<?xml version='1.0' encoding='utf-8'?>
<rfc xmlns:xi="http://www.w3.org/2001/XInclude" version="3" category="std" consensus="true" docName="draft-ietf-cbor-tags-oid-00" indexInclude="true" ipr="trust200902" prepTime="2020-07-31T09:34:57" scripts="Common,Latin" sortRefs="true" submissionType="IETF" symRefs="true" tocDepth="1" tocInclude="true" xml:lang="en">
  <!-- xml2rfc v2v3 conversion 2.47.0 -->
  <front>
    <title abbrev="CBOR Tags for OIDs">Concise Binary Object Representation (CBOR) Tags for Object Identifiers</title>
    <seriesInfo name="Internet-Draft" value="draft-ietf-cbor-tags-oid-00" stream="IETF"/>
    <author initials="C." surname="Bormann" fullname="Carsten Bormann">
      <organization showOnFrontPage="true">Universität Bremen TZI</organization>
      <address>
        <postal>
          <street>Postfach 330440</street>
          <city>Bremen</city>
          <code>D-28359</code>
          <country>Germany</country>
        </postal>
        <phone>+49-421-218-63921</phone>
        <email>cabo@tzi.org</email>
      </address>
    </author>
    <author initials="S." surname="Leonard" fullname="Sean Leonard">
      <organization showOnFrontPage="true">Penango, Inc.</organization>
      <address>
        <postal>
          <street>5900 Wilshire Boulevard</street>
          <street>21st Floor</street>
          <city>Los Angeles, CA</city>
          <code>90036</code>
          <country>USA</country>
        </postal>
        <email>dev+ietf@seantek.com</email>
        <uri>http://www.penango.com/</uri>
      </address>
    </author>
    <date month="07" year="2020" day="31"/>
    <keyword>Internet-Draft</keyword>
    <abstract pn="section-abstract">
      <t pn="section-abstract-1">The Concise Binary Object Representation (CBOR, draft-ietf-cbor-7049bis) is a data
format whose design goals include the possibility of extremely small
code size, fairly small message size, and extensibility without the
need for version negotiation.</t>
      <t pn="section-abstract-2">The present document defines CBOR tags for
object identifiers (OIDs).  It is intended
as the reference document for the IANA registration of the CBOR tags
so defined.</t>
    </abstract>
    <boilerplate>
      <section anchor="status-of-memo" numbered="false" removeInRFC="false" toc="exclude" pn="section-boilerplate.1">
        <name slugifiedName="name-status-of-this-memo">Status of This Memo</name>
        <t pn="section-boilerplate.1-1">
        This Internet-Draft is submitted in full conformance with the
        provisions of BCP 78 and BCP 79.
        </t>
        <t pn="section-boilerplate.1-2">
        Internet-Drafts are working documents of the Internet Engineering Task
        Force (IETF). Note that other groups may also distribute working
        documents as Internet-Drafts. The list of current Internet-Drafts is
        at <eref target="https://datatracker.ietf.org/drafts/current/" brackets="none"/>.
        </t>
        <t pn="section-boilerplate.1-3">
        Internet-Drafts are draft documents valid for a maximum of six months
        and may be updated, replaced, or obsoleted by other documents at any
        time. It is inappropriate to use Internet-Drafts as reference
        material or to cite them other than as "work in progress."
        </t>
        <t pn="section-boilerplate.1-4">
        This Internet-Draft will expire on 1 February 2021.
        </t>
      </section>
      <section anchor="copyright" numbered="false" removeInRFC="false" toc="exclude" pn="section-boilerplate.2">
        <name slugifiedName="name-copyright-notice">Copyright Notice</name>
        <t pn="section-boilerplate.2-1">
            Copyright (c) 2020 IETF Trust and the persons identified as the
            document authors. All rights reserved.
        </t>
        <t pn="section-boilerplate.2-2">
            This document is subject to BCP 78 and the IETF Trust's Legal
            Provisions Relating to IETF Documents
            (<eref target="https://trustee.ietf.org/license-info" brackets="none"/>) in effect on the date of
            publication of this document. Please review these documents
            carefully, as they describe your rights and restrictions with
            respect to this document. Code Components extracted from this
            document must include Simplified BSD License text as described in
            Section 4.e of the Trust Legal Provisions and are provided without
            warranty as described in the Simplified BSD License.
        </t>
      </section>
    </boilerplate>
    <toc>
      <section anchor="toc" numbered="false" removeInRFC="false" toc="exclude" pn="section-toc.1">
        <name slugifiedName="name-table-of-contents">Table of Contents</name>
        <ul bare="true" empty="true" indent="2" spacing="compact" pn="section-toc.1-1">
          <li pn="section-toc.1-1.1">
            <t keepWithNext="true" pn="section-toc.1-1.1.1"><xref derivedContent="1" format="counter" sectionFormat="of" target="section-1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-introduction">Introduction</xref></t>
          </li>
          <li pn="section-toc.1-1.2">
            <t keepWithNext="true" pn="section-toc.1-1.2.1"><xref derivedContent="2" format="counter" sectionFormat="of" target="section-2"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-object-identifiers">Object Identifiers</xref></t>
          </li>
          <li pn="section-toc.1-1.3">
            <t keepWithNext="true" pn="section-toc.1-1.3.1"><xref derivedContent="3" format="counter" sectionFormat="of" target="section-3"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-examples">Examples</xref></t>
          </li>
          <li pn="section-toc.1-1.4">
            <t pn="section-toc.1-1.4.1"><xref derivedContent="4" format="counter" sectionFormat="of" target="section-4"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-discussion">Discussion</xref></t>
          </li>
          <li pn="section-toc.1-1.5">
            <t pn="section-toc.1-1.5.1"><xref derivedContent="5" format="counter" sectionFormat="of" target="section-5"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-tag-factoring-with-oid-arra">Tag Factoring with OID Arrays and Maps</xref></t>
          </li>
          <li pn="section-toc.1-1.6">
            <t pn="section-toc.1-1.6.1"><xref derivedContent="6" format="counter" sectionFormat="of" target="section-6"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-applications-and-examples-o">Applications and Examples of OIDs</xref></t>
          </li>
          <li pn="section-toc.1-1.7">
            <t pn="section-toc.1-1.7.1"><xref derivedContent="7" format="counter" sectionFormat="of" target="section-7"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-cddl-control-operators">CDDL Control Operators</xref></t>
          </li>
          <li pn="section-toc.1-1.8">
            <t pn="section-toc.1-1.8.1"><xref derivedContent="8" format="counter" sectionFormat="of" target="section-8"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-iana-considerations">IANA Considerations</xref></t>
          </li>
          <li pn="section-toc.1-1.9">
            <t pn="section-toc.1-1.9.1"><xref derivedContent="9" format="counter" sectionFormat="of" target="section-9"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-security-considerations">Security Considerations</xref></t>
          </li>
          <li pn="section-toc.1-1.10">
            <t pn="section-toc.1-1.10.1"><xref derivedContent="10" format="counter" sectionFormat="of" target="section-10"/>. <xref derivedContent="" format="title" sectionFormat="of" target="name-references">References</xref></t>
            <ul bare="true" empty="true" indent="2" spacing="compact" pn="section-toc.1-1.10.2">
              <li pn="section-toc.1-1.10.2.1">
                <t pn="section-toc.1-1.10.2.1.1"><xref derivedContent="10.1" format="counter" sectionFormat="of" target="section-10.1"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-normative-references">Normative References</xref></t>
              </li>
              <li pn="section-toc.1-1.10.2.2">
                <t pn="section-toc.1-1.10.2.2.1"><xref derivedContent="10.2" format="counter" sectionFormat="of" target="section-10.2"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-informative-references">Informative References</xref></t>
              </li>
            </ul>
          </li>
          <li pn="section-toc.1-1.11">
            <t pn="section-toc.1-1.11.1"><xref derivedContent="Appendix A" format="default" sectionFormat="of" target="section-appendix.a"/>.  <xref derivedContent="" format="title" sectionFormat="of" target="name-change-log">Change Log</xref></t>
          </li>
          <li pn="section-toc.1-1.12">
            <t pn="section-toc.1-1.12.1"><xref derivedContent="" format="none" sectionFormat="of" target="section-appendix.b"/><xref derivedContent="" format="title" sectionFormat="of" target="name-acknowledgments">Acknowledgments</xref></t>
          </li>
          <li pn="section-toc.1-1.13">
            <t pn="section-toc.1-1.13.1"><xref derivedContent="" format="none" sectionFormat="of" target="section-appendix.c"/><xref derivedContent="" format="title" sectionFormat="of" target="name-authors-addresses">Authors' Addresses</xref></t>
          </li>
        </ul>
      </section>
    </toc>
  </front>
  <middle>
    <section anchor="intro" toc="include" numbered="true" removeInRFC="false" pn="section-1">
      <name slugifiedName="name-introduction">Introduction</name>
      <t pn="section-1-1">The Concise Binary Object Representation (CBOR, <xref target="I-D.ietf-cbor-7049bis" format="default" sectionFormat="of" derivedContent="I-D.ietf-cbor-7049bis"/>) provides
for the interchange of structured data without a requirement for a
pre-agreed schema.
<xref target="I-D.ietf-cbor-7049bis" format="default" sectionFormat="of" derivedContent="I-D.ietf-cbor-7049bis"/> defines a basic set of data types, as well as a tagging
mechanism that enables extending the set of data types supported via
an IANA registry.</t>
      <t pn="section-1-2">The present document defines CBOR tags for object identifiers
(OIDs, <xref target="X.660" format="default" sectionFormat="of" derivedContent="X.660"/>), which many IETF protocols carry.
The ASN.1 Basic Encoding Rules
(BER, <xref target="X.690" format="default" sectionFormat="of" derivedContent="X.690"/>) specify binary encodings of both (absolute) object identifiers
and relative object identifiers.
The contents of these encodings (the "value" part of BER's
type-length-value structure) can be carried in a CBOR byte string.
This document defines two CBOR tags that cover the two kinds of
ASN.1 object identifiers encoded in this way.
The tags can also be applied to arrays and maps to efficiently tag all
elements of an array or all keys of a map.
It is intended as the reference document for the IANA registration of
the tags so defined.</t>
      <section anchor="terms" toc="exclude" numbered="true" removeInRFC="false" pn="section-1.1">
        <name slugifiedName="name-terminology">Terminology</name>
        <t pn="section-1.1-1">The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL
NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED",
"MAY", and "OPTIONAL" in this document are to be interpreted as
described in BCP 14 <xref target="RFC2119" format="default" sectionFormat="of" derivedContent="RFC2119"/> <xref target="RFC8174" format="default" sectionFormat="of" derivedContent="RFC8174"/> when, and only when, they
appear in all capitals, as shown here.</t>
        <t pn="section-1.1-2">The terminology of draft-ietf-cbor-7049bis applies; in particular
the term "byte" is used in its now customary sense as a synonym for
"octet".</t>
      </section>
    </section>
    <section anchor="oids" toc="include" numbered="true" removeInRFC="false" pn="section-2">
      <name slugifiedName="name-object-identifiers">Object Identifiers</name>
      <t pn="section-2-1">The International Object Identifier tree <xref target="X.660" format="default" sectionFormat="of" derivedContent="X.660"/> is
a hierarchically managed space of
identifiers, each of which is uniquely represented as a sequence of
unsigned integer values
<xref target="X.680" format="default" sectionFormat="of" derivedContent="X.680"/>.
(These integer values are called "primary integer values" in X.660
because they can be accompanied by (not necessarily unambiguous)
secondary identifiers.  We ignore the latter and simply use the term
"integer values" here, possibly calling out their unsignedness.)</t>
      <t pn="section-2-2">While these sequences can easily be represented in CBOR arrays of
unsigned integers, a more compact representation can often be achieved
by adopting the widely used representation of object identifiers
defined in BER; this representation may also be more amenable to
processing by other software making use of object identifiers.</t>
      <t pn="section-2-3">BER represents the sequence of unsigned integers by concatenating
self-delimiting <xref target="RFC6256" format="default" sectionFormat="of" derivedContent="RFC6256"/> representations of each of the integer values in sequence.</t>
      <t pn="section-2-4">ASN.1 distinguishes absolute object identifiers (ASN.1 Type <tt>OBJECT IDENTIFIER</tt>),
which begin at a root arc (<xref target="X.660" format="default" sectionFormat="of" derivedContent="X.660"/> Clause 3.5.21), from relative object
identifiers (ASN.1 Type <tt>RELATIVE-OID</tt>), which begin
relative to some object identifier known from context (<xref target="X.680" format="default" sectionFormat="of" derivedContent="X.680"/>
Clause 3.8.63).
As a special optimization,
BER combines the first two integers in an absolute object identifier
into one numeric identifier by making use of the property of the
hierarchy that the first arc has only three integer values (0, 1, and 2),
and the second arcs under 0 and 1 are limited to the integer values between
0 and 39.  (The root arc <tt>joint-iso-itu-t(2)</tt> has
no such limitations on its second arc.)
If X and Y are the first two integers,
the single integer actually encoded is computed as:</t>
      <ul empty="true" spacing="normal" bare="false" pn="section-2-5">
        <li pn="section-2-5.1">X * 40 + Y</li>
      </ul>
      <t pn="section-2-6">The inverse transformation (again making use of the known ranges of X
and Y) is applied when decoding the object identifier.</t>
      <t pn="section-2-7">Since the semantics of absolute and relative object identifiers
differ, this specification defines two tags:</t>
      <t pn="section-2-8">Tag TBD111: tags a byte string as the <xref target="X.690" format="default" sectionFormat="of" derivedContent="X.690"/> encoding of an
absolute object identifier (simply "object identifier" or "OID").</t>
      <t pn="section-2-9">Tag TBD110: tags a byte string as the <xref target="X.690" format="default" sectionFormat="of" derivedContent="X.690"/> encoding of a relative
object identifier (also "relative OID").  Since the encoding of each
number is the same as for <xref target="RFC6256" format="default" sectionFormat="of" derivedContent="RFC6256"/> Self-Delimiting Numeric Values
(SDNVs), this tag can also be used for tagging a byte string that
contains a sequence of zero or more SDNVs.</t>
      <section anchor="reqts" toc="exclude" numbered="true" removeInRFC="false" pn="section-2.1">
        <name slugifiedName="name-requirements-on-the-byte-st">Requirements on the byte string being tagged</name>
        <t pn="section-2.1-1">To form a valid tag, a byte string tagged by TBD111 or TBD110 MUST be a syntactically valid BER
representation of an object identifier: A concatenation of zero or
more SDNV values, where each SDNV value is a sequence of one or more bytes that
all have their most significant bit set, except for the last byte,
where it must be unset; the first byte of each SDNV cannot be 0x80
(which would be a leading zero in SDNV's base-128 arithmetic).</t>
        <t pn="section-2.1-2">In other words:</t>
        <ul spacing="normal" bare="false" empty="false" pn="section-2.1-3">
          <li pn="section-2.1-3.1">its first byte, and any byte that follows a byte that has the most significant
bit unset, MUST NOT be 0x80 (this requirement requires expressing the
integer values in their shortest form, with no leading zeroes)</li>
          <li pn="section-2.1-3.2">its last byte MUST NOT have the most significant bit set (this
requirement excludes an incomplete final integer value)</li>
        </ul>
        <t pn="section-2.1-4">If either of these invalid conditions are encountered, the tag is
invalid.</t>
        <t pn="section-2.1-5"><xref target="X.680" format="default" sectionFormat="of" derivedContent="X.680"/> restricts RELATIVE-OID values to have at least
one arc, i.e., their encoding would have at least one SDNV.
This specification permits
empty relative object identifiers; they may
still be excluded by application semantics.</t>
        <t pn="section-2.1-6">To facilitate the search for specific object ID values, it is RECOMMENDED
that definite length encoding (see Section 3.2.3 of <xref target="I-D.ietf-cbor-7049bis" format="default" sectionFormat="of" derivedContent="I-D.ietf-cbor-7049bis"/>) is used
for the byte strings used as tag content for these tags.</t>
        <t pn="section-2.1-7">The valid set of byte strings can also be expressed using regular
expressions on bytes, using no specific notation but resembling
<xref target="PCRE" format="default" sectionFormat="of" derivedContent="PCRE"/>.  Unlike typical regular expressions that operate on
character sequences, the following regular expressions take bytes as
their domain, so they can be applied directly to CBOR byte strings.</t>
        <t pn="section-2.1-8">For byte strings with tag TBD111:</t>
        <ul empty="true" spacing="normal" bare="false" pn="section-2.1-9">
          <li pn="section-2.1-9.1">
            <tt>/^(([\x81-\xFF][\x80-\xFF]*)?[\x00-\x7F])+$/</tt></li>
        </ul>
        <t pn="section-2.1-10">For byte strings with tag TBD110:</t>
        <ul empty="true" spacing="normal" bare="false" pn="section-2.1-11">
          <li pn="section-2.1-11.1">
            <tt>/^(([\x81-\xFF][\x80-\xFF]*)?[\x00-\x7F])*$/</tt></li>
        </ul>
        <t pn="section-2.1-12">A tag with tagged content that does not conform to the applicable
regexp is invalid.</t>
      </section>
    </section>
    <section anchor="examples" toc="include" numbered="true" removeInRFC="false" pn="section-3">
      <name slugifiedName="name-examples">Examples</name>
      <section anchor="encoding-of-the-sha-256-oid" toc="exclude" numbered="true" removeInRFC="false" pn="section-3.1">
        <name slugifiedName="name-encoding-of-the-sha-256-oid">Encoding of the SHA-256 OID</name>
        <dl newline="false" spacing="normal" pn="section-3.1-1">
          <dt pn="section-3.1-1.1">ASN.1 Value Notation:</dt>
          <dd pn="section-3.1-1.2">
  { joint-iso-itu-t(2) country(16) us(840) organization(1) gov(101)
  csor(3) nistalgorithm(4) hashalgs(2) sha256(1) }</dd>
          <dt pn="section-3.1-1.3">Dotted Decimal Notation:</dt>
          <dd pn="section-3.1-1.4">
  2.16.840.1.101.3.4.2.1</dd>
        </dl>
        <figure anchor="fig-sha-ber" align="left" suppress-title="false" pn="figure-1">
          <name slugifiedName="name-sha-256-oid-in-ber">SHA-256 OID in BER</name>
          <artwork name="" type="" align="left" alt="" pn="section-3.1-2.1"><![CDATA[
06                                # UNIVERSAL TAG 6
   09                             # 9 bytes, primitive
      60 86 48 01 65 03 04 02 01  # X.690 Clause 8.19
#      |   840  1  |  3  4  2  1    show component encoding
#   2.16         101
]]></artwork>
        </figure>
        <figure anchor="fig-sha-cbor" align="left" suppress-title="false" pn="figure-2">
          <name slugifiedName="name-sha-256-oid-in-cbor">SHA-256 OID in CBOR</name>
          <artwork name="" type="" align="left" alt="" pn="section-3.1-3.1"><![CDATA[
D8 6F                             # tag(111)
   49                             # 0b010_01001: mt 2, 9 bytes
      60 86 48 01 65 03 04 02 01  # X.690 Clause 8.19
]]></artwork>
        </figure>
      </section>
      <section anchor="encoding-of-a-mib-relative-oid" toc="exclude" numbered="true" removeInRFC="false" pn="section-3.2">
        <name slugifiedName="name-encoding-of-a-mib-relative-">Encoding of a MIB Relative OID</name>
        <t pn="section-3.2-1">Given some OID (e.g., <tt>lowpanMib</tt>, assumed to be <tt>1.3.6.1.2.1.226</tt> <xref target="RFC7388" format="default" sectionFormat="of" derivedContent="RFC7388"/>),
to which the following is added:</t>
        <dl newline="false" spacing="normal" pn="section-3.2-2">
          <dt pn="section-3.2-2.1">ASN.1 Value Notation:</dt>
          <dd pn="section-3.2-2.2">
  { lowpanObjects(1) lowpanStats(1) lowpanOutTransmits(29) }</dd>
          <dt pn="section-3.2-2.3">Dotted Decimal Notation:</dt>
          <dd pn="section-3.2-2.4">
  .1.1.29</dd>
        </dl>
        <figure anchor="fig-mib-ber" align="left" suppress-title="false" pn="figure-3">
          <name slugifiedName="name-mib-relative-object-identif">MIB relative object identifier, in BER</name>
          <artwork name="" type="" align="left" alt="" pn="section-3.2-3.1"><![CDATA[
0D                                # UNIVERSAL TAG 13
   03                             # 3 bytes, primitive
      01 01 1D                    # X.690 Clause 8.20
#      1  1 29                      show component encoding
]]></artwork>
        </figure>
        <figure anchor="fig-mib-cbor" align="left" suppress-title="false" pn="figure-4">
          <name slugifiedName="name-mib-relative-object-identifi">MIB relative object identifier, in CBOR</name>
          <artwork name="" type="" align="left" alt="" pn="section-3.2-4.1"><![CDATA[
D8 6E                             # tag(110)
   43                             # 0b010_01001: mt 2 (bstr), 3 bytes
      01 01 1D                    # X.690 Clause 8.20
]]></artwork>
        </figure>
        <t pn="section-3.2-5">This relative OID saves seven bytes compared to the full OID encoding.</t>
      </section>
    </section>
    <section anchor="discussion" toc="include" numbered="true" removeInRFC="false" pn="section-4">
      <name slugifiedName="name-discussion">Discussion</name>
      <t pn="section-4-1">Staying close to the way object identifiers are encoded in ASN.1
BER makes back-and-forth translation easy; otherwise we would choose a
more efficient encoding.  Object
identifiers in IETF protocols
are serialized in dotted decimal form or BER form, so
there is an advantage in not inventing a third form.  Also,
expectations of the cost of encoding object identifiers are
based on BER; using a different encoding might not be aligned with
these expectations. If additional information about an OID is desired,
lookup services such as
the <xref target="X.672" format="default" sectionFormat="of" derivedContent="X.672">OID Resolution Service (ORS)</xref>
and the <xref target="OID-INFO" format="default" sectionFormat="of" derivedContent="OID-INFO">OID Repository</xref> are available.</t>
    </section>
    <section anchor="tfs" toc="include" numbered="true" removeInRFC="false" pn="section-5">
      <name slugifiedName="name-tag-factoring-with-oid-arra">Tag Factoring with OID Arrays and Maps</name>
      <t pn="section-5-1">TBD111 and TBD110 can tag CBOR arrays and maps. The idea is that
the tag is factored out from each individual byte string;
the tag is placed in front of the array or map instead.
The tags TBD111 and TBD110 are left-distributive.</t>
      <t pn="section-5-2">When the TBD111 or TBD110 tag is applied to an array, it means
that the respective tag is imputed to all items in the array that are
byte strings.
For example, when the array is tagged with TBD111,
every array item that is a binary string
is an OID.</t>
      <t pn="section-5-3">When the TBD111 or TBD110 tag is applied to a map, it means that
the respective tag is imputed to all keys in the map that are byte strings.
The values in the map are not considered specially tagged.</t>
      <t pn="section-5-4">Array and map nesting is permitted. For example,
a 3-dimensional array of OIDs can be composed by using
a single TBD111 tag, followed by an array of arrays of arrays
of binary strings. All such binary strings are considered OIDs.
  <cref anchor="_1" display="true">That was part of the original proposal.  I find it hard to
imagine how to stop the influence of the tag deep into a nested
structure.  That's why I would rather limit this to one level (no
nesting).  But see the Figure below, which needs a nesting of two.
Please discuss.</cref></t>
    </section>
    <section anchor="applications-and-examples-of-oids" toc="include" numbered="true" removeInRFC="false" pn="section-6">
      <name slugifiedName="name-applications-and-examples-o">Applications and Examples of OIDs</name>
      <section anchor="x500-distinguished-name" toc="exclude" numbered="true" removeInRFC="false" pn="section-6.1">
        <name slugifiedName="name-x500-distinguished-name">X.500 Distinguished Name</name>
        <t pn="section-6.1-1">Consider the X.500 distinguished name:</t>
        <table anchor="tab-dn-data" align="center" pn="table-1">
          <name slugifiedName="name-example-x500-distinguished-">Example X.500 Distinguished Name</name>
          <thead>
            <tr>
              <th align="left" colspan="1" rowspan="1">Attribute Types</th>
              <th align="left" colspan="1" rowspan="1">Attribute Values</th>
            </tr>
          </thead>
          <tbody>
            <tr>
              <td align="left" colspan="1" rowspan="1">c (2.5.4.6)</td>
              <td align="left" colspan="1" rowspan="1">US</td>
            </tr>
            <tr>
              <td align="left" colspan="1" rowspan="1">l (2.5.4.7)<br/>s (2.5.4.8)<br/>postalCode (2.5.4.17)</td>
              <td align="left" colspan="1" rowspan="1">Los Angeles<br/>CA<br/>90013</td>
            </tr>
            <tr>
              <td align="left" colspan="1" rowspan="1">street (2.5.4.9)</td>
              <td align="left" colspan="1" rowspan="1">532 S Olive St</td>
            </tr>
            <tr>
              <td align="left" colspan="1" rowspan="1">businessCategory (2.5.4.15)<br/>buildingName (0.9.2342.19200300.100.1.48)</td>
              <td align="left" colspan="1" rowspan="1">Public Park<br/>Pershing Square</td>
            </tr>
          </tbody>
        </table>
        <t pn="section-6.1-3"><xref target="tab-dn-data" format="default" sectionFormat="of" derivedContent="Table 1"/> has four "relative distinguished names" (RDNs). The country and street RDNs are single-valued.
The second and fourth RDNs are multi-valued.</t>
        <t pn="section-6.1-4">The equivalent representations in CBOR diagnostic notation and CBOR are:</t>
        <figure anchor="fig-dn-cbor-diag-7049" align="left" suppress-title="false" pn="figure-5">
          <name slugifiedName="name-distinguished-name-in-cbor-">Distinguished Name, in CBOR Diagnostic Notation</name>
          <artwork name="" type="" align="left" alt="" pn="section-6.1-5.1"><![CDATA[
111([{ h'550406': "US" },
     { h'550407': "Los Angeles", h'550408': "CA",
       h'550411': "90013" },
     { h'550409': "532 S Olive St" },
     { h'55040f': "Public Park",
       h'0992268993f22c640130': "Pershing Square" }])
]]></artwork>
        </figure>
        <figure anchor="fig-dn-cbor" align="left" suppress-title="false" pn="figure-6">
          <name slugifiedName="name-distinguished-name-in-cbor-1">Distinguished Name, in CBOR (109 bytes)</name>
          <artwork name="" type="" align="left" alt="" pn="section-6.1-6.1"><![CDATA[
d8 6f                                      # tag(111)
   84                                      # array(4)
      a1                                   # map(1)
         43 550406                         # 2.5.4.6 (4)
         62                                # text(2)
            5553                           # "US"
      a3                                   # map(3)
         43 550407                         # 2.5.4.7 (4)
         6b                                # text(11)
            4c6f7320416e67656c6573         # "Los Angeles"
         43 550408                         # 2.5.4.8 (4)
         62                                # text(2)
            4341                           # "CA"
         43 550411                         # 2.5.4.17 (4)
         65                                # text(5)
            3930303133                     # "90013"
      a1                                   # map(1)
         43 550409                         # 2.5.4.9 (4)
         6e                                # text(14)
            3533322053204f6c697665205374   # "532 S Olive St"
      a2                                   # map(2)
         43 55040f                         # 2.5.4.15 (4)
         6b                                # text(11)
            5075626c6963205061726b         # "Public Park"
         4a 0992268993f22c640130    # 0.9.2342.19200300.100.1.48 (11)
         6f                                # text(15)
            5065727368696e6720537175617265 # "Pershing Square"
]]></artwork>
        </figure>
        <t pn="section-6.1-7">(This example encoding assumes that all attribute values are UTF-8 strings,
or can be represented as UTF-8 strings with no loss of information.)</t>
      </section>
    </section>
    <section anchor="control" toc="include" numbered="true" removeInRFC="false" pn="section-7">
      <name slugifiedName="name-cddl-control-operators">CDDL Control Operators</name>
      <t pn="section-7-1">CDDL specifications may want to specify the use of SDNVs or SDNV
sequences (as defined for the tag content for TBD110).  This document
introduces two new control operators that can be applied to a target
value that is a byte string:</t>
      <ul spacing="normal" bare="false" empty="false" pn="section-7-2">
        <li pn="section-7-2.1">
          <tt>.sdnv</tt>, with a control type that contains unsigned integers.  The
byte string is specified to be encoded as an <xref target="RFC6256" format="default" sectionFormat="of" derivedContent="RFC6256"/> SDNV (BER
encoding) for the matching values of the control type.</li>
        <li pn="section-7-2.2">
          <tt>.sdnvseq</tt>, with a control type that contains arrays of unsigned
integers.  The byte string is specified to be encoded as a sequence
of <xref target="RFC6256" format="default" sectionFormat="of" derivedContent="RFC6256"/> SDNVs (BER encoding) that decodes to an array of
unsigned integers matching the control type.</li>
        <li pn="section-7-2.3">
          <tt>.oid</tt>, like <tt>.sdnvseq</tt>, except that the X*40+Y translation for
absolute OIDs is included (see <xref target="fig-dn-cddl-oid" format="default" sectionFormat="of" derivedContent="Figure 8"/>).</li>
      </ul>
      <t pn="section-7-3"><xref target="fig-dn-cddl" format="default" sectionFormat="of" derivedContent="Figure 7"/> shows an example for the use of <tt>.sdnvseq</tt> for a part
of a structure using OIDs that could be used in <xref target="fig-dn-cbor" format="default" sectionFormat="of" derivedContent="Figure 6"/>;
<xref target="fig-dn-cddl-oid" format="default" sectionFormat="of" derivedContent="Figure 8"/> shows the same with the <tt>.oid</tt> operator.</t>
      <figure anchor="fig-dn-cddl" align="left" suppress-title="false" pn="figure-7">
        <name slugifiedName="name-using-sdnvseq">Using .sdnvseq</name>
        <artwork type="cddl" name="" align="left" alt="" pn="section-7-4.1"><![CDATA[
country-rdn = {country-oid => country-value}
country-oid = bytes .sdnvseq [85, 4, 6]
country-value = text .size 2
]]></artwork>
      </figure>
      <figure anchor="fig-dn-cddl-oid" align="left" suppress-title="false" pn="figure-8">
        <name slugifiedName="name-using-oid">Using .oid</name>
        <artwork type="cddl" name="" align="left" alt="" pn="section-7-5.1"><![CDATA[
country-rdn = {country-oid => country-value}
country-oid = bytes .oid [2, 5, 4, 6]
country-value = text .size 2
]]></artwork>
      </figure>
      <t pn="section-7-6">(Note that the control type need not be a literal; e.g., <tt>bytes .oid
[2, 5, 4, *uint]</tt> matches all OIDs inside OID arc 2.5.4,
<tt>attributeType</tt>.)</t>
    </section>
    <section anchor="iana" toc="include" numbered="true" removeInRFC="false" pn="section-8">
      <name slugifiedName="name-iana-considerations">IANA Considerations</name>
      <section anchor="cbor-tags" toc="exclude" numbered="true" removeInRFC="false" pn="section-8.1">
        <name slugifiedName="name-cbor-tags">CBOR Tags</name>
        <t pn="section-8.1-1">IANA is requested to assign the CBOR tags in <xref target="tab-tag-values-new" format="default" sectionFormat="of" derivedContent="Table 2"/>, with the
present document as the specification reference.</t>
        <table anchor="tab-tag-values-new" align="center" pn="table-2">
          <name slugifiedName="name-values-for-new-tags">Values for New Tags</name>
          <thead>
            <tr>
              <th align="left" colspan="1" rowspan="1">Tag</th>
              <th align="left" colspan="1" rowspan="1">Data Item</th>
              <th align="right" colspan="1" rowspan="1">Semantics</th>
            </tr>
          </thead>
          <tbody>
            <tr>
              <td align="left" colspan="1" rowspan="1">TBD111</td>
              <td align="left" colspan="1" rowspan="1">multiple</td>
              <td align="right" colspan="1" rowspan="1">object identifier (BER encoding)</td>
            </tr>
            <tr>
              <td align="left" colspan="1" rowspan="1">TBD110</td>
              <td align="left" colspan="1" rowspan="1">multiple</td>
              <td align="right" colspan="1" rowspan="1">relative object identifier (BER encoding); <br/>SDNV <xref target="RFC6256" format="default" sectionFormat="of" derivedContent="RFC6256"/> sequence</td>
            </tr>
          </tbody>
        </table>
      </section>
      <section anchor="cddl-control-operators" toc="exclude" numbered="true" removeInRFC="false" pn="section-8.2">
        <name slugifiedName="name-cddl-control-operators-2">CDDL Control Operators</name>
        <t pn="section-8.2-1">IANA is requested to assign the CDDL Control Operators in
<xref target="tab-operators-new" format="default" sectionFormat="of" derivedContent="Table 3"/>, with the present document as the specification
reference.</t>
        <table anchor="tab-operators-new" align="center" pn="table-3">
          <name slugifiedName="name-new-cddl-operators">New CDDL Operators</name>
          <thead>
            <tr>
              <th align="left" colspan="1" rowspan="1">Name</th>
              <th align="left" colspan="1" rowspan="1">Reference</th>
            </tr>
          </thead>
          <tbody>
            <tr>
              <td align="left" colspan="1" rowspan="1">.sdnv</td>
              <td align="left" colspan="1" rowspan="1">[this document, <xref target="control" format="default" sectionFormat="of" derivedContent="Section 7"/>]</td>
            </tr>
            <tr>
              <td align="left" colspan="1" rowspan="1">.sdnvseq</td>
              <td align="left" colspan="1" rowspan="1">[this document, <xref target="control" format="default" sectionFormat="of" derivedContent="Section 7"/>]</td>
            </tr>
            <tr>
              <td align="left" colspan="1" rowspan="1">.oid</td>
              <td align="left" colspan="1" rowspan="1">[this document, <xref target="control" format="default" sectionFormat="of" derivedContent="Section 7"/>]</td>
            </tr>
          </tbody>
        </table>
      </section>
    </section>
    <section anchor="security-considerations" toc="include" numbered="true" removeInRFC="false" pn="section-9">
      <name slugifiedName="name-security-considerations">Security Considerations</name>
      <t pn="section-9-1">The security considerations of <xref target="I-D.ietf-cbor-7049bis" format="default" sectionFormat="of" derivedContent="I-D.ietf-cbor-7049bis"/> apply.</t>
      <t pn="section-9-2">The encodings in Clauses 8.19 and 8.20 of <xref target="X.690" format="default" sectionFormat="of" derivedContent="X.690"/> are quite compact and unambiguous,
but MUST be followed precisely to avoid security pitfalls.
In particular, the requirements set out in <xref target="reqts" format="default" sectionFormat="of" derivedContent="Section 2.1"/> of this document need to be
followed; otherwise, an attacker may be able to subvert a checking
process by submitting alternative representations that are later taken
as the original (or even something else entirely) by another decoder
supposed to be protected by the checking process.</t>
      <t pn="section-9-3">OIDs and relative OIDs can always be treated as opaque byte strings.
Actually understanding the structure that was used for generating them
is not necessary, and, except for checking the structure requirements,
it is strongly NOT RECOMMENDED to perform any
processing of this kind (e.g., converting into dotted notation and
back) unless absolutely necessary.
If the OIDs are translated into other representations, the usual
security considerations for non-trivial representation conversions
apply; the integer values are unlimited in range.</t>
      <section anchor="bdconv" toc="exclude" numbered="true" removeInRFC="false" pn="section-9.1">
        <name slugifiedName="name-conversions-between-ber-and">Conversions Between BER and Dotted Decimal Notation</name>
        <t pn="section-9.1-1"><xref target="PKILCAKE" format="default" sectionFormat="of" derivedContent="PKILCAKE"/> uncovers exploit vectors for the illegal values above,
as well as for cases in which conversion to or from the dotted decimal notation
goes awry. Neither <xref target="X.660" format="default" sectionFormat="of" derivedContent="X.660"/> nor <xref target="X.680" format="default" sectionFormat="of" derivedContent="X.680"/> place an upper bound on the
range of unsigned integer values for an arc; the integers are arbitrarily valued.
An implementation SHOULD NOT attempt to convert each component using a
fixed-size accumulator, as an attacker will certainly be able to
cause the accumulator to overflow. Compact and efficient techniques
for such conversions, such as the double dabble algorithm <xref target="DOUBLEDABBLE" format="default" sectionFormat="of" derivedContent="DOUBLEDABBLE"/>
are well-known in the art; their application to this field is left
as an exercise to the reader.</t>
      </section>
    </section>
  </middle>
  <back>
    <references pn="section-10">
      <name slugifiedName="name-references">References</name>
      <references pn="section-10.1">
        <name slugifiedName="name-normative-references">Normative References</name>
        <reference anchor="I-D.ietf-cbor-7049bis" target="http://www.ietf.org/internet-drafts/draft-ietf-cbor-7049bis-14.txt" quoteTitle="true" derivedAnchor="I-D.ietf-cbor-7049bis">
          <front>
            <title>Concise Binary Object Representation (CBOR)</title>
            <seriesInfo name="Internet-Draft" value="draft-ietf-cbor-7049bis-14"/>
            <author initials="C" surname="Bormann" fullname="Carsten Bormann">
              <organization showOnFrontPage="true"/>
            </author>
            <author initials="P" surname="Hoffman" fullname="Paul Hoffman">
              <organization showOnFrontPage="true"/>
            </author>
            <date month="June" day="16" year="2020"/>
            <abstract>
              <t>The Concise Binary Object Representation (CBOR) is a data format whose design goals include the possibility of extremely small code size, fairly small message size, and extensibility without the need for version negotiation.  These design goals make it different from earlier binary serializations such as ASN.1 and MessagePack.  This document is a revised edition of RFC 7049, with editorial improvements, added detail, and fixed errata.  This revision formally obsoletes RFC 7049, while keeping full compatibility of the interchange format from RFC 7049.  It does not create a new version of the format.</t>
            </abstract>
          </front>
          <refcontent>Work in Progress</refcontent>
        </reference>
        <reference anchor="RFC2119" target="https://www.rfc-editor.org/info/rfc2119" quoteTitle="true" derivedAnchor="RFC2119">
          <front>
            <title>Key words for use in RFCs to Indicate Requirement Levels</title>
            <seriesInfo name="BCP" value="14"/>
            <seriesInfo name="RFC" value="2119"/>
            <seriesInfo name="DOI" value="10.17487/RFC2119"/>
            <author initials="S." surname="Bradner" fullname="S. Bradner">
              <organization showOnFrontPage="true"/>
            </author>
            <date year="1997" month="March"/>
            <abstract>
              <t>In many standards track documents several words are used to signify the requirements in the specification.  These words are often capitalized. This document defines these words as they should be interpreted in IETF documents.  This document specifies an Internet Best Current Practices for the Internet Community, and requests discussion and suggestions for improvements.</t>
            </abstract>
          </front>
        </reference>
        <reference anchor="RFC6256" target="https://www.rfc-editor.org/info/rfc6256" quoteTitle="true" derivedAnchor="RFC6256">
          <front>
            <title>Using Self-Delimiting Numeric Values in Protocols</title>
            <seriesInfo name="RFC" value="6256"/>
            <seriesInfo name="DOI" value="10.17487/RFC6256"/>
            <author initials="W." surname="Eddy" fullname="W. Eddy">
              <organization showOnFrontPage="true"/>
            </author>
            <author initials="E." surname="Davies" fullname="E. Davies">
              <organization showOnFrontPage="true"/>
            </author>
            <date year="2011" month="May"/>
            <abstract>
              <t>Self-Delimiting Numeric Values (SDNVs) have recently been introduced as a field type in proposed Delay-Tolerant Networking protocols. SDNVs encode an arbitrary-length non-negative integer or arbitrary- length bitstring with minimum overhead.  They are intended to provide protocol flexibility without sacrificing economy and to assist in future-proofing protocols under development.  This document describes formats and algorithms for SDNV encoding and decoding, along with notes on implementation and usage.  This document is a product of the Delay-Tolerant Networking Research Group and has been reviewed by that group.  No objections to its publication as an RFC were raised.  This document is not an Internet Standards Track specification; it is published for informational purposes.</t>
            </abstract>
          </front>
        </reference>
        <reference anchor="RFC8174" target="https://www.rfc-editor.org/info/rfc8174" quoteTitle="true" derivedAnchor="RFC8174">
          <front>
            <title>Ambiguity of Uppercase vs Lowercase in RFC 2119 Key Words</title>
            <seriesInfo name="BCP" value="14"/>
            <seriesInfo name="RFC" value="8174"/>
            <seriesInfo name="DOI" value="10.17487/RFC8174"/>
            <author initials="B." surname="Leiba" fullname="B. Leiba">
              <organization showOnFrontPage="true"/>
            </author>
            <date year="2017" month="May"/>
            <abstract>
              <t>RFC 2119 specifies common key words that may be used in protocol  specifications.  This document aims to reduce the ambiguity by clarifying that only UPPERCASE usage of the key words have the  defined special meanings.</t>
            </abstract>
          </front>
        </reference>
        <reference anchor="X.660" quoteTitle="true" derivedAnchor="X.660">
          <front>
            <title>Information technology -- Procedures for the operation of object identifier registration authorities: General procedures and top arcs of the international object identifier tree</title>
            <seriesInfo name="ITU-T" value="Recommendation X.660"/>
            <author>
              <organization showOnFrontPage="true">International Telecommunications Union</organization>
            </author>
            <date year="2011" month="July"/>
          </front>
        </reference>
        <reference anchor="X.680" quoteTitle="true" derivedAnchor="X.680">
          <front>
            <title>Information technology -- Abstract Syntax Notation One (ASN.1): Specification of basic notation</title>
            <seriesInfo name="ITU-T" value="Recommendation X.680"/>
            <author>
              <organization showOnFrontPage="true">International Telecommunications Union</organization>
            </author>
            <date year="2015" month="August"/>
          </front>
        </reference>
        <reference anchor="X.690" quoteTitle="true" derivedAnchor="X.690">
          <front>
            <title>Information technology -- ASN.1 encoding rules: Specification of Basic Encoding Rules (BER), Canonical Encoding Rules (CER) and Distinguished Encoding Rules (DER)</title>
            <seriesInfo name="ITU-T" value="Recommendation X.690"/>
            <author>
              <organization showOnFrontPage="true">International Telecommunications Union</organization>
            </author>
            <date year="2015" month="August"/>
          </front>
        </reference>
      </references>
      <references pn="section-10.2">
        <name slugifiedName="name-informative-references">Informative References</name>
        <reference anchor="DOUBLEDABBLE" quoteTitle="true" target="https://doi.org/10.1109/newcas.2012.6328944" derivedAnchor="DOUBLEDABBLE">
          <front>
            <title>An improved BCD adder using 6-LUT FPGAs</title>
            <seriesInfo name="DOI" value="10.1109/newcas.2012.6328944"/>
            <seriesInfo name="10th IEEE International NEWCAS" value="Conference"/>
            <author initials="S." surname="Gao" fullname="Shuli Gao">
              <organization showOnFrontPage="true"/>
            </author>
            <author initials="D." surname="Al-Khalili" fullname="Dhamin Al-Khalili">
              <organization showOnFrontPage="true"/>
            </author>
            <author initials="N." surname="Chabini" fullname="Noureddine Chabini">
              <organization showOnFrontPage="true"/>
            </author>
            <date year="2012" month="June"/>
          </front>
        </reference>
        <reference anchor="OID-INFO" target="http://www.oid-info.com/" quoteTitle="true" derivedAnchor="OID-INFO">
          <front>
            <title>OID Repository</title>
            <author>
              <organization showOnFrontPage="true">Orange SA</organization>
            </author>
            <date year="2016"/>
          </front>
        </reference>
        <reference anchor="PCRE" target="http://www.pcre.org/" quoteTitle="true" derivedAnchor="PCRE">
          <front>
            <title>PCRE - Perl Compatible Regular Expressions</title>
            <author initials="A." surname="Ho" fullname="Andrew Ho">
              <organization showOnFrontPage="true"/>
            </author>
            <date year="2018"/>
          </front>
        </reference>
        <reference anchor="PKILCAKE" quoteTitle="true" target="https://doi.org/10.1007/978-3-642-14577-3_22" derivedAnchor="PKILCAKE">
          <front>
            <title>PKI Layer Cake: New Collision Attacks against the Global X.509 Infrastructure</title>
            <seriesInfo name="DOI" value="10.1007/978-3-642-14577-3_22"/>
            <seriesInfo name="Financial Cryptography and Data Security" value="pp. 289-303"/>
            <author initials="D." surname="Kaminsky" fullname="Dan Kaminsky">
              <organization showOnFrontPage="true"/>
            </author>
            <author initials="M." surname="Patterson" fullname="Meredith L. Patterson">
              <organization showOnFrontPage="true"/>
            </author>
            <author initials="L." surname="Sassaman" fullname="Len Sassaman">
              <organization showOnFrontPage="true"/>
            </author>
            <date year="2010"/>
          </front>
        </reference>
        <reference anchor="RFC7388" target="https://www.rfc-editor.org/info/rfc7388" quoteTitle="true" derivedAnchor="RFC7388">
          <front>
            <title>Definition of Managed Objects for IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs)</title>
            <seriesInfo name="RFC" value="7388"/>
            <seriesInfo name="DOI" value="10.17487/RFC7388"/>
            <author initials="J." surname="Schoenwaelder" fullname="J. Schoenwaelder">
              <organization showOnFrontPage="true"/>
            </author>
            <author initials="A." surname="Sehgal" fullname="A. Sehgal">
              <organization showOnFrontPage="true"/>
            </author>
            <author initials="T." surname="Tsou" fullname="T. Tsou">
              <organization showOnFrontPage="true"/>
            </author>
            <author initials="C." surname="Zhou" fullname="C. Zhou">
              <organization showOnFrontPage="true"/>
            </author>
            <date year="2014" month="October"/>
            <abstract>
              <t>This document defines a portion of the Management Information Base (MIB) for use with network management protocols in the Internet community.  In particular, it defines objects for managing IPv6 over Low-Power Wireless Personal Area Networks (6LoWPANs).</t>
            </abstract>
          </front>
        </reference>
        <reference anchor="X.672" quoteTitle="true" derivedAnchor="X.672">
          <front>
            <title>Information technology -- Open systems interconnection -- Object identifier resolution system</title>
            <seriesInfo name="ITU-T" value="Recommendation X.672"/>
            <author>
              <organization showOnFrontPage="true">International Telecommunications Union</organization>
            </author>
            <date year="2010" month="August"/>
          </front>
        </reference>
      </references>
    </references>
    <section removeInRFC="true" anchor="change-log" toc="include" numbered="true" pn="section-appendix.a">
      <name slugifiedName="name-change-log">Change Log</name>
      <t pn="section-appendix.a-1">This section is to be removed before publishing as an RFC.</t>
      <section anchor="changes-from-07-bormann-to-00-ietf" toc="exclude" numbered="true" removeInRFC="false" pn="section-a.1">
        <name slugifiedName="name-changes-from-07-bormann-to-">Changes from -07 (bormann) to -00 (ietf)</name>
        <t pn="section-a.1-1">Resubmitted as WG draft after adoption.</t>
      </section>
      <section anchor="changes-from-06-to-07" toc="exclude" numbered="true" removeInRFC="false" pn="section-a.2">
        <name slugifiedName="name-changes-from-06-to-07">Changes from -06 to -07</name>
        <t pn="section-a.2-1">Reduce the draft back to its basic mandate: Describe CBOR tags for
what is colloquially know as ASN.1 Object IDs.</t>
      </section>
      <section anchor="changes-from-05-to-06" toc="exclude" numbered="true" removeInRFC="false" pn="section-a.3">
        <name slugifiedName="name-changes-from-05-to-06">Changes from -05 to -06</name>
        <t pn="section-a.3-1">Refreshed the draft to the current date ("keep-alive").</t>
      </section>
      <section anchor="changes-from-04-to-05" toc="exclude" numbered="true" removeInRFC="false" pn="section-a.4">
        <name slugifiedName="name-changes-from-04-to-05">Changes from -04 to -05</name>
        <t pn="section-a.4-1">Discussed UUID usage in CBOR, and incorporated fixes
proposed by Olivier Dubuisson, including fixes regarding OID nomenclature.</t>
      </section>
      <section anchor="changes-from-03-to-04" toc="exclude" numbered="true" removeInRFC="false" pn="section-a.5">
        <name slugifiedName="name-changes-from-03-to-04">Changes from -03 to -04</name>
        <t pn="section-a.5-1">Changes occurred based on limited feedback, mainly centered around
the abstract and introduction, rather than substantive
technical changes. These changes include:</t>
        <ul spacing="normal" bare="false" empty="false" pn="section-a.5-2">
          <li pn="section-a.5-2.1">Changed the title so that it is about tags and techniques.</li>
          <li pn="section-a.5-2.2">Rewrote the abstract to describe the content more accurately,
and to point out that no changes to the wire protocol are being proposed.</li>
          <li pn="section-a.5-2.3">Removed "ASN.1" from "object identifiers", as OIDs are independent of ASN.1.</li>
          <li pn="section-a.5-2.4">Rewrote the introduction to be more about the present text.</li>
          <li pn="section-a.5-2.5">Proposed a concise OID arc.</li>
          <li pn="section-a.5-2.6">Provided binary regular expression forms for OID validation.</li>
          <li pn="section-a.5-2.7">Updated IANA registration tables.</li>
        </ul>
      </section>
      <section anchor="changes-from-02-to-03" toc="exclude" numbered="true" removeInRFC="false" pn="section-a.6">
        <name slugifiedName="name-changes-from-02-to-03">Changes from -02 to -03</name>
        <t pn="section-a.6-1">Many significant changes occurred in this version. These changes include:</t>
        <ul spacing="normal" bare="false" empty="false" pn="section-a.6-2">
          <li pn="section-a.6-2.1">Expanded the draft scope to be a comprehensive CBOR update.</li>
          <li pn="section-a.6-2.2">Added OID-related sections: OID Enumerations,
OID Maps and Arrays, and
Applications and Examples of OIDs.</li>
          <li pn="section-a.6-2.3">Added Tag 36 update (binary MIME, better definitions).</li>
          <li pn="section-a.6-2.4">Added stub/experimental sections for X.690 Series Tags (tag &lt;&lt;X&gt;&gt;)
and Regular Expressions (tag 35).</li>
          <li pn="section-a.6-2.5">Added technique for representing sets and multisets.</li>
          <li pn="section-a.6-2.6">Added references and fixed typos.</li>
        </ul>
        <!--  LocalWords:  CBOR extensibility IANA uint sint IEEE endian IETF
 -->
<!--  LocalWords:  signedness endianness ASN BER encodings OIDs OID
 -->
<!--  LocalWords:  Implementers SDNV SDNVs repurpose SDNV's UTF
 -->

</section>
    </section>
    <section numbered="false" anchor="acknowledgments" toc="include" removeInRFC="false" pn="section-appendix.b">
      <name slugifiedName="name-acknowledgments">Acknowledgments</name>
      <t pn="section-appendix.b-1">Jim Schaad provided a review of this document.</t>
    </section>
    <section anchor="authors-addresses" numbered="false" removeInRFC="false" toc="include" pn="section-appendix.c">
      <name slugifiedName="name-authors-addresses">Authors' Addresses</name>
      <author initials="C." surname="Bormann" fullname="Carsten Bormann">
        <organization showOnFrontPage="true">Universität Bremen TZI</organization>
        <address>
          <postal>
            <street>Postfach 330440</street>
            <city>Bremen</city>
            <code>D-28359</code>
            <country>Germany</country>
          </postal>
          <phone>+49-421-218-63921</phone>
          <email>cabo@tzi.org</email>
        </address>
      </author>
      <author initials="S." surname="Leonard" fullname="Sean Leonard">
        <organization showOnFrontPage="true">Penango, Inc.</organization>
        <address>
          <postal>
            <street>5900 Wilshire Boulevard</street>
            <street>21st Floor</street>
            <city>Los Angeles, CA</city>
            <code>90036</code>
            <country>USA</country>
          </postal>
          <email>dev+ietf@seantek.com</email>
          <uri>http://www.penango.com/</uri>
        </address>
      </author>
    </section>
  </back>
  <!-- ##markdown-source:
H4sIAKDJI18AA8Vc63YbR3L+30/RAXOOARuAcCHAi2InFEl5mUiiwsvajlZZ
DWYawESDGezMgBQtMycPkQfIj/zLI+Tf5k3yJPmqqnsuAChKXp8THl8ATF+q
q+vyVXX1dDodlYd5ZA71d0rr4yT2w8zoZ2HspXf6fPIvxs/1hVmmJjNx7uVh
Euvm8bPzi5a+8maZniapbfXn/zgL0CSchibNlDeZpObmUFPTSsuzk0wFiR97
C0wYpN4074Qmn3b8SZJ2cjTrJGHQibzcZLkK8L9DPegNep3eXmfYVyrLvTj4
oxclMR7k6cooFS5T/pjlg17voDdQ783dbZIGh/oszk0am7xzQvMo38sPdZYH
akevljR0dqj3ersHutPRcdLWYa6DxGTxV7lSy/BQv8kTv83/Dcwyn7d1/21b
Z0map2aa4dPdQj74yWLp+Tl/WIAB2VulvFU+T9JDMLSDf7UOY0x23NXPknTh
xTH/Jjw49tIsN3HtSZLODvV1HN6AkWH+P/+Z62epwdD66p/OuEEGGgxW8zrJ
8qnnz/Vw2Nvd7fEzP8zvDm0H+SEJMM9JZ7A/HB3YX1ZxnqLV94YmveMfl3Nm
6je7B53dQb8z6O93xsODQZ8fmoUXRofa9ybJ3+U/h11QWF/bZVe/MAlkJqis
7dJ4ce1nO0xgbr6hXf+7DA1y874LzvHzVQq+z/N8efjkye3tbXdpYi+eJfT8
ScmZ1/JrGxvsd6v84M8gS48Oej39Qxhl8zCFLCeryNw4Guj5oJ/l+nmUJGmF
ZS+STB/FMxMZbOrxUYV3GG04rnPu+vJIKRXTpuXYJ5r64vnxeDAaQ8aC+Abf
zzon3VK2SdImIThF3/D0x+543BOKK+pHf2fxVIaFpuXGn8dJlMzu9P/+27/b
Bq/TxDfBChrJOpXPjU6WJpUeyVQnorRhoY06NbMQPJIWIpthHkIB7Ijfmxj9
I70sR4ae6TxZai/1MxqUZglZoXgUNN6chnaBRyzFv9i0s1rfK3CZ1GUVhz7/
lpG8JyKwTu37fai97K9JQW0Ixrgxz66uO1eHMEyidIEsjZmqhLv7X8pdfTQh
HmFJl3ewdB/0q8Tau/PY6ObR5atuv+Xmv1waH4v2C6ZPvCz0YUeky2/JhVGn
t/+lXNh3XDj4ci7QOrWJIfphPNMpdCd7cNXPeNWnrvEFNdbNZ6cXLaiQFye0
sKh4bkexrY7RisXsBLKJp6swm5tgY7ATNPv/ZucB2Bk6lom249e9wZfy9hwG
DY4DBn+RiTb5SRxDi6htqeDnWxQ4S6IVN5PuvyVHer+CI3sDtHh9fHHqWuZe
OiOXVLXefmrIUzxxTYRP1As2+LVJI8AN+M48nEQGc8xWkZfq0w+ENTIi1var
L5Pst7iXozhIza3+XWKfFAui1QBpdM5ePT+3W7RJHeEMWmrpXNb2ESMQ8Eng
gpP07iGGn6fwRUZfHtV5Su7i9T+cvTg++odTON/zs26/h396e08O9vY7w854
d9Dp7472AGv+OCBenpxfP3txenL0DP8tO/R7B09enf5wfHTZxaCD7ng42D/Y
3VWqA9DiWXsFR3QF6/z50K29gbysd2rpEJafVuEpEWJ9O08wZgCxmMV6lngR
Ca4frQLDLgHsycJJGMGDkj0wH3ICHtGdzhZeFCnynzoLfzZtPfXC1P2uF9hh
b+YekRFATxMXQ92GYPQqpylUbGAVyNExHMIaYjNL8pDX05Wl2yUCv/mrBX8w
0zCG9WD0mVv0qTY8FswLIdJWF5Ke09pJJ+PABMrLeHlAeCaFLTTl0M7lnh29
Oqo7VuslizlVllhCgq7s2CIMggiYFVqaJsFK9N7+fdwJ6dd79W3l78t39uNH
3tH7+xZ58xusNVOOZLE4cxZYEAvCQQK8fcA7XjDdw7L+tAoZQcp6PYWpOt4s
pa3I/DlwXFcVMxXc9qwXzExO4/Og+d2S8BT4eWuw8R61AnNm5A4WhogJswWo
g6gB1k3I5LMosAsgojcG09lquQQMByk3oacAMatbcfdFIrEJYjLFIkGMZDQB
RrahBCFANkFlfXZ69Zw4i7AggS74XkpT0oziOLd5REUe0Y54QCPqjB3pnZ7I
jjpvy0hrkuRz3YRyk8U3rW0kksKkJmJntOW50APXklM4YuUS8lNO0yTONm68
aGUaeumlzGIQ+VWmiMedyMSzfN7hBqWctLDcWE8MrzoE/0OgSWHo5C7nhhid
ZocqbTA+v00qzOcd95MbI6JJD9+HcUDUKuHkFm3lBci8Oc1x61ne85BEHOxT
QhR6y2VEFOYJEGzq3QmgXXjLjH4yU4CYEOPCIKGrJlMFV7lw7KKBqJcm2YfU
IqSU32mErqrbCv3rbIXKHd01M3GFkCy0kKE0DdDbRXZPNqT4EzEHZZqi3Uw3
Xl5fXjXa8n/96pw/X5z+4/XZxekJfb783dGLF8UHZVtc/u78+sVJ+anseXz+
8uXpqxPpjF917SfVeHn0U0Nsd+P89dXZ+aujF41iZwoWeAjAct4Stj5Qy5xZ
pmCY/DScyG4+O3795//o70JF/gph1KDfP4BZkS/7/b1dfLmdm1hmS2LsmnwF
C+8UttoAN5AsYqt8bxnmkAI2Odk8uY31HNvStU4yr7CXrMp2P2jFJ3tKo5J6
hD5hE9kyjKAbJO8NkoJVJisIITlxcqv9VZYnC1JqmB/oHBu87A5Q+G7BTqiR
+LnJGyDI2vFK1gQ7DViS1X3Apj+og7yNYTgOK+0XqFSenuMBYrk5AXLwD7YM
/hfGfOn55AxURc3a2lBOAewRu0erjMM/rcitp87piNxjaXAVLPQYYxUTSmB+
5GYGQth+ZIpJ2QcpXdW8YktUb8BCQnSha2OZhsy+ehOWLAnvJsb3wHXefGeQ
PJ+zMDGp/ORONxGHASb4hDLSEGSvgBgn4WyVrLKWyoBmAWVpjorN1PoH0DVD
SC/IBtYVXGaJy8LFkgaRSVkCVGOdPpKytsVD0R0vhxyARTFhqh13YAuzbkup
H+ZhZKxldlwUI2bgQzDExNTYDQaw+bT2bAu/Sej1ghZgc1Jlf7E6NHgypXQT
8wwycQOsA4Z5QbLMnce9BVtkucH6ANuyC6TKbL1YkU8vnooFWOu5gDV1xplJ
BIRnfw/roDjvAMaBABAD/we+ZiD0lgRj4b2nB8T9rdNDkzBrOV9mYUMhl3qD
TzQLZAAxkSE1AhTJTDTtYNnhImQ+ANxQGgfaU18HuwGnHg5TVSQZLHAzgy5x
ZEElvs20c+zb/JskGfQVXLB+d/7s70+Pr/TZyemrq7PnZ6cX71ptJRo5gSuB
uWOoliRkZH3dLBX+OGIFGXZH3UEf8GWaJot1vKAenPfi9MXR1dnvTzvAQe8K
8MNTqmIQmPQsWWxZhH4fk83lKRmBfMgtaWQAVEHaPmKZVlcdsQ0hNEQZJcjg
IvyZGd3mTYUcTwQ8gNXTMM1yRgrFPhIX4k+wFFE7KE1io2O4oxTIrELp5G5N
tjigSSmXJtEMRR/Obt4JYinpIJ7PYQLZHeVzMrlrstDstXVffNYAW8cZNZZM
Mj+SWFsBQKS6x236bAZZAgW4bBGviclvjYmV9BgewGqRRS2l4N2/JOjSCbOk
E+arTt4ctN4RmSrGhq2wjzy+E2VxWyVBMEtnU/0jD/6TuO6tfG+zJyR9jUoS
YW9W7FsKlJaxHVqJrzhU6jsM/bXe7elv9E/iycKYgjpMgyg6K9MmTW/mhfGW
3RHh4pCbNfFH5upPErdayEfQAIDKAnDOjq6LBVTzMiTjIPsBZwgPLwjPidIj
EFsF4RRwry22LqvlxaqAlwAeVn4FkHn17KTf7x8K5vOqiNkhyCJAKNNvDEbV
wwKum9Y5NTYeNQi9NqDEjVa3QkHvV1BQcGIzhMZekVVvFLySCbUuGVwdikyn
gi5O0DO0lhqegOYnsFya3UsyyCelQX5l9ff3Aimalyevfp+1LP8Jw1fRP7su
Bt8Saa4tljRZkXGCkK1hGP2zSRNiHPsongTM29lBtF2ExKw4RHl1zInhkTEf
pv64gwg6B45TVwnRscAk0OAwoAbtdWqkD6yRSAjNLjulGcqTqyYEmUPBLHqT
sWAg1aZ/Jhe/vkmH+qjq76ShXakqVmqNDFl8YBnxcuXvkhqqsorMquMULUiC
OkUofO7dGAt7FgmMB/lfVhBEBJMwp6AeKPODb5ZlkBR5aEjjkJcjAtBusaLf
DHlwkz+tWCNmoHPFTCTGJtSHxr0P+z3VFLd1m6yiQFgYGY+lkNcN60K9vsoo
ZWE6/cE+zF2YzxcGPCZ9OYstDuHoCir8NdvKcnYx7JQSYFrYO0yTKEpuC93i
3+ZWtdb5oDRzglfW1i5oc/RThM4gqkzE2M+UH5EMqVg3pbdgEGE9wp+UDlJZ
BNuc30GMUmOEAR6WlRXsL2lxu/jgHgqVoKBKJ7aV0oMUcVOqEB4gQswHzlGw
UiMVIBjuxoTM5yJLAZ/A4k1OKRRHRZ6IrMiKAh8TtLWNnSm0sc2xZQXKoHQ5
dMvHqqpgxvEHrpVXhs0BK7JckSDD+7V12DXdtmVeYbVEhGo9WPRJfmyuo27/
lxRj5pkyi2V+9ykn8lRiGEBjBYQItcHmW+6xPWCPZgctvFRXjIrnU6bUy50P
I4zCquRocfMV6+YT7jCrhvGKJZT9FUCHlqxPufJmBlBzaY8nht1Bd0i7VMkw
2vi3SDBWzJqNjD1rnCUX5XQ9k8yHTdXJdts8X22Iqk23Uo8xVyz6qZwXKFOe
F5BdZkPUtm0I9Dh2uKM5PVmRLoGfEwrQIDV0IIHYVOvrOArfG8oy8rGVnUFX
Z2CGyWkrdjRW/tyjFDzFKy6EE+kUU1AhtD6M997ZTGAzEbggWcAfUYlBPbS1
sCaAfvmcsEo2Um7EyedJWmceq3teAg/CX++e/HOz+eYPH/b7nT98eP78LX3s
ycevW3+Lbz36tvf8beubv37y7tFBe1846Nc86BEP4EYi3+fEQ8QRRol2i35l
32mhsNUGhIzwejNwU5JwTvtPP3hkaSiHYuzHMo/CLvy0gkNowMvfHXUGozEh
FheqMbooDn4P1aH+qDcRtSsDaPbHLUhac3+316LTIC+2wUuz39Kz5KbZ7/Xl
7NLPkrQ5bOkYoaAXzRJ2Nc3dFnmHOX7IaFR8AjnUF8DhJMkJN59AeheQxSpJ
g25/3MWc3X4XE3SH3V2oZl8p9a/ln+qN9SN/O/r6FSzjxeXRC3119L3mCofe
wSN9DpyGUZ4mZEwoj8Y9vT/Wu/u619fjke4NdW9X9wb0Fd0YVrrAdL/bP1A7
0u0X/Iu1aIQ/9Hmo9a7WA/6qOX/HMQTsLXkWd45MfYkLBV3gQ231Hw/1zjSc
dcDSDkFNPtr7tlHZcZusaNzX2Xayr8fPH2EBhLYJheKd3X2MX71Jr9/7I/7t
Afovcj1oOxb+Sr49tEyyyQ+sk8wFLXRNBzz98uwZgG0J3JX6Hp9iCe2pc9N0
Z/CI72DKll78Mpy8o7xqBiwe2KzuOxLAMURxQP8Oxu/gH/724vnx3nB/n85O
FJoJFKtbRUKTAfzc4adUT6aVBGdGiiE/XKJN5ev5Kr+i+JGcbnNw8Jj6kNp0
Bwdr6nLyyX3Um+rSH7K+DB/pNHxIX7C/+Ke/dd6NfR/0nL706Z/BA1L3kL5s
k5lFOKmqBonCw1Cl/Ql1OX2EA6IuPVGXx9i1oS66SafcCPSGNa35Uu49xIGq
1nwGC5wmXQk4LzUHUewNHU0aUh9x7JyDTctUznQFhEdN3bbAaZ2Emb9iTAC3
FRRfqgcASkHc70hl/IiO4u1ot3Q6tZlBdEjZnpKxanEmbQHEQcGO/76DuKUD
x0rul9QmElgEXHv3VGKeWzpsvjUW+frzhOb1JFAsjs7KZbiClVpKEZPXj0oV
kUYVJvDXPwt1gShpYJWUnT22g8iViCVLCBulEnsCCgY3wMBUN4DOhBAofRTn
EuAjEkk56F+AoCOAxjZBQ5BV5m1zPhXNGGeWSYmtTFQUFtJZk2S0BU56WrI+
1dXrRTib59qGnlgbJ5oJ3Ch76FohoqsR78DshfboJqyUCnkTPnuPxWhnXHJB
sY6KkuT9akmsuwl9Pv6GMRXUqN9IkUpRHHQpjXTz/OKy9ba5w5U6rSL1+KZe
04IGrkymxZLj3XhhRAjLJoyeA9omnKRgtEa9j8rT1Jd0mvpxJ59mG0ULksig
RjaTQWCWUF/1BMOdyHY1pwID40lKyMtVGd9RpAMaaC/AHk4rc8wfIji8CYMV
uFgBqE+rPZeR54ugoVucOwkoTnYxNxWv5giHK6fIm7RzWtZM8w4l8tMQ8QOU
vksHOEbyQBt5G0tA9RDanihzELYwUDtV5JMRFZCIcFpdOoY2a0odYTRCWy9W
IZ87s5zWogDC6xb9tiURWnaRPNnMSqclGkpyY9I71wQTydCc7LHVCTK6Eh2E
DHzp0onR5brLDX503XzsbpdNm+UWvRb62BiyTH1wY2pno4gMspXyYSefM8ih
/4yP21mcnSTq2PBJDQsPB/EgpqurTFWeHkIOFlSrxCpspWnKpe1FfQS54EyC
eDYd6Gaz5ZZhnAcUNGRj/bgcqjjhs58UxcXVvYDKHIE/bAnqD+QotVwyUdV9
88/9t0rRfw+halTUhbDcVX1wgjwNZ5yeodOPJPMiKoiijE1A24YQl7ZEir0X
HloaTUCDzoCoRFjOKaZRkRh0OhgYQxrGMkCsNYGr1pZ6EsxC5HyFsHJ+hwnF
3yC0pnwQZ35teleOcCKIakRnu1JiLntFqeZnK8pGSSbkeThbkYQYcNadXVEF
WWZpcPHfbSKl468poWO09b0kEWXSRUxUEVjaTV6zdTsEN0a93loZ6ytvYZQ6
tjvBpEmzoNaMKxmV+kUf5WJaDJ/CZZ+ESZ/+q44l2fKNFpjP181Bd4TQESHs
X/b3i76+fKQF5ovcfHutv5mkT77L3Pd9+Q6xQ2R8TPWC9kF/bztlv1Qr9bnv
8RH/7wCgcejmkysBbqyDv2CRv+jRcKAv9XlEluoy376+Cem5ybJjLzeI7++K
VYxkfZNVGBFeILnQzV73oDsY7iJmOhj0esMe14YiLNndb2G+16sJRFC/9tL3
3Pc1QMmcBPfyTyvS718YwubepBPEHSmMEwRrRfVBgWyQyBMY+7YR6agBJt1R
N5hEArUfP1aGvL/nzPU0WaWVw51N4c0aunlx8opqKKXojDMjUjYhW0BP2SyJ
BZSiMutx3dFjHPBMcEtF68UqysOiMbemJDN+kGR4/VTeFUcEoTeLIUrVhB+N
bnEH6VotFoAtbr75qOdfjUa93d74q0PduL5s6Pu2xBnFkz16UpG7Rts92acn
x0eNtqtPlt/7ffqdRXLLcAf0sC5WW1pNqVVFGKpz9A4OEG3vHxwMp4OBP97F
PD1uXpcVjPq2tTX6wT5zyRNxjOuenBBtik0R+kCkCva6kHo9JAwQEk4/T7Pq
qZT93c/txV6xudty9eH9z+oFB9/suz6aY1HZ9E/0sSZSl5Phbzx4fDKqe2gO
Kp3wNxqNPhX+7rDouTV9OlB2PWhNwy1r2vtEH2uG19Y0eXwyXlO/X1/Urj+e
7g0HEPixGe+NR2N/PNobVnrVtGaT0v1HKd3/bbi/O9z9lJzssBJv0Nd/uI+j
r7/OytFnEjiqEzg8GMITDPvD7Vu/46zJbyP1D+ct3boO1pZlHp9MJGR3bV2j
4XA4GPRGJCVTyMfB3ng8ou97u7KuNUPoFvjoRhcLHGxZ4MM2qNi40W+kA6Pe
3mg8oJWNscZRb9zfG1QG26kb8Qqpnt5mxqXPwxBB1wl43No6skfrZENVB3vD
8T4Ih/LylvSxFCJ/xGSvOZNPOZLPcR/Nfs8mv1vkNpqcRrOhVZlRkQSzPWuj
ONAr8GylXvT66nln34U9bQUCbPC1VqJaa1eegScZA/pKBoZqMo9PTl7QdYs8
TSK6rYVYJOGyXF9+21qZa7vVDoEzLni8pbPyPCnK/SkKsNVMXFpCcTN9UGX9
Z9PLXDV4URmxfoIqoXaLw6dKrbUK7bUSW3sUm1tt6bZHlrQWKbyvny1yhCZ3
pJQUe1SSAGWszVUQ77pUofPOlhN4xQx0b8BV9dvKmo26S6aYEuDV+pfy/Lw4
VHAZTI9TDpWiICr0oMsUGMKJS6tgE7bRZ2m1UlJk/EoCu+UKwPLPWkQZjLvl
lBUXdkFfspzinBijyGF6ZW1yd7KyNHs+T92zahqJqn/1lrrWggUPLDwJAyya
T7mrXLCVOEVG6sevd3vf/FRLD0/51nJRiMbZjrC4CxZIrcDHj84gBEFEN/nv
71tcmFH5GUulYwreWaf6bgetbpSkye0jzlUoPrEqcgc2Jct02A2zlT6uIr+c
lasVnqot1FlSijI0OZSeG8uqQm26jHE1dVQ2xOmkQay/1R/dV7TX337nAiAJ
XO5V7ak9GHCr02/2R22929bjt6rWDS25brZL1+P0QK1bW1DhrO01c8GNaLH4
b0UnfXkzaOtfTSUPV6cUv7DpR/hgSoGr6R9f+HMJdQhrTnfTn2p7FFnSpkra
vl5BBd6+E/knByFHLSSflH/hzDWVx7Ljb6t3hUehZMs7svx8Rcela6wJ/7gT
erG3ntze2SlfamH72UotTnGxmmZ8XbJ2G1BEkiJsfBMOZh2Y6Pv7diF2auPW
mi0eqxcYFTeNupQ5okS9pjTFCWUCziiF+4u+LIpa/7I/Sm3YlOUvEpKTvuLz
lkLQuun60gl6axM8fBK3NtNTzUkS9g2lOS0KFctkSZ3vTi5tiowMzSv8Srva
KHIk/b5ZRDq1h+fb0YH6DCHYDivC2OZcCu+8LhCb1xi3CYSqCwSnmEQkLoo7
aQ/xnk2HNP7Dm9rVLbqw6GDP/duyMVmuz2pMyv95I7sdqvHBbRDtCjOwYBxt
h7o0/iqlu8J1pd1yfTZzLf26eldr2RgKubuj5T1JAq58ipxx8QWnkug8Wfq6
WmmCo39aUQWdu3dD7Sp3jtqKis5cNW+R9sfm0r1eqenybhKugrO0LsN8CiuW
dakStbyC1rYnRpViZC6cW+ViX6Tu+F6wT/UeHhtVhiPKzV857W0zsshzz39v
UoauZHvldo7OVpMbk9JlE9hWn0ry3YUdOrjAUzooYeAe2XtpN2YjQVec3dC7
fVIugIvdLevi+KFJJy2uACVnIGMivriaY7nRXUtOSqQwV2BRqvg6cFaALTpw
hr2QUxX2LZZobYmmm3fkGmoV/sXpjRfdEtyb0J0E49kYIll6UOy1Y6cjd9+B
L3Hwm4mKO8sFSsndcUtRkj7jd624y1YLOlar3la747riWnF0sYD60FUhaCup
7cTTJJ6BprX7msQbaI+Uosd31QtXTlLo9q2r94Gi0I4znKXjG3tQX82oKiol
aGHtEcmBw4WYuVhIl4p7iWThdmoKPCmINbEF1muS0rZIELxVD2kucSVO4g62
4ibkSs36NTcmX14hwXr9dNtdGqII5Nv7NqG9VtLlQxvXXT+TCzdck8DvKtle
VwSoMAlo2vU7uh8/urdAQClXMV945gruKMGO3RifHUFxQT+KzAzDOgonaN5W
lbvzLA5eJiedcrhVLpbPyVI5I6fR1sorinfTzKjA0rvFDsHjSfF1eXcsTuw3
LqTmI3SyDdAxujEF/BfY2w8qde8ReODap2B3Clj8Gv+F8146CSEPfDvTJfmP
YjoBlnvYwtbyTjJZJyqopkVa8ZRCgLLcyRZpqGn4wQQdRqWeD/MHuwkut200
WVi5W6q49jEOwryoavBUcb+02p+5i2mnsJ1deXGJNfRlSQy/7oVuyso7F/h8
tiKMbVe7YbdnRfMF3oT+V1SFgvvVd4Hc33PhDAlAR24/FXUAciEiTGt14lwe
RGUToYn4ChZVLijPhlsm5RdJ2BoiGLiAL0PRuylInyH78naIF8msWoIE/wxD
g9WfxRfPj79t0JvXyAlL60xErtPb082JvMasRVN0ej3dpLvVrZpSbP1T6sJY
TyIm94fv5XK2xr90uYwvqPILP9YmHctUe583B2VHhPs8OC2a+tMFCHl3BaiX
l7ic2Pvpa+8QubWJEZ+cKAwwewDaGCJaKhndhewTcjXr5I6E3PHnkTuFWaM0
Wkmx3TrYRS5DIlp1s/HemGXHowQqX/Zam3NX5hx9zpy2Ig1zXl8jaFplttxK
3i5C4k53OtJlkrIdJ13LlJQNiMulNC6B9JPVZBVmWRK3bZKAlJObU0W8lwY2
fIfFgb770LEVX9Nfo30otO9+Du2ua+IzewJdFHE5Kz8FCqI9b+uFaL1v5EoJ
1IlsG9eluPfq2NWWr2ppu9oEePWYgA85fS7pFMWnSwPyehWpacqM++ryJJxB
EzJlUxnjSsk/yZXk3LgSTC7pUeFWYVQ4iXNhbtPEXvsoKCUf7eTVxdMkHnLT
mtjhkXOm80N5sZteUlW7vZ3uUf1aQaorMKRX57nqPam6MRZF8V5bYsgqBLrB
kt+QTdu8ikjHpVCPAggAapglvTxDqrK488biqpy32E6WM7F36ovgiNIQ3P21
k0PO6LGps5G/e0wvxAlczczmzQyuHyxeVSk3U9yLhr7W1/zayGDL6zxyfnPN
FnUfiPgOP0d8X9JlsuotK39dnt3bNaxD+ZSQnX5Yevx2ktJ0ZH6ydC/j8Nhv
pmZOhUw31sjJazF5qUdUm80v0WKIbDgyYfB1yJw55fvUFrHJ67akHpDES2oE
2Vrg0aMFNZUJKZcxHFtC4E1kn16evTxt093nnGE/31ai0VqVnlm+mjyhWss0
ZPgQFQTzbkpF8CW/4ExeR9qkrPqf/+vHP/93y2rFljeQSavhqDpToY88cAE9
STcQitmyRkpk0LdKvyJIlyaMUijhlVCjv/kruGC4XZiQH/jCoZYtqb8WiwWP
Ul1USwEPc3p6qulVSZ4U2yrd6Xy3bajyxRO2OX+E2ulqJsUqKN0DeGigMwfP
CMZxxkXS1uDCKiXVc7cqrx01CJPIO0YmmHGksn6AQthC7gOb4NtGnBCs+Ptw
oS8h1F7g3mEV8B1k+JXbjci2q/4PK/N0C8NWAAA=

-->

</rfc>
