5cFwk1IlWs4ceAfIgYUxjbESBNQIcIDLpD/b7B4MvpAlr5Ke64L4O
  3.1070 +8VxCNzNj5zsoOLoES0zhyyWc5vtDP5isqaFC4yEXA7jrY+JZxGd8+8W/bEH3
  3.1071 +j79Vb3nF/gIJn9D56spfGOCRDHCWJBuOUv2KudntXNJO9Qnu+r/hQd/lfJU6
  3.1072 +ndMlYr6tDTUzBAUoaddaYbODpHMXtifXZHgSX/xZj/zlbR106LI013WaU0oX
  3.1073 +bPmlYfZPlzoYCB5fKaDLoLywYTVWo/SjGxp0xCYEtfL1UDD5hmrYr6ytmjYu
  3.1074 +paa9U/jiIgayiCu5hgIr4T09VyiQtJNPkkQzsePy7nl/sDdQt5fnF1e3r8/u
  3.1075 +zl+od99JkEv4ih86S9VUFp1LDQDdbVG7cod5BLEm8OjA/ZRyxr5qw43yzKcs
  3.1076 +qe4F1miqIYS8Xqq1TuOUai74bkunKMJVzFZl34z6UhIhd51aNREtgjJ1Gq/a
  3.1077 +Scv4hLlssFsj0Ku3xkdHDAqkNr41eK2zxKwzunGQpB9b3xv+1drbbgj1b3P4
  3.1078 +F/TeThjiQfGp7EYUaNkWiG1aNQhhbRGe6ZIiOu3K2Wft2wfErVYxGl1JWsvj
  3.1079 +btFNq6yZqjDp5p4IOBbTPu6n8f7hOgHV1Alg2C9UCtAsF/idaJftJ4vRPWrQ
  3.1080 +Ka+BThgGhHnlqEGOVnpKil747L4vTVzdbRzRUQOdObjzXMitu4GbLeqaAwA8
  3.1081 +dF6uoNsuqpxTd7SAHZrUD0+lAXVVQFpGMjaGCEiIfqJIf1Ps4D2nSCTHPxDx
  3.1082 +Ht3y5VHE7i7Q42NdZX92e351BRUtOZmElzVp7GI6NGDJ9lsYgeMdqgMkWXpX
  3.1083 +T4IFvdLuZqGZueDXV1xKiSuYgvhBzqlcqRCxKuY/puMwii/Y8EXWEJWpcTcL
  3.1084 +6oJ+LkH1+/tDZ+oobwffCGa5cs+4i49gOmX0674cbHuUFPD1uJ4Sfm65tdOt
  3.1085 +zSmCBWrijjfAkXJit5iKPPs71o4KEfqyYO58RaYZ87pcc1s4tUuDMF9qiNsQ
  3.1086 +3GXwEgpWcl/gSVXRogCs9DMJbBzV1pzkfet+UxKA72gQeJzI/U1fJcZ04kiH
  3.1087 +BuD9XlDKJC35Tj8MUG45qjQzDpSa8UU13XVuqgcsOMbni6Esuk4IhODplMoL
  3.1088 +Mb7cj1QvqcSRT29OFf19MOX+IBemius/puX/lpaq/6SUmmd8dS5orlp2h+I/
  3.1089 +otO+mL1yMah1UWyuxxsHcpfIvnCBjO+N0Skk6S9c5ReGakIm5QIktSb+qRmy
  3.1090 +caTl+KRJ01nVxfD0B6goL71xqDWH8IKA+dScD8E7J1eJ3jgUh/QUodfxOP9x
  3.1091 +IEUxrpKIQbkQwaHvjUM1TrUNQ2Aa2waP+v4f9v8Rcl9OAAA=
  3.1092 +
  3.1093 +-->
  3.1094 +
  3.1095 +</rfc>
  3.1096 +
     4.1 --- a/pep-trustwords/draft-birk-pep-trustwords.mkd	Wed Jan 08 18:37:41 2020 +0100
     4.2 +++ b/pep-trustwords/draft-birk-pep-trustwords.mkd	Thu Jan 09 11:38:44 2020 +0100
     4.3 @@ -505,6 +505,9 @@
     4.4  
     4.5  \[\[ RFC Editor: This section is to be removed before publication \]\]
     4.6  
     4.7 +* draft-birk-pep-trustwords-05:
     4.8 +  * Update terms and references
     4.9 +
    4.10  * draft-birk-pep-trustwords-04:
    4.11    * Add Privacy Considerations section
    4.12    * Swapped Security and IANA Consideration Sections