From b3142d646382bb70975fdde8cb59c105db1de176 Mon Sep 17 00:00:00 2001 From: Wesley Rosenblum <55108558+WesleyRosenblum@users.noreply.github.com> Date: Fri, 7 Jun 2024 17:11:17 -0700 Subject: [PATCH] chore: cleanup duplicate duvet citations (#4587) --- compliance/initialize_duvet.sh | 16 ++--- compliance/specs/exceptions/rfc5746/3.6.toml | 2 +- compliance/specs/exceptions/rfc5746/4.2.toml | 2 +- compliance/specs/exceptions/rfc5746/4.4.toml | 2 +- compliance/specs/exceptions/rfc5746/5.toml | 2 +- .../rfc/rfc4492.txt | 0 .../rfc/rfc4492/section-2.1.toml | 2 +- .../rfc/rfc4492/section-2.2.toml | 2 +- .../rfc/rfc4492/section-2.3.toml | 2 +- .../rfc/rfc4492/section-2.4.toml | 2 +- .../rfc/rfc4492/section-2.5.toml | 2 +- .../rfc/rfc4492/section-2.toml | 2 +- .../rfc/rfc4492/section-3.1.toml | 2 +- .../rfc/rfc4492/section-3.2.toml | 2 +- .../rfc/rfc4492/section-3.3.toml | 2 +- .../rfc/rfc4492/section-4.toml | 2 +- .../rfc/rfc4492/section-5.1.2.toml | 2 +- .../rfc/rfc4492/section-5.1.toml | 2 +- .../rfc/rfc4492/section-5.10.toml | 2 +- .../rfc/rfc4492/section-5.2.toml | 2 +- .../rfc/rfc4492/section-5.3.toml | 2 +- .../rfc/rfc4492/section-5.4.toml | 2 +- .../rfc/rfc4492/section-5.6.toml | 2 +- .../rfc/rfc4492/section-5.7.toml | 2 +- .../rfc/rfc4492/section-5.9.toml | 2 +- .../rfc/rfc4492/section-6.toml | 2 +- .../rfc/rfc5246.txt | 0 .../rfc/rfc5246/appendix-A.5.toml | 2 +- .../rfc/rfc5246/appendix-E.1.toml | 2 +- .../rfc/rfc5246/appendix-E.2.toml | 2 +- .../rfc/rfc5246/appendix-E.3.toml | 2 +- .../rfc/rfc5246/appendix-F.1.1.3.toml | 2 +- .../rfc/rfc5246/section-1.2.toml | 2 +- .../rfc/rfc5246/section-4.7.toml | 2 +- .../rfc/rfc5246/section-5.toml | 2 +- .../rfc/rfc5246/section-6.1.toml | 2 +- .../rfc/rfc5246/section-6.2.1.toml | 2 +- .../rfc/rfc5246/section-6.2.2.toml | 2 +- .../rfc/rfc5246/section-6.2.3.2.toml | 2 +- .../rfc/rfc5246/section-6.2.3.3.toml | 2 +- .../rfc/rfc5246/section-6.2.3.toml | 2 +- .../rfc/rfc5246/section-6.toml | 2 +- .../rfc/rfc5246/section-7.1.toml | 2 +- .../rfc/rfc5246/section-7.2.1.toml | 2 +- .../rfc/rfc5246/section-7.2.2.toml | 2 +- .../rfc/rfc5246/section-7.2.toml | 2 +- .../rfc/rfc5246/section-7.3.toml | 2 +- .../rfc/rfc5246/section-7.4.1.1.toml | 2 +- .../rfc/rfc5246/section-7.4.1.2.toml | 2 +- .../rfc/rfc5246/section-7.4.1.3.toml | 2 +- .../rfc/rfc5246/section-7.4.1.4.1.toml | 2 +- .../rfc/rfc5246/section-7.4.1.4.toml | 2 +- .../rfc/rfc5246/section-7.4.2.toml | 2 +- .../rfc/rfc5246/section-7.4.3.toml | 2 +- .../rfc/rfc5246/section-7.4.4.toml | 2 +- .../rfc/rfc5246/section-7.4.5.toml | 2 +- .../rfc/rfc5246/section-7.4.6.toml | 2 +- .../rfc/rfc5246/section-7.4.7.1.toml | 2 +- .../rfc/rfc5246/section-7.4.7.2.toml | 2 +- .../rfc/rfc5246/section-7.4.7.toml | 2 +- .../rfc/rfc5246/section-7.4.8.toml | 2 +- .../rfc/rfc5246/section-7.4.9.toml | 2 +- .../rfc/rfc5246/section-7.4.toml | 2 +- .../rfc/rfc5246/section-9.toml | 2 +- .../rfc/rfc5746.txt | 0 .../rfc/rfc5746/section-3.4.toml | 2 +- .../rfc/rfc5746/section-3.5.toml | 2 +- .../rfc/rfc5746/section-3.6.toml | 2 +- .../rfc/rfc5746/section-3.7.toml | 2 +- .../rfc/rfc5746/section-4.1.toml | 2 +- .../rfc/rfc5746/section-4.2.toml | 2 +- .../rfc/rfc5746/section-4.3.toml | 2 +- .../rfc/rfc5746/section-4.4.toml | 2 +- .../rfc/rfc5746/section-4.5.toml | 2 +- .../rfc/rfc5746/section-5.toml | 2 +- .../rfc/rfc5869.txt | 0 .../rfc/rfc5869/section-3.3.toml | 2 +- .../rfc/rfc7627.txt | 0 .../rfc/rfc7627/section-4.toml | 2 +- .../rfc/rfc7627/section-5.1.toml | 2 +- .../rfc/rfc7627/section-5.2.toml | 2 +- .../rfc/rfc7627/section-5.3.toml | 2 +- .../rfc/rfc7627/section-5.4.toml | 2 +- .../rfc/rfc7627/section-6.2.toml | 2 +- .../rfc/rfc7627/section-6.4.toml | 2 +- .../rfc/rfc8422.txt | 0 .../rfc/rfc8422/section-2.1.toml | 2 +- .../rfc/rfc8422/section-2.2.toml | 2 +- .../rfc/rfc8422/section-2.3.toml | 2 +- .../rfc/rfc8422/section-2.toml | 2 +- .../rfc/rfc8422/section-3.1.toml | 2 +- .../rfc/rfc8422/section-3.toml | 2 +- .../rfc/rfc8422/section-4.toml | 2 +- .../rfc/rfc8422/section-5.1.2.toml | 2 +- .../rfc/rfc8422/section-5.1.toml | 2 +- .../rfc/rfc8422/section-5.10.toml | 2 +- .../rfc/rfc8422/section-5.11.toml | 2 +- .../rfc/rfc8422/section-5.2.toml | 2 +- .../rfc/rfc8422/section-5.3.toml | 2 +- .../rfc/rfc8422/section-5.4.toml | 2 +- .../rfc/rfc8422/section-5.6.toml | 2 +- .../rfc/rfc8422/section-5.9.toml | 2 +- .../rfc/rfc8422/section-6.toml | 2 +- .../rfc/rfc8446.txt | 0 .../rfc/rfc8446/appendix-A.1.toml | 2 +- .../rfc/rfc8446/appendix-B.3.1.4.toml | 2 +- .../rfc/rfc8446/appendix-B.toml | 2 +- .../rfc/rfc8446/appendix-C.1.toml | 2 +- .../rfc/rfc8446/appendix-C.2.toml | 2 +- .../rfc/rfc8446/appendix-C.3.toml | 2 +- .../rfc/rfc8446/appendix-C.4.toml | 2 +- .../rfc/rfc8446/appendix-C.5.toml | 2 +- .../rfc/rfc8446/appendix-D.1.toml | 2 +- .../rfc/rfc8446/appendix-D.2.toml | 2 +- .../rfc/rfc8446/appendix-D.3.toml | 2 +- .../rfc/rfc8446/appendix-D.4.toml | 2 +- .../rfc/rfc8446/appendix-D.5.toml | 2 +- .../rfc/rfc8446/appendix-D.toml | 2 +- .../rfc/rfc8446/appendix-E.1.1.toml | 2 +- .../rfc/rfc8446/appendix-E.1.4.toml | 2 +- .../rfc/rfc8446/appendix-E.1.toml | 2 +- .../rfc/rfc8446/appendix-E.5.1.toml | 2 +- .../rfc/rfc8446/appendix-E.5.toml | 2 +- .../rfc/rfc8446/section-11.toml | 2 +- .../rfc/rfc8446/section-2.1.toml | 2 +- .../rfc/rfc8446/section-2.2.toml | 2 +- .../rfc/rfc8446/section-2.toml | 2 +- .../rfc/rfc8446/section-4.1.1.toml | 2 +- .../rfc/rfc8446/section-4.1.2.toml | 2 +- .../rfc/rfc8446/section-4.1.3.toml | 2 +- .../rfc/rfc8446/section-4.1.4.toml | 2 +- .../rfc/rfc8446/section-4.2.1.toml | 2 +- .../rfc/rfc8446/section-4.2.10.toml | 2 +- .../rfc/rfc8446/section-4.2.11.1.toml | 2 +- .../rfc/rfc8446/section-4.2.11.3.toml | 2 +- .../rfc/rfc8446/section-4.2.11.toml | 2 +- .../rfc/rfc8446/section-4.2.2.toml | 2 +- .../rfc/rfc8446/section-4.2.3.toml | 2 +- .../rfc/rfc8446/section-4.2.4.toml | 2 +- .../rfc/rfc8446/section-4.2.5.toml | 2 +- .../rfc/rfc8446/section-4.2.6.toml | 2 +- .../rfc/rfc8446/section-4.2.7.toml | 2 +- .../rfc/rfc8446/section-4.2.8.1.toml | 2 +- .../rfc/rfc8446/section-4.2.8.2.toml | 2 +- .../rfc/rfc8446/section-4.2.8.toml | 2 +- .../rfc/rfc8446/section-4.2.9.toml | 2 +- .../rfc/rfc8446/section-4.2.toml | 2 +- .../rfc/rfc8446/section-4.3.1.toml | 2 +- .../rfc/rfc8446/section-4.3.2.toml | 2 +- .../rfc/rfc8446/section-4.4.2.1.toml | 2 +- .../rfc/rfc8446/section-4.4.2.2.toml | 2 +- .../rfc/rfc8446/section-4.4.2.3.toml | 2 +- .../rfc/rfc8446/section-4.4.2.4.toml | 2 +- .../rfc/rfc8446/section-4.4.2.toml | 2 +- .../rfc/rfc8446/section-4.4.3.toml | 2 +- .../rfc/rfc8446/section-4.4.4.toml | 2 +- .../rfc/rfc8446/section-4.5.toml | 2 +- .../rfc/rfc8446/section-4.6.1.toml | 2 +- .../rfc/rfc8446/section-4.6.2.toml | 2 +- .../rfc/rfc8446/section-4.6.3.toml | 2 +- .../rfc/rfc8446/section-4.toml | 2 +- .../rfc/rfc8446/section-5.1.toml | 2 +- .../rfc/rfc8446/section-5.2.toml | 2 +- .../rfc/rfc8446/section-5.3.toml | 2 +- .../rfc/rfc8446/section-5.4.toml | 2 +- .../rfc/rfc8446/section-5.5.toml | 2 +- .../rfc/rfc8446/section-5.toml | 2 +- .../rfc/rfc8446/section-6.1.toml | 2 +- .../rfc/rfc8446/section-6.2.toml | 2 +- .../rfc/rfc8446/section-6.toml | 2 +- .../rfc/rfc8446/section-7.1.toml | 2 +- .../rfc/rfc8446/section-7.2.toml | 2 +- .../rfc/rfc8446/section-7.4.2.toml | 2 +- .../rfc/rfc8446/section-7.5.toml | 2 +- .../rfc/rfc8446/section-8.2.toml | 2 +- .../rfc/rfc8446/section-8.toml | 2 +- .../rfc/rfc8446/section-9.1.toml | 2 +- .../rfc/rfc8446/section-9.2.toml | 2 +- .../rfc/rfc8446/section-9.3.toml | 2 +- .../rfc/rfc8448.txt | 0 crypto/s2n_ecc_evp.c | 4 +- tests/testlib/s2n_resumption_testlib.c | 2 +- tests/unit/s2n_alerts_protocol_test.c | 30 ++++---- tests/unit/s2n_cert_authorities_test.c | 4 +- tests/unit/s2n_cipher_suite_match_test.c | 6 +- .../s2n_client_early_data_indication_test.c | 12 ++-- tests/unit/s2n_client_hello_recv_test.c | 2 +- tests/unit/s2n_client_hello_request_test.c | 12 ++-- tests/unit/s2n_client_hello_retry_test.c | 30 ++++---- tests/unit/s2n_client_hello_test.c | 2 +- .../s2n_client_key_share_extension_test.c | 4 +- .../s2n_client_max_frag_len_extension_test.c | 2 +- tests/unit/s2n_client_psk_extension_test.c | 8 +-- ...client_renegotiation_info_extension_test.c | 20 +++--- ...client_supported_versions_extension_test.c | 2 +- tests/unit/s2n_cookie_test.c | 4 +- tests/unit/s2n_early_data_io_api_test.c | 10 +-- tests/unit/s2n_early_data_test.c | 10 +-- tests/unit/s2n_ecc_evp_test.c | 2 +- tests/unit/s2n_ems_extension_test.c | 2 +- tests/unit/s2n_extended_master_secret_test.c | 4 +- tests/unit/s2n_extension_type_test.c | 10 +-- tests/unit/s2n_handshake_io_early_data_test.c | 2 +- tests/unit/s2n_key_update_test.c | 2 +- tests/unit/s2n_post_handshake_recv_test.c | 2 +- tests/unit/s2n_psk_offered_test.c | 2 +- tests/unit/s2n_psk_test.c | 2 +- ...s2n_quic_transport_params_extension_test.c | 2 +- tests/unit/s2n_resume_test.c | 6 +- tests/unit/s2n_self_talk_session_id_test.c | 4 +- .../s2n_server_early_data_indication_test.c | 10 +-- tests/unit/s2n_server_hello_retry_test.c | 4 +- tests/unit/s2n_server_hello_test.c | 2 +- .../s2n_server_max_frag_len_extension_test.c | 2 +- .../unit/s2n_server_new_session_ticket_test.c | 16 ++--- .../unit/s2n_server_renegotiation_info_test.c | 20 +++--- .../s2n_tls13_handshake_early_data_test.c | 16 ++--- .../s2n_tls13_handshake_state_machine_test.c | 8 +-- .../s2n_tls13_key_schedule_rfc8448_test.c | 20 +++--- tests/unit/s2n_tls13_parse_record_type_test.c | 2 +- tests/unit/s2n_tls13_secrets_rfc8448_test.c | 70 +++++++++---------- .../unit/s2n_tls13_zero_length_payload_test.c | 6 +- tests/unit/s2n_tls_prf_test.c | 4 +- tls/extensions/s2n_cert_authorities.c | 2 +- tls/extensions/s2n_cert_status.c | 2 +- tls/extensions/s2n_client_cookie.c | 4 +- .../s2n_client_early_data_indication.c | 14 ++-- tls/extensions/s2n_client_ems.c | 2 +- tls/extensions/s2n_client_key_share.c | 6 +- tls/extensions/s2n_client_max_frag_len.c | 4 +- tls/extensions/s2n_client_psk.c | 16 ++--- .../s2n_client_renegotiation_info.c | 24 +++---- tls/extensions/s2n_ec_point_format.c | 2 +- tls/extensions/s2n_extension_list.c | 2 +- tls/extensions/s2n_extension_type.c | 6 +- tls/extensions/s2n_extension_type_lists.c | 6 +- .../s2n_nst_early_data_indication.c | 4 +- tls/extensions/s2n_psk_key_exchange_modes.c | 2 +- .../s2n_server_cert_status_request.c | 2 +- tls/extensions/s2n_server_cookie.c | 4 +- .../s2n_server_early_data_indication.c | 12 ++-- tls/extensions/s2n_server_ems.c | 4 +- tls/extensions/s2n_server_key_share.c | 2 +- .../s2n_server_max_fragment_length.c | 4 +- .../s2n_server_renegotiation_info.c | 30 ++++---- .../s2n_server_supported_versions.c | 2 +- tls/s2n_aead.c | 6 +- tls/s2n_alerts.c | 10 +-- tls/s2n_alerts.h | 14 ++-- tls/s2n_cipher_suites.c | 16 ++--- tls/s2n_client_hello.c | 20 +++--- tls/s2n_client_hello_request.c | 6 +- tls/s2n_config.c | 2 +- tls/s2n_connection.c | 2 +- tls/s2n_early_data.c | 10 +-- tls/s2n_early_data_io.c | 2 +- tls/s2n_handshake_io.c | 10 +-- tls/s2n_post_handshake.c | 2 +- tls/s2n_prf.c | 2 +- tls/s2n_protocol_preferences.c | 4 +- tls/s2n_psk.c | 6 +- tls/s2n_record.h | 6 +- tls/s2n_record_read.c | 4 +- tls/s2n_recv.c | 6 +- tls/s2n_resume.c | 4 +- tls/s2n_server_extensions.c | 2 +- tls/s2n_server_hello.c | 18 ++--- tls/s2n_server_hello_retry.c | 8 +-- tls/s2n_server_new_session_ticket.c | 20 +++--- tls/s2n_shutdown.c | 2 +- tls/s2n_signature_algorithms.c | 4 +- tls/s2n_tls13_key_schedule.c | 38 +++++----- tls/s2n_tls13_secrets.c | 38 +++++----- tls/s2n_tls_parameters.h | 2 +- tls/s2n_x509_validator.c | 4 +- 275 files changed, 583 insertions(+), 583 deletions(-) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492.txt (100%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-2.1.toml (94%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-2.2.toml (94%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-2.3.toml (84%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-2.4.toml (92%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-2.5.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-2.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-3.1.toml (89%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-3.2.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-3.3.toml (94%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-4.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-5.1.2.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-5.1.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-5.10.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-5.2.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-5.3.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-5.4.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-5.6.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-5.7.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-5.9.toml (91%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc4492/section-6.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246.txt (100%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/appendix-A.5.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/appendix-E.1.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/appendix-E.2.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/appendix-E.3.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/appendix-F.1.1.3.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-1.2.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-4.7.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-5.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-6.1.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-6.2.1.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-6.2.2.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-6.2.3.2.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-6.2.3.3.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-6.2.3.toml (94%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-6.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.1.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.2.1.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.2.2.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.2.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.3.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.1.1.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.1.2.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.1.3.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.1.4.1.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.1.4.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.2.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.3.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.4.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.5.toml (93%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.6.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.7.1.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.7.2.toml (95%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.7.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.8.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.9.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-7.4.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5246/section-9.toml (88%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5746.txt (100%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5746/section-3.4.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5746/section-3.5.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5746/section-3.6.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5746/section-3.7.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5746/section-4.1.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5746/section-4.2.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5746/section-4.3.toml (95%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5746/section-4.4.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5746/section-4.5.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5746/section-5.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5869.txt (100%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc5869/section-3.3.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc7627.txt (100%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc7627/section-4.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc7627/section-5.1.toml (94%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc7627/section-5.2.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc7627/section-5.3.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc7627/section-5.4.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc7627/section-6.2.toml (95%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc7627/section-6.4.toml (94%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422.txt (100%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-2.1.toml (94%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-2.2.toml (90%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-2.3.toml (95%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-2.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-3.1.toml (88%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-3.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-4.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-5.1.2.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-5.1.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-5.10.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-5.11.toml (95%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-5.2.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-5.3.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-5.4.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-5.6.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-5.9.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8422/section-6.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446.txt (100%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-A.1.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-B.3.1.4.toml (95%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-B.toml (89%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-C.1.toml (95%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-C.2.toml (93%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-C.3.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-C.4.toml (94%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-C.5.toml (95%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-D.1.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-D.2.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-D.3.toml (95%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-D.4.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-D.5.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-D.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-E.1.1.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-E.1.4.toml (94%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-E.1.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-E.5.1.toml (93%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/appendix-E.5.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-11.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-2.1.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-2.2.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-2.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.1.1.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.1.2.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.1.3.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.1.4.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.1.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.10.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.11.1.toml (94%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.11.3.toml (91%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.11.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.2.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.3.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.4.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.5.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.6.toml (91%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.7.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.8.1.toml (92%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.8.2.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.8.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.9.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.2.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.3.1.toml (95%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.3.2.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.4.2.1.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.4.2.2.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.4.2.3.toml (96%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.4.2.4.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.4.2.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.4.3.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.4.4.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.5.toml (95%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.6.1.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.6.2.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.6.3.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-4.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-5.1.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-5.2.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-5.3.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-5.4.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-5.5.toml (93%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-5.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-6.1.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-6.2.toml (99%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-6.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-7.1.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-7.2.toml (94%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-7.4.2.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-7.5.toml (97%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-8.2.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-8.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-9.1.toml (95%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-9.2.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8446/section-9.3.toml (98%) rename compliance/specs/{tools.ietf.org => www.rfc-editor.org}/rfc/rfc8448.txt (100%) diff --git a/compliance/initialize_duvet.sh b/compliance/initialize_duvet.sh index 01edbbacaaf..ebf2099a5cd 100755 --- a/compliance/initialize_duvet.sh +++ b/compliance/initialize_duvet.sh @@ -1,10 +1,10 @@ #/usr/bin/env bash -duvet extract https://tools.ietf.org/rfc/rfc5246 # The Transport Layer Security (TLS) Protocol Version 1.2 -duvet extract https://tools.ietf.org/rfc/rfc5869 # HMAC-based Extract-and-Expand Key Derivation Function (HKDF) -duvet extract https://tools.ietf.org/rfc/rfc8446 # The Transport Layer Security (TLS) Protocol Version 1.3 -duvet extract https://tools.ietf.org/rfc/rfc8448 # Example Handshake Traces for TLS 1.3 -duvet extract https://tools.ietf.org/rfc/rfc7627 # Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension -duvet extract https://tools.ietf.org/rfc/rfc5746 # Transport Layer Security (TLS) Renegotiation Indication Extension -duvet extract https://tools.ietf.org/rfc/rfc4492 # Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) -duvet extract https://tools.ietf.org/rfc/rfc8422 # Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) Versions 1.2 and Earlier +duvet extract https://www.rfc-editor.org/rfc/rfc5246 # The Transport Layer Security (TLS) Protocol Version 1.2 +duvet extract https://www.rfc-editor.org/rfc/rfc5869 # HMAC-based Extract-and-Expand Key Derivation Function (HKDF) +duvet extract https://www.rfc-editor.org/rfc/rfc8446 # The Transport Layer Security (TLS) Protocol Version 1.3 +duvet extract https://www.rfc-editor.org/rfc/rfc8448 # Example Handshake Traces for TLS 1.3 +duvet extract https://www.rfc-editor.org/rfc/rfc7627 # Transport Layer Security (TLS) Session Hash and Extended Master Secret Extension +duvet extract https://www.rfc-editor.org/rfc/rfc5746 # Transport Layer Security (TLS) Renegotiation Indication Extension +duvet extract https://www.rfc-editor.org/rfc/rfc4492 # Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) +duvet extract https://www.rfc-editor.org/rfc/rfc8422 # Elliptic Curve Cryptography (ECC) Cipher Suites for Transport Layer Security (TLS) Versions 1.2 and Earlier diff --git a/compliance/specs/exceptions/rfc5746/3.6.toml b/compliance/specs/exceptions/rfc5746/3.6.toml index 3296a69f460..f61e8240700 100644 --- a/compliance/specs/exceptions/rfc5746/3.6.toml +++ b/compliance/specs/exceptions/rfc5746/3.6.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5746#3.6" +target = "https://www.rfc-editor.org/rfc/rfc5746#3.6" [[exception]] quote = ''' diff --git a/compliance/specs/exceptions/rfc5746/4.2.toml b/compliance/specs/exceptions/rfc5746/4.2.toml index b3cf11c0209..0122fe678d3 100644 --- a/compliance/specs/exceptions/rfc5746/4.2.toml +++ b/compliance/specs/exceptions/rfc5746/4.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5746#4.2" +target = "https://www.rfc-editor.org/rfc/rfc5746#4.2" [[exception]] quote = ''' diff --git a/compliance/specs/exceptions/rfc5746/4.4.toml b/compliance/specs/exceptions/rfc5746/4.4.toml index 0eed6a682cb..f377197af4b 100644 --- a/compliance/specs/exceptions/rfc5746/4.4.toml +++ b/compliance/specs/exceptions/rfc5746/4.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5746#4.4" +target = "https://www.rfc-editor.org/rfc/rfc5746#4.4" [[exception]] quote = ''' diff --git a/compliance/specs/exceptions/rfc5746/5.toml b/compliance/specs/exceptions/rfc5746/5.toml index 7e7b9de2a75..afd5f84e832 100644 --- a/compliance/specs/exceptions/rfc5746/5.toml +++ b/compliance/specs/exceptions/rfc5746/5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5746#5" +target = "https://www.rfc-editor.org/rfc/rfc5746#5" [[exception]] quote = ''' diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492.txt b/compliance/specs/www.rfc-editor.org/rfc/rfc4492.txt similarity index 100% rename from compliance/specs/tools.ietf.org/rfc/rfc4492.txt rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492.txt diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.1.toml similarity index 94% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.1.toml index c10f7bee783..42e438c126b 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-2.1" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-2.1" # 2.1. ECDH_ECDSA # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.2.toml similarity index 94% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.2.toml index 925053bf55e..45832a7a01d 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-2.2" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-2.2" # 2.2. ECDHE_ECDSA # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.3.toml similarity index 84% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.3.toml index 1d67d537a6c..7c6468e9b8f 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-2.3" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-2.3" # 2.3. ECDH_RSA # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.4.toml similarity index 92% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.4.toml index f1fcdb7dff2..0a63d758534 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-2.4" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-2.4" # 2.4. ECDHE_RSA # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.5.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.5.toml index ec8782ab61f..46ad43101b2 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-2.5" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-2.5" # 2.5. ECDH_anon # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.toml index a2bbc7797bd..ebd110d563f 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-2" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-2" # 2. Key Exchange Algorithms # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-3.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-3.1.toml similarity index 89% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-3.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-3.1.toml index 723472a8e87..f83beb92e22 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-3.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-3.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-3.1" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-3.1" # 3.1. ECDSA_sign # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-3.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-3.2.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-3.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-3.2.toml index 44792804d8c..471623ef71e 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-3.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-3.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-3.2" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-3.2" # 3.2. ECDSA_fixed_ECDH # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-3.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-3.3.toml similarity index 94% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-3.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-3.3.toml index 3a3a5f211f0..471c0141ec8 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-3.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-3.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-3.3" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-3.3" # 3.3. RSA_fixed_ECDH # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-4.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-4.toml index 44046d45b6f..b309f3ab6b5 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-4" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-4" # 4. TLS Extensions for ECC # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.1.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.1.2.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.1.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.1.2.toml index 0f3747ffdad..12a202197f3 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.1.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.1.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-5.1.2" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-5.1.2" # 5.1.2. Supported Point Formats Extension # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.1.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.1.toml index 4c25561f1e5..eb7312f6d7c 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-5.1" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-5.1" # 5.1. Client Hello Extensions # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.10.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.10.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.10.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.10.toml index 590fa97c05f..6ed8cabdeba 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.10.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.10.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-5.10" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-5.10" # 5.10. ECDH, ECDSA, and RSA Computations # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.2.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.2.toml index 50589078572..7088152af63 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-5.2" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-5.2" # 5.2. Server Hello Extension # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.3.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.3.toml index e58afc3977e..0335723f964 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-5.3" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-5.3" # 5.3. Server Certificate # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.4.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.4.toml index 918792d3017..689438eba3e 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-5.4" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-5.4" # 5.4. Server Key Exchange # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.6.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.6.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.6.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.6.toml index 6195b920d5f..d66896c62ac 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.6.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.6.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-5.6" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-5.6" # 5.6. Client Certificate # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.7.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.7.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.7.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.7.toml index 3fd0e936035..6c29c4b5833 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.7.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.7.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-5.7" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-5.7" # 5.7. Client Key Exchange # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.9.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.9.toml similarity index 91% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.9.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.9.toml index 6cd30a4cda6..864990b2367 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-5.9.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-5.9.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-5.9" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-5.9" # 5.9. Elliptic Curve Certificates # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-6.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-6.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc4492/section-6.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-6.toml index fd869e3dced..b4b2bc09b55 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc4492/section-6.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc4492/section-6.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc4492#section-6" +target = "https://www.rfc-editor.org/rfc/rfc4492#section-6" # 6. Cipher Suites # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246.txt b/compliance/specs/www.rfc-editor.org/rfc/rfc5246.txt similarity index 100% rename from compliance/specs/tools.ietf.org/rfc/rfc5246.txt rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246.txt diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-A.5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-A.5.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-A.5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-A.5.toml index 640f7d06f4e..6ed929b2341 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-A.5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-A.5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#appendix-A.5" +target = "https://www.rfc-editor.org/rfc/rfc5246#appendix-A.5" # A.5. The Cipher Suite # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-E.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-E.1.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-E.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-E.1.toml index ce8c18be9d4..086e40a50f8 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-E.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-E.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#appendix-E.1" +target = "https://www.rfc-editor.org/rfc/rfc5246#appendix-E.1" # E.1. Compatibility with TLS 1.0/1.1 and SSL 3.0 # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-E.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-E.2.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-E.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-E.2.toml index dd2a8c55715..1411df8f639 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-E.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-E.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#appendix-E.2" +target = "https://www.rfc-editor.org/rfc/rfc5246#appendix-E.2" # E.2. Compatibility with SSL 2.0 # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-E.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-E.3.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-E.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-E.3.toml index b89cbd5920e..c3bc90ca2ff 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-E.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-E.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#appendix-E.3" +target = "https://www.rfc-editor.org/rfc/rfc5246#appendix-E.3" # E.3. Avoiding Man-in-the-Middle Version Rollback # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-F.1.1.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-F.1.1.3.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-F.1.1.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-F.1.1.3.toml index b4352381157..e7fddde1970 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/appendix-F.1.1.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/appendix-F.1.1.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#appendix-F.1.1.3" +target = "https://www.rfc-editor.org/rfc/rfc5246#appendix-F.1.1.3" # F.1.1.3. Diffie-Hellman Key Exchange with Authentication # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-1.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-1.2.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-1.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-1.2.toml index 6c9d6e43c42..3ff8dfe9cd3 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-1.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-1.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-1.2" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-1.2" # 1.2. Major Differences from TLS 1.1 # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-4.7.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-4.7.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-4.7.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-4.7.toml index 1e0046fab32..2813e9f628b 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-4.7.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-4.7.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-4.7" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-4.7" # 4.7. Cryptographic Attributes # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-5.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-5.toml index 37d053785b9..82884c425d0 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-5" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-5" # 5. HMAC and the Pseudorandom Function # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.1.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.1.toml index a3dc795af06..6c8ec146263 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-6.1" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-6.1" # 6.1. Connection States # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.1.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.1.toml index 516e0df6abe..7a88e4489e6 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-6.2.1" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-6.2.1" # 6.2.1. Fragmentation # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.2.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.2.toml index 66658907450..4fa8e9f63da 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-6.2.2" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-6.2.2" # 6.2.2. Record Compression and Decompression # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.3.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.3.2.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.3.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.3.2.toml index ac909d883de..72afb648cd7 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.3.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.3.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-6.2.3.2" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-6.2.3.2" # 6.2.3.2. CBC Block Cipher # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.3.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.3.3.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.3.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.3.3.toml index 85343688133..de8fd5b25fd 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.3.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.3.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-6.2.3.3" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-6.2.3.3" # 6.2.3.3. AEAD Ciphers # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.3.toml similarity index 94% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.3.toml index 2cdb216188e..568e32b1221 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.2.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.2.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-6.2.3" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-6.2.3" # 6.2.3. Record Payload Protection # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.toml index db8a057c9b1..8aec9b1c7e7 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-6.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-6.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-6" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-6" # 6. The TLS Record Protocol # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.1.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.1.toml index a077ffb6949..6806c5cc536 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.1" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.1" # 7.1. Change Cipher Spec Protocol # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.2.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.2.1.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.2.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.2.1.toml index 2d0eaf13d07..c6b54171e38 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.2.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.2.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.2.1" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.2.1" # 7.2.1. Closure Alerts # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.2.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.2.2.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.2.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.2.2.toml index bf6c3d5b173..1482c233471 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.2.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.2.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.2.2" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.2.2" # 7.2.2. Error Alerts # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.2.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.2.toml index 998b8adf9d6..5929c7bf82d 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.2" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.2" # 7.2. Alert Protocol # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.3.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.3.toml index e1d2feec68c..aefddacf557 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.3" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.3" # 7.3. Handshake Protocol Overview # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.1.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.1.toml index f21abc492c0..4e1cb4633ee 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.1.1" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.1.1" # 7.4.1.1. Hello Request # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.2.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.2.toml index e8dbc3f6142..fb2baa69527 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.1.2" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.1.2" # 7.4.1.2. Client Hello # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.3.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.3.toml index 0125fe6a8fe..05f8e7fae0f 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.1.3" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.1.3" # 7.4.1.3. Server Hello # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.4.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.4.1.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.4.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.4.1.toml index c8533c0c4b5..fbbb8926432 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.4.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.4.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.1.4.1" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.1.4.1" # 7.4.1.4.1. Signature Algorithms # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.4.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.4.toml index fa33fa0ff44..c7229c289de 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.1.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.1.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.1.4" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.1.4" # 7.4.1.4. Hello Extensions # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.2.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.2.toml index b468df18468..3ff9999c0bd 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.2" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.2" # 7.4.2. Server Certificate # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.3.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.3.toml index 5b941fa3a3e..f31fb802486 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.3" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.3" # 7.4.3. Server Key Exchange Message # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.4.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.4.toml index 9df728a3c8e..5d549b65ec6 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.4" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.4" # 7.4.4. Certificate Request # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.5.toml similarity index 93% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.5.toml index 839d7f29977..0e224dddb5f 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.5" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.5" # 7.4.5. Server Hello Done # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.6.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.6.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.6.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.6.toml index 49b79f11287..063be843a2f 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.6.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.6.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.6" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.6" # 7.4.6. Client Certificate # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.7.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.7.1.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.7.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.7.1.toml index c2fcb81830d..33a755fb7d2 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.7.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.7.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.7.1" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.7.1" # 7.4.7.1. RSA-Encrypted Premaster Secret Message # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.7.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.7.2.toml similarity index 95% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.7.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.7.2.toml index 3cc027caf25..1b64b8c661f 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.7.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.7.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.7.2" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.7.2" # 7.4.7.2. Client Diffie-Hellman Public Value # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.7.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.7.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.7.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.7.toml index f21b6d73c2a..03a9c35459f 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.7.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.7.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.7" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.7" # 7.4.7. Client Key Exchange Message # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.8.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.8.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.8.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.8.toml index bf0845d3f43..713ab21b149 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.8.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.8.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.8" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.8" # 7.4.8. Certificate Verify # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.9.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.9.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.9.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.9.toml index db295f2a9d3..c99e0d6adb7 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.9.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.9.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4.9" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4.9" # 7.4.9. Finished # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.toml index 2849100fcb7..a2ef98b1b1d 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-7.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-7.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-7.4" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-7.4" # 7.4. Handshake Protocol # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-9.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-9.toml similarity index 88% rename from compliance/specs/tools.ietf.org/rfc/rfc5246/section-9.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-9.toml index e22f7b4b955..2892209fd75 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5246/section-9.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5246/section-9.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5246#section-9" +target = "https://www.rfc-editor.org/rfc/rfc5246#section-9" # 9. Mandatory Cipher Suites # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5746.txt b/compliance/specs/www.rfc-editor.org/rfc/rfc5746.txt similarity index 100% rename from compliance/specs/tools.ietf.org/rfc/rfc5746.txt rename to compliance/specs/www.rfc-editor.org/rfc/rfc5746.txt diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-3.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-3.4.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc5746/section-3.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-3.4.toml index ccea5f93302..5980a1269a7 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-3.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-3.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5746#section-3.4" +target = "https://www.rfc-editor.org/rfc/rfc5746#section-3.4" # 3.4. Client Behavior: Initial Handshake # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-3.5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-3.5.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc5746/section-3.5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-3.5.toml index 6d525c230a2..ee68f5e4951 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-3.5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-3.5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5746#section-3.5" +target = "https://www.rfc-editor.org/rfc/rfc5746#section-3.5" # 3.5. Client Behavior: Secure Renegotiation # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-3.6.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-3.6.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5746/section-3.6.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-3.6.toml index 5f2dd555937..d6007f49883 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-3.6.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-3.6.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5746#section-3.6" +target = "https://www.rfc-editor.org/rfc/rfc5746#section-3.6" # 3.6. Server Behavior: Initial Handshake # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-3.7.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-3.7.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc5746/section-3.7.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-3.7.toml index 5f751d09c07..0f6273021a7 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-3.7.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-3.7.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5746#section-3.7" +target = "https://www.rfc-editor.org/rfc/rfc5746#section-3.7" # 3.7. Server Behavior: Secure Renegotiation # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.1.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.1.toml index 64bc0550d50..0480c45caf0 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5746#section-4.1" +target = "https://www.rfc-editor.org/rfc/rfc5746#section-4.1" # 4.1. Client Considerations # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.2.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.2.toml index 381f985b770..72b4c9d11fb 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5746#section-4.2" +target = "https://www.rfc-editor.org/rfc/rfc5746#section-4.2" # 4.2. Client Behavior: Legacy (Insecure) Renegotiation # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.3.toml similarity index 95% rename from compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.3.toml index ca2ab205592..a604b1018a0 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5746#section-4.3" +target = "https://www.rfc-editor.org/rfc/rfc5746#section-4.3" # 4.3. Server Considerations # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.4.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.4.toml index 8b19d5ebcc1..14ee260574a 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5746#section-4.4" +target = "https://www.rfc-editor.org/rfc/rfc5746#section-4.4" # 4.4. Server Behavior: Legacy (Insecure) Renegotiation # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.5.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.5.toml index 813dde2962e..eff798951e1 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-4.5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-4.5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5746#section-4.5" +target = "https://www.rfc-editor.org/rfc/rfc5746#section-4.5" # 4.5. SSLv3 # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-5.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc5746/section-5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-5.toml index a110f00cf23..3b58bf869c2 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5746/section-5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5746/section-5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5746#section-5" +target = "https://www.rfc-editor.org/rfc/rfc5746#section-5" # 5. Security Considerations # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5869.txt b/compliance/specs/www.rfc-editor.org/rfc/rfc5869.txt similarity index 100% rename from compliance/specs/tools.ietf.org/rfc/rfc5869.txt rename to compliance/specs/www.rfc-editor.org/rfc/rfc5869.txt diff --git a/compliance/specs/tools.ietf.org/rfc/rfc5869/section-3.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc5869/section-3.3.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc5869/section-3.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc5869/section-3.3.toml index 9ce8c8bbdba..b825056bb93 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc5869/section-3.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc5869/section-3.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc5869#section-3.3" +target = "https://www.rfc-editor.org/rfc/rfc5869#section-3.3" # 3.3. To Skip or not to Skip # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc7627.txt b/compliance/specs/www.rfc-editor.org/rfc/rfc7627.txt similarity index 100% rename from compliance/specs/tools.ietf.org/rfc/rfc7627.txt rename to compliance/specs/www.rfc-editor.org/rfc/rfc7627.txt diff --git a/compliance/specs/tools.ietf.org/rfc/rfc7627/section-4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-4.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc7627/section-4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-4.toml index aa6be4dcf4e..55347102b8e 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc7627/section-4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc7627#section-4" +target = "https://www.rfc-editor.org/rfc/rfc7627#section-4" # 4. The Extended Master Secret # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc7627/section-5.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-5.1.toml similarity index 94% rename from compliance/specs/tools.ietf.org/rfc/rfc7627/section-5.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-5.1.toml index 53b01b999a9..bd897b1813b 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc7627/section-5.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-5.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc7627#section-5.1" +target = "https://www.rfc-editor.org/rfc/rfc7627#section-5.1" # 5.1. Extension Definition # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc7627/section-5.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-5.2.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc7627/section-5.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-5.2.toml index d99d0516377..95aec3d635f 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc7627/section-5.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-5.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc7627#section-5.2" +target = "https://www.rfc-editor.org/rfc/rfc7627#section-5.2" # 5.2. Client and Server Behavior: Full Handshake # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc7627/section-5.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-5.3.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc7627/section-5.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-5.3.toml index 04b0f3ac482..1fad8cf3694 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc7627/section-5.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-5.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc7627#section-5.3" +target = "https://www.rfc-editor.org/rfc/rfc7627#section-5.3" # 5.3. Client and Server Behavior: Abbreviated Handshake # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc7627/section-5.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-5.4.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc7627/section-5.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-5.4.toml index 9d14780b600..5d29fefa011 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc7627/section-5.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-5.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc7627#section-5.4" +target = "https://www.rfc-editor.org/rfc/rfc7627#section-5.4" # 5.4. Interoperability Considerations # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc7627/section-6.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-6.2.toml similarity index 95% rename from compliance/specs/tools.ietf.org/rfc/rfc7627/section-6.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-6.2.toml index f30af88c87a..1ed1f325623 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc7627/section-6.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-6.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc7627#section-6.2" +target = "https://www.rfc-editor.org/rfc/rfc7627#section-6.2" # 6.2. Cryptographic Properties of the Hash Function # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc7627/section-6.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-6.4.toml similarity index 94% rename from compliance/specs/tools.ietf.org/rfc/rfc7627/section-6.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-6.4.toml index 50a31497542..f4bdc933d8f 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc7627/section-6.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc7627/section-6.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc7627#section-6.4" +target = "https://www.rfc-editor.org/rfc/rfc7627#section-6.4" # 6.4. No SSL 3.0 Support # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422.txt b/compliance/specs/www.rfc-editor.org/rfc/rfc8422.txt similarity index 100% rename from compliance/specs/tools.ietf.org/rfc/rfc8422.txt rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422.txt diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-2.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-2.1.toml similarity index 94% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-2.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-2.1.toml index 1c05d0978d3..d249c828435 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-2.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-2.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-2.1" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-2.1" # 2.1. ECDHE_ECDSA # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-2.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-2.2.toml similarity index 90% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-2.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-2.2.toml index e62d8490c93..2fe6ffa7334 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-2.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-2.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-2.2" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-2.2" # 2.2. ECDHE_RSA # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-2.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-2.3.toml similarity index 95% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-2.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-2.3.toml index 572b5388674..9681059a3a8 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-2.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-2.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-2.3" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-2.3" # 2.3. ECDH_anon # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-2.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-2.toml index 374ef190e67..0c5dcac1022 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-2" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-2" # 2. Key Exchange Algorithm # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-3.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-3.1.toml similarity index 88% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-3.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-3.1.toml index b9585bc683f..fc5cf63d49b 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-3.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-3.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-3.1" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-3.1" # 3.1. ECDSA_sign # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-3.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-3.toml index 6b0d9b8964a..b7abe6343eb 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-3" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-3" # 3. Client Authentication # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-4.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-4.toml index 45f20256603..b267dc07a94 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-4" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-4" # 4. TLS Extensions for ECC # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.1.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.1.2.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.1.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.1.2.toml index e997a65b422..2373b6177db 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.1.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.1.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-5.1.2" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-5.1.2" # 5.1.2. Supported Point Formats Extension # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.1.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.1.toml index 4def87401ed..b3c7032baea 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-5.1" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-5.1" # 5.1. Client Hello Extensions # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.10.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.10.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.10.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.10.toml index 2346c5f6bb7..934629d02a7 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.10.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.10.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-5.10" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-5.10" # 5.10. ECDH, ECDSA, and RSA Computations # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.11.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.11.toml similarity index 95% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.11.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.11.toml index 3d3e4ea1e09..6a96589f5b4 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.11.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.11.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-5.11" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-5.11" # 5.11. Public Key Validation # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.2.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.2.toml index 65b75f018b0..afb797b6f84 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-5.2" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-5.2" # 5.2. Server Hello Extension # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.3.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.3.toml index 09777b18c17..234106e01d5 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-5.3" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-5.3" # 5.3. Server Certificate # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.4.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.4.toml index 5815d11a8f0..7bc6f92f1c9 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-5.4" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-5.4" # 5.4. Server Key Exchange # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.6.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.6.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.6.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.6.toml index 693705c8f55..3abea24e966 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.6.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.6.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-5.6" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-5.6" # 5.6. Client Certificate # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.9.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.9.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.9.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.9.toml index 69c9b037ff4..bb6042f0bb3 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-5.9.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-5.9.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-5.9" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-5.9" # 5.9. Elliptic Curve Certificates # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-6.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-6.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8422/section-6.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-6.toml index 7bb30c9d46a..ddf145d71e7 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8422/section-6.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8422/section-6.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8422#section-6" +target = "https://www.rfc-editor.org/rfc/rfc8422#section-6" # 6. Cipher Suites # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446.txt b/compliance/specs/www.rfc-editor.org/rfc/rfc8446.txt similarity index 100% rename from compliance/specs/tools.ietf.org/rfc/rfc8446.txt rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446.txt diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-A.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-A.1.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-A.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-A.1.toml index 79c3bbcc9ca..6be78930908 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-A.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-A.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-A.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-A.1" # A.1. Client # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-B.3.1.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-B.3.1.4.toml similarity index 95% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-B.3.1.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-B.3.1.4.toml index 84404805438..952be3d9a60 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-B.3.1.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-B.3.1.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-B.3.1.4" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-B.3.1.4" # B.3.1.4. Supported Groups Extension # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-B.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-B.toml similarity index 89% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-B.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-B.toml index f85ba5d0bb0..720c2861327 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-B.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-B.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-B" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-B" # Appendix B. Protocol Data Structures and Constant Values # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.1.toml similarity index 95% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.1.toml index 7609bca686f..281cea6090a 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-C.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-C.1" # C.1. Random Number Generation and Seeding # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.2.toml similarity index 93% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.2.toml index 9d16d72d90a..a00d50001dc 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-C.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-C.2" # C.2. Certificates and Authentication # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.3.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.3.toml index 0f9061dec69..a5afcf17bd3 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-C.3" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-C.3" # C.3. Implementation Pitfalls # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.4.toml similarity index 94% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.4.toml index 5636524b9bd..49118e48b4b 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-C.4" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-C.4" # C.4. Client Tracking Prevention # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.5.toml similarity index 95% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.5.toml index e8e27cd731f..dbb715e09f4 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-C.5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-C.5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-C.5" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-C.5" # C.5. Unauthenticated Operation # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.1.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.1.toml index 0b95bc1ee03..a37251a60a6 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-D.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-D.1" # D.1. Negotiating with an Older Server # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.2.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.2.toml index 00d087a5a46..fe347585105 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-D.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-D.2" # D.2. Negotiating with an Older Client # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.3.toml similarity index 95% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.3.toml index 0f6a76deea6..cc8f053046e 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-D.3" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-D.3" # D.3. 0-RTT Backward Compatibility # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.4.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.4.toml index b7ea0b5f9de..0c2227307a1 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-D.4" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-D.4" # D.4. Middlebox Compatibility Mode # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.5.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.5.toml index 5142058e02d..4c2dd467445 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-D.5" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-D.5" # D.5. Security Restrictions Related to Backward Compatibility # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.toml index b9609affbd7..88808d1c54c 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-D.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-D.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-D" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-D" # Appendix D. Backward Compatibility # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.1.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.1.1.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.1.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.1.1.toml index 94124d0c600..950eec5cacb 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.1.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.1.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-E.1.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-E.1.1" # E.1.1. Key Derivation and HKDF # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.1.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.1.4.toml similarity index 94% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.1.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.1.4.toml index 658b74910de..71dac5ac2dd 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.1.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.1.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-E.1.4" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-E.1.4" # E.1.4. Exporter Independence # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.1.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.1.toml index 6a70736c147..ded6dedb87d 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-E.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-E.1" # E.1. Handshake # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.5.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.5.1.toml similarity index 93% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.5.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.5.1.toml index c3c327f7350..155a4b019cd 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.5.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.5.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-E.5.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-E.5.1" # E.5.1. Replay and Exporters # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.5.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.5.toml index ef746afb5d7..0db86334cb5 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/appendix-E.5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/appendix-E.5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#appendix-E.5" +target = "https://www.rfc-editor.org/rfc/rfc8446#appendix-E.5" # E.5. Replay Attacks on 0-RTT # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-11.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-11.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-11.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-11.toml index 12eec44be6e..a916b6cf5f4 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-11.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-11.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-11" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-11" # 11. IANA Considerations # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-2.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-2.1.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-2.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-2.1.toml index ff91aae58d1..aa8de37b91c 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-2.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-2.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-2.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-2.1" # 2.1. Incorrect DHE Share # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-2.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-2.2.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-2.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-2.2.toml index 64854eae548..ef6f697a9a4 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-2.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-2.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-2.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-2.2" # 2.2. Resumption and Pre-Shared Key (PSK) # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-2.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-2.toml index b78eb00a46c..0fdbabfd136 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-2" # 2. Protocol Overview # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.1.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.1.1.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.1.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.1.1.toml index fad063ae325..e5b25b64c8a 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.1.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.1.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.1.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.1.1" # 4.1.1. Cryptographic Negotiation # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.1.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.1.2.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.1.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.1.2.toml index 314e39413db..1b91caeee8a 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.1.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.1.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.1.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.1.2" # 4.1.2. Client Hello # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.1.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.1.3.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.1.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.1.3.toml index 43b2299d69e..578cd40cb76 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.1.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.1.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.1.3" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.1.3" # 4.1.3. Server Hello # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.1.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.1.4.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.1.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.1.4.toml index bb4a902f620..4edeff98773 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.1.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.1.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.1.4" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.1.4" # 4.1.4. Hello Retry Request # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.1.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.1.toml index 10bb3d0e819..6a44b2d7ecf 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.1" # 4.2.1. Supported Versions # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.10.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.10.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.10.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.10.toml index 41042cde2dd..2bcb3476f89 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.10.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.10.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.10" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10" # 4.2.10. Early Data Indication # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.11.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.11.1.toml similarity index 94% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.11.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.11.1.toml index 0e0c73c993a..0d1f295e5cd 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.11.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.11.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.11.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.11.1" # 4.2.11.1. Ticket Age # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.11.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.11.3.toml similarity index 91% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.11.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.11.3.toml index 1eba280091c..2b10009ed61 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.11.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.11.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.11.3" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.11.3" # 4.2.11.3. Processing Order # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.11.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.11.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.11.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.11.toml index 45f84d11765..c91b581503b 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.11.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.11.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.11" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.11" # 4.2.11. Pre-Shared Key Extension # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.2.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.2.toml index 99260a1ad53..cef7781a746 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.2" # 4.2.2. Cookie # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.3.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.3.toml index a98b4ca8bd0..993412ff994 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.3" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.3" # 4.2.3. Signature Algorithms # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.4.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.4.toml index 8d832eb2671..f2f081a2d63 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.4" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.4" # 4.2.4. Certificate Authorities # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.5.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.5.toml index 72f2c49f891..392fb461cab 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.5" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.5" # 4.2.5. OID Filters # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.6.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.6.toml similarity index 91% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.6.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.6.toml index ea294db6204..d813885542e 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.6.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.6.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.6" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.6" # 4.2.6. Post-Handshake Client Authentication # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.7.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.7.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.7.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.7.toml index c2f0f1d8201..40e27839890 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.7.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.7.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.7" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.7" # 4.2.7. Supported Groups # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.8.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.8.1.toml similarity index 92% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.8.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.8.1.toml index add37846ae9..624c75313d9 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.8.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.8.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.8.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.8.1" # 4.2.8.1. Diffie-Hellman Parameters # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.8.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.8.2.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.8.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.8.2.toml index 576974c8772..f97d79d2698 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.8.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.8.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.8.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.8.2" # 4.2.8.2. ECDHE Parameters # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.8.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.8.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.8.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.8.toml index faaaabe5dee..83d0a106351 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.8.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.8.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.8" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.8" # 4.2.8. Key Share # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.9.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.9.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.9.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.9.toml index ee0f5fd5da9..5624993643f 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.9.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.9.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2.9" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2.9" # 4.2.9. Pre-Shared Key Exchange Modes # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.toml index 89afed78fd0..83e7272b7f1 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.2" # 4.2. Extensions # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.3.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.3.1.toml similarity index 95% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.3.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.3.1.toml index 89c59283ec8..5d158e93c69 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.3.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.3.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.3.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.3.1" # 4.3.1. Encrypted Extensions # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.3.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.3.2.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.3.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.3.2.toml index 5dff2957034..14cc4ac60d0 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.3.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.3.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.3.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.3.2" # 4.3.2. Certificate Request # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.1.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.1.toml index 79f5468c16a..125afe89c42 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.4.2.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.4.2.1" # 4.4.2.1. OCSP Status and SCT Extensions # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.2.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.2.toml index 7a2f6d9f4fe..976312b558d 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.4.2.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.4.2.2" # 4.4.2.2. Server Certificate Selection # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.3.toml similarity index 96% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.3.toml index f6bd01a359a..b2660e8664a 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.4.2.3" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.4.2.3" # 4.4.2.3. Client Certificate Selection # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.4.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.4.toml index 0c7c6aa8616..97bca4ce233 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.4.2.4" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.4.2.4" # 4.4.2.4. Receiving a Certificate Message # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.toml index 1ba50b0c645..4a33085c851 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.4.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.4.2" # 4.4.2. Certificate # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.3.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.3.toml index 7a321eacc7a..0c7666af322 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.4.3" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.4.3" # 4.4.3. Certificate Verify # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.4.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.4.toml index 15e54bc1c48..91b9feaeda5 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.4.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.4.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.4.4" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.4.4" # 4.4.4. Finished # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.5.toml similarity index 95% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.5.toml index 6b623c0b0fc..c4089115d2f 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.5" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.5" # 4.5. End of Early Data # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.6.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.6.1.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.6.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.6.1.toml index 309edba44fd..23fc9a38181 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.6.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.6.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.6.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1" # 4.6.1. New Session Ticket Message # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.6.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.6.2.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.6.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.6.2.toml index 3f738acbf8e..e3cde83a3c8 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.6.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.6.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.6.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.6.2" # 4.6.2. Post-Handshake Authentication # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.6.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.6.3.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.6.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.6.3.toml index a27655324b4..23db9c5ef70 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.6.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.6.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4.6.3" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4.6.3" # 4.6.3. Key and Initialization Vector Update # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.toml index ffdc71fa788..8683b2abbe4 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-4" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-4" # 4. Handshake Protocol # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.1.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.1.toml index 1c867fa2e99..04361326c91 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-5.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-5.1" # 5.1. Record Layer # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.2.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.2.toml index 4c8054c9cd2..81457cf3c24 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-5.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-5.2" # 5.2. Record Payload Protection # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.3.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.3.toml index 3e0893a90ef..13113420ce4 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-5.3" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-5.3" # 5.3. Per-Record Nonce # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.4.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.4.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.4.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.4.toml index b51d095cefb..1f38492ab1f 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.4.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.4.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-5.4" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-5.4" # 5.4. Record Padding # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.5.toml similarity index 93% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.5.toml index 5cd1becc5d4..a8365d9598b 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-5.5" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-5.5" # 5.5. Limits on Key Usage # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.toml index 7840ae3ea6b..fabed8fdefb 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-5" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-5" # 5. Record Protocol # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-6.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-6.1.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-6.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-6.1.toml index 7de704af258..28f9bdadc4b 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-6.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-6.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-6.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-6.1" # 6.1. Closure Alerts # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-6.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-6.2.toml similarity index 99% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-6.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-6.2.toml index f7d9c67e240..d14ed29a923 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-6.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-6.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-6.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-6.2" # 6.2. Error Alerts # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-6.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-6.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-6.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-6.toml index 83aaee8931b..4beecdc75ff 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-6.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-6.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-6" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-6" # 6. Alert Protocol # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-7.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-7.1.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-7.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-7.1.toml index d85741249d8..2e3eebca6c0 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-7.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-7.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-7.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-7.1" # 7.1. Key Schedule # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-7.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-7.2.toml similarity index 94% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-7.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-7.2.toml index 76b703550fd..f729f7fb275 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-7.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-7.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-7.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-7.2" # 7.2. Updating Traffic Secrets # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-7.4.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-7.4.2.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-7.4.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-7.4.2.toml index 5c185101527..fabc3b07799 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-7.4.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-7.4.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-7.4.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-7.4.2" # 7.4.2. Elliptic Curve Diffie-Hellman # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-7.5.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-7.5.toml similarity index 97% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-7.5.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-7.5.toml index a3765c027c1..262aceabbd9 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-7.5.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-7.5.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-7.5" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-7.5" # 7.5. Exporters # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-8.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-8.2.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-8.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-8.2.toml index 720180665f0..804defaaf45 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-8.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-8.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-8.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-8.2" # 8.2. Client Hello Recording # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-8.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-8.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-8.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-8.toml index f0947e2f050..2b902daf5ab 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-8.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-8.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-8" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-8" # 8. 0-RTT and Anti-Replay # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-9.1.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-9.1.toml similarity index 95% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-9.1.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-9.1.toml index d74323bde8e..2e670ddc065 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-9.1.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-9.1.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-9.1" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-9.1" # 9.1. Mandatory-to-Implement Cipher Suites # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-9.2.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-9.2.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-9.2.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-9.2.toml index 6f6d036b745..8bcedb8c6b9 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-9.2.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-9.2.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-9.2" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-9.2" # 9.2. Mandatory-to-Implement Extensions # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-9.3.toml b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-9.3.toml similarity index 98% rename from compliance/specs/tools.ietf.org/rfc/rfc8446/section-9.3.toml rename to compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-9.3.toml index c58b0a636cb..8bfcef37211 100644 --- a/compliance/specs/tools.ietf.org/rfc/rfc8446/section-9.3.toml +++ b/compliance/specs/www.rfc-editor.org/rfc/rfc8446/section-9.3.toml @@ -1,4 +1,4 @@ -target = "https://tools.ietf.org/rfc/rfc8446#section-9.3" +target = "https://www.rfc-editor.org/rfc/rfc8446#section-9.3" # 9.3. Protocol Invariants # diff --git a/compliance/specs/tools.ietf.org/rfc/rfc8448.txt b/compliance/specs/www.rfc-editor.org/rfc/rfc8448.txt similarity index 100% rename from compliance/specs/tools.ietf.org/rfc/rfc8448.txt rename to compliance/specs/www.rfc-editor.org/rfc/rfc8448.txt diff --git a/crypto/s2n_ecc_evp.c b/crypto/s2n_ecc_evp.c index 80c9b637986..6d352a7c148 100644 --- a/crypto/s2n_ecc_evp.c +++ b/crypto/s2n_ecc_evp.c @@ -196,12 +196,12 @@ static int s2n_ecc_evp_compute_shared_secret(EVP_PKEY *own_key, EVP_PKEY *peer_p POSIX_ENSURE_REF(own_key); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.8.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.8.2 *# For the curves secp256r1, secp384r1, and secp521r1, peers MUST *# validate each other's public value Q by ensuring that the point is a *# valid point on the elliptic curve. * - *= https://tools.ietf.org/rfc/rfc8422#section-5.11 + *= https://www.rfc-editor.org/rfc/rfc8422#section-5.11 *# With the NIST curves, each party MUST validate the public key sent by *# its peer in the ClientKeyExchange and ServerKeyExchange messages. A *# receiving party MUST check that the x and y parameters from the diff --git a/tests/testlib/s2n_resumption_testlib.c b/tests/testlib/s2n_resumption_testlib.c index 44686644070..561f231a85c 100644 --- a/tests/testlib/s2n_resumption_testlib.c +++ b/tests/testlib/s2n_resumption_testlib.c @@ -17,7 +17,7 @@ S2N_RESULT s2n_resumption_test_ticket_key_setup(struct s2n_config *config) { /** - *= https://tools.ietf.org/rfc/rfc5869#appendix-A.1 + *= https://www.rfc-editor.org/rfc/rfc5869#appendix-A.1 *# PRK = 0x077709362c2e32df0ddc3f0dc47bba63 *# 90b6c73bb50f9c3122ec844ad7c2b3e5 (32 octets) **/ diff --git a/tests/unit/s2n_alerts_protocol_test.c b/tests/unit/s2n_alerts_protocol_test.c index 9f8204324e9..4e50f552835 100644 --- a/tests/unit/s2n_alerts_protocol_test.c +++ b/tests/unit/s2n_alerts_protocol_test.c @@ -53,14 +53,14 @@ int main(int argc, char **argv) uint8_t data[] = "hello"; /** - *= https://tools.ietf.org/rfc/rfc8446#section-6 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6 *= type=test *# Unknown Alert types MUST be treated as error alerts. */ uint8_t test_alert_levels[] = { 0, 1, 2, 3, 10, UINT8_MAX }; /** - *= https://tools.ietf.org/rfc/rfc8446#section-6 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6 *= type=test *# All the alerts listed in Section 6.2 MUST be sent with *# AlertLevel=fatal and MUST be treated as error alerts when received @@ -153,7 +153,7 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_flush(sender, &blocked)); /** - *= https://tools.ietf.org/rfc/rfc8446#section-6 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6 *= type=test *# Upon receiving an error alert, the TLS implementation *# SHOULD indicate an error to the application and MUST NOT allow any @@ -169,7 +169,7 @@ int main(int argc, char **argv) } /** - *= https://tools.ietf.org/rfc/rfc8446#section-6.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6.2 *= type=test *# Upon transmission or *# receipt of a fatal alert message, both parties MUST immediately close @@ -178,7 +178,7 @@ int main(int argc, char **argv) EXPECT_TRUE(s2n_connection_check_io_status(receiver, S2N_IO_CLOSED)); /** - *= https://tools.ietf.org/rfc/rfc8446#section-6.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6.2 *= type=test *# The implementation SHOULD provide a way to facilitate logging the sending *# and receiving of alerts. @@ -299,7 +299,7 @@ int main(int argc, char **argv) EXPECT_TRUE(failed_conn->alert_sent); /** - *= https://tools.ietf.org/rfc/rfc8446#section-6.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6.2 *= type=test *# Upon transmission or *# receipt of a fatal alert message, both parties MUST immediately close @@ -308,7 +308,7 @@ int main(int argc, char **argv) EXPECT_TRUE(s2n_connection_check_io_status(failed_conn, S2N_IO_CLOSED)); /** - *= https://tools.ietf.org/rfc/rfc8446#section-6.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6.2 *= type=test *# Whenever an implementation encounters a fatal error condition, it *# SHOULD send an appropriate fatal alert @@ -321,7 +321,7 @@ int main(int argc, char **argv) } EXPECT_EQUAL(expected_alert, s2n_connection_get_alert(closed_conn)); /** - *= https://tools.ietf.org/rfc/rfc8446#section-6.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6.2 *= type=test *# and MUST close the connection *# without sending or receiving any additional data. @@ -334,7 +334,7 @@ int main(int argc, char **argv) /* Test: Receiving a closure alert * - *= https://tools.ietf.org/rfc/rfc8446#section-6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6.1 *= type=test *# Either party MAY initiate a close of its write side of the connection *# by sending a "close_notify" alert. Any data received after a closure @@ -386,7 +386,7 @@ int main(int argc, char **argv) EXPECT_FALSE(s2n_connection_check_io_status(receiver, S2N_IO_READABLE)); /* - *= https://tools.ietf.org/rfc/rfc8446#section-6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6.1 *= type=test *# Any data received after a closure alert has been received MUST be ignored. */ @@ -402,7 +402,7 @@ int main(int argc, char **argv) /* Test: Sending a closure alert * - *= https://tools.ietf.org/rfc/rfc8446#section-6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6.1 *= type=test *# Each party MUST send a "close_notify" alert before closing its write *# side of the connection, unless it has already sent some error alert. @@ -441,7 +441,7 @@ int main(int argc, char **argv) /* Receive close_notify * - *= https://tools.ietf.org/rfc/rfc8446#section-6 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6 *= type=test *# The "close_notify" alert is used to indicate orderly closure of one *# direction of the connection. Upon receiving such an alert, the TLS @@ -467,7 +467,7 @@ int main(int argc, char **argv) /* Test: Closure alerts in TLS1.2 * - *= https://tools.ietf.org/rfc/rfc8446#section-6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6.1 *= type=test *# Note that this is a change from versions of TLS prior to TLS 1.3 in *# which implementations were required to react to a "close_notify" by @@ -525,13 +525,13 @@ int main(int argc, char **argv) /* Test: End-of-Data * - *= https://tools.ietf.org/rfc/rfc8446#6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#6.1 *= type=test *# If a transport-level close *# is received prior to a "close_notify", the receiver cannot know that *# all the data that was sent has been received. * - *= https://tools.ietf.org/rfc/rfc8446#6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#6.1 *= type=test *# If the application protocol using TLS provides that any data may be *# carried over the underlying transport after the TLS connection is diff --git a/tests/unit/s2n_cert_authorities_test.c b/tests/unit/s2n_cert_authorities_test.c index 39d0baa317e..f0e9e69fb84 100644 --- a/tests/unit/s2n_cert_authorities_test.c +++ b/tests/unit/s2n_cert_authorities_test.c @@ -186,7 +186,7 @@ int main(int argc, char **argv) /* Test: ClientHello extension ignored * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.4 *= type=test *# The client MAY send the "certificate_authorities" extension in the *# ClientHello message. @@ -247,7 +247,7 @@ int main(int argc, char **argv) /* Self-talk test: CertificateRequest extension parsed * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.4 *= type=test *# The server MAY send it in the CertificateRequest message. **/ diff --git a/tests/unit/s2n_cipher_suite_match_test.c b/tests/unit/s2n_cipher_suite_match_test.c index d4501f5f2b7..ff05d7de578 100644 --- a/tests/unit/s2n_cipher_suite_match_test.c +++ b/tests/unit/s2n_cipher_suite_match_test.c @@ -101,7 +101,7 @@ int main(int argc, char **argv) }; /** Clients MUST verify - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.11 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.11 *= type=test *# that the server selected a cipher suite *# indicating a Hash associated with the PSK @@ -297,7 +297,7 @@ int main(int argc, char **argv) /* TEST RENEGOTIATION * - *= https://tools.ietf.org/rfc/rfc5746#3.6 + *= https://www.rfc-editor.org/rfc/rfc5746#3.6 *= type=test *# o When a ClientHello is received, the server MUST check if it *# includes the TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If it does, @@ -789,7 +789,7 @@ int main(int argc, char **argv) /* If a PSK is being used, then the cipher suite must match the PSK's HMAC algorithm. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.11 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.11 *= type=test *# The server MUST ensure that it selects a compatible PSK *# (if any) and cipher suite. diff --git a/tests/unit/s2n_client_early_data_indication_test.c b/tests/unit/s2n_client_early_data_indication_test.c index e25a458141c..0e39e09ecfc 100644 --- a/tests/unit/s2n_client_early_data_indication_test.c +++ b/tests/unit/s2n_client_early_data_indication_test.c @@ -76,7 +76,7 @@ int main(int argc, char **argv) /** Don't send if no PSK extension is sent. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# When a PSK is used and early data is allowed for that PSK, the client *# can send Application Data in its first flight of messages. If the @@ -98,12 +98,12 @@ int main(int argc, char **argv) /** * Don't send when performing a retry. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# A client MUST NOT include the *# "early_data" extension in its followup ClientHello. * - *= https://tools.ietf.org/rfc/rfc8446#4.1.2 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.2 *= type=test *# - Removing the "early_data" extension (Section 4.2.10) if one was *# present. Early data is not permitted after a HelloRetryRequest. @@ -273,7 +273,7 @@ int main(int argc, char **argv) EXPECT_EQUAL(conn->early_data_state, S2N_EARLY_DATA_REQUESTED); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# A client MUST NOT include the *# "early_data" extension in its followup ClientHello. @@ -401,12 +401,12 @@ int main(int argc, char **argv) /* Test state transitions with a HelloRetryRequest. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# A server which receives an "early_data" extension MUST behave in one *# of three ways: * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# - Request that the client send another ClientHello by responding *# with a HelloRetryRequest. diff --git a/tests/unit/s2n_client_hello_recv_test.c b/tests/unit/s2n_client_hello_recv_test.c index 6ad7a37baf0..9a89dcc2d60 100644 --- a/tests/unit/s2n_client_hello_recv_test.c +++ b/tests/unit/s2n_client_hello_recv_test.c @@ -462,7 +462,7 @@ int main(int argc, char **argv) /* Test that curve selection will be NIST P-256 when tls12 client does not send curve extension. * - *= https://tools.ietf.org/rfc/rfc4492#section-4 + *= https://www.rfc-editor.org/rfc/rfc4492#section-4 *= type=test *# A client that proposes ECC cipher suites may choose not to include these extensions. *# In this case, the server is free to choose any one of the elliptic curves or point formats listed in Section 5. diff --git a/tests/unit/s2n_client_hello_request_test.c b/tests/unit/s2n_client_hello_request_test.c index ee28287676d..7d6cb8d594c 100644 --- a/tests/unit/s2n_client_hello_request_test.c +++ b/tests/unit/s2n_client_hello_request_test.c @@ -209,7 +209,7 @@ int main(int argc, char **argv) /* Test: Hello requests received after the handshake do NOT trigger a no_renegotiation alert * if renegotiation callbacks not set. * - *= https://tools.ietf.org/rfc/rfc5246#section-7.4.1.1 + *= https://www.rfc-editor.org/rfc/rfc5246#section-7.4.1.1 *= type=test *# This message MAY be ignored by *# the client if it does not wish to renegotiate a session, or the @@ -250,12 +250,12 @@ int main(int argc, char **argv) /* Test: Hello requests received after the handshake trigger a no_renegotiation alert * if the application rejects the renegotiation request * - *= https://tools.ietf.org/rfc/rfc5746#5 + *= https://www.rfc-editor.org/rfc/rfc5746#5 *= type=test *# TLS implementations SHOULD provide a mechanism to disable and enable *# renegotiation. * - *= https://tools.ietf.org/rfc/rfc5246#section-7.4.1.1 + *= https://www.rfc-editor.org/rfc/rfc5246#section-7.4.1.1 *= type=test *# This message MAY be ignored by *# the client if it does not wish to renegotiate a session, or the @@ -300,7 +300,7 @@ int main(int argc, char **argv) /* Test: Hello requests received after the handshake do not trigger a no_renegotiation alert * if the application accepts the renegotiation request * - *= https://tools.ietf.org/rfc/rfc5746#5 + *= https://www.rfc-editor.org/rfc/rfc5746#5 *= type=test *# TLS implementations SHOULD provide a mechanism to disable and enable *# renegotiation. @@ -381,7 +381,7 @@ int main(int argc, char **argv) /* Test: Hello requests received after the handshake trigger a no_renegotiation alert * if secure renegotiation is not supported, even if the application would have accepted the request. * - *= https://tools.ietf.org/rfc/rfc5746#section-4.2 + *= https://www.rfc-editor.org/rfc/rfc5746#section-4.2 *= type=test *# This text applies if the connection's "secure_renegotiation" flag is *# set to FALSE. @@ -475,7 +475,7 @@ int main(int argc, char **argv) /* Test: SSLv3 sends a fatal handshake_failure alert instead of no_renegotiate * - *= https://tools.ietf.org/rfc/rfc5746#4.5 + *= https://www.rfc-editor.org/rfc/rfc5746#4.5 *= type=test *# SSLv3 does not define the "no_renegotiation" alert (and does *# not offer a way to indicate a refusal to renegotiate at a "warning" diff --git a/tests/unit/s2n_client_hello_retry_test.c b/tests/unit/s2n_client_hello_retry_test.c index 6ab9ec67272..643e6d12bf7 100644 --- a/tests/unit/s2n_client_hello_retry_test.c +++ b/tests/unit/s2n_client_hello_retry_test.c @@ -405,7 +405,7 @@ int main(int argc, char **argv) * The server sends a HelloRetryRequest that requires the client to generate a * key share on the server negotiated curve. * - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *= type=test *# Otherwise, the client MUST process all extensions in the *# HelloRetryRequest and send a second updated ClientHello. @@ -469,7 +469,7 @@ int main(int argc, char **argv) * The server then sends a HelloRetryRequest that requires the * client to generate a key share on the P-256 curve. * - *= https://tools.ietf.org/rfc/rfc8446#4.1.1 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.1 *= type=test *# If the server selects an (EC)DHE group and the client did not offer a *# compatible "key_share" extension in the initial ClientHello, the @@ -539,7 +539,7 @@ int main(int argc, char **argv) * Ensure the client aborts the handshake if more than one * HelloRetryRequest is received * - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *= type=test *# If a client receives a second *# HelloRetryRequest in the same connection (i.e., where the ClientHello @@ -620,7 +620,7 @@ int main(int argc, char **argv) * Ensure that s2n_random_value_is_hello_retry returns true for hello * retry random values, and false otherwise * - *= https://tools.ietf.org/rfc/rfc8446#4.1.3 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.3 *= type=test *# Upon receiving a message with type server_hello, implementations MUST *# first examine the Random value and, if it matches this value, process @@ -642,7 +642,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *= type=test *# Upon receiving *# the ServerHello, clients MUST check that the cipher suite supplied in @@ -681,7 +681,7 @@ int main(int argc, char **argv) /* * Self-Talk * - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.2 *= type=test *# The client will also send a *# ClientHello when the server has responded to its ClientHello with a @@ -928,7 +928,7 @@ int main(int argc, char **argv) /* Test: Ensure that the connection fails if the cipher suite list changes such that the * server cannot negotiate its original selection from the first ClientHello * - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *= type=test *# Servers MUST ensure that they negotiate the *# same cipher suite when receiving a conformant updated ClientHello (if @@ -1449,7 +1449,7 @@ int main(int argc, char **argv) * Ensure all hello retry extensions sent by the server will have first * been sent by the client. * - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *= type=test *# As with the ServerHello, a HelloRetryRequest MUST NOT contain any *# extensions that were not first offered by the client in its @@ -1477,7 +1477,7 @@ int main(int argc, char **argv) * legacy_session_id_echo, cipher_suite, and * legacy_compression_method * - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *= type=test *# Upon receipt of a HelloRetryRequest, the client MUST check the *# legacy_version, legacy_session_id_echo, cipher_suite, and @@ -1588,7 +1588,7 @@ int main(int argc, char **argv) /** * The client MUST check the cipher_suite * - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *= type=test *# A client which receives a cipher suite that was not offered MUST *# abort the handshake. @@ -1683,7 +1683,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *= type=test *# The server's extensions MUST contain "supported_versions". **/ @@ -1747,7 +1747,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *= type=test *# Servers MUST ensure that they negotiate the *# same cipher suite when receiving a conformant updated ClientHello (if @@ -1818,7 +1818,7 @@ int main(int argc, char **argv) * Ensure that the client aborts the handshake if selected_version * differs in the received server hellos * - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *= type=test *# The value of selected_version in the HelloRetryRequest *# "supported_versions" extension MUST be retained in the ServerHello, @@ -1872,7 +1872,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc8446#4.2.8 + *= https://www.rfc-editor.org/rfc/rfc8446#4.2.8 *= type=test *# Upon receipt of this extension in a HelloRetryRequest, the client *# MUST verify that (1) the selected_group field corresponds to a group @@ -1953,7 +1953,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc8446#4.2.8 + *= https://www.rfc-editor.org/rfc/rfc8446#4.2.8 *= type=test *# If using (EC)DHE key establishment and a HelloRetryRequest containing a *# "key_share" extension was received by the client, the client MUST diff --git a/tests/unit/s2n_client_hello_test.c b/tests/unit/s2n_client_hello_test.c index 737b2b72855..95fc90924a4 100644 --- a/tests/unit/s2n_client_hello_test.c +++ b/tests/unit/s2n_client_hello_test.c @@ -561,7 +561,7 @@ int main(int argc, char **argv) /* TLS_EMPTY_RENEGOTIATION_INFO_SCSV included if TLS1.2 ciphers included * - *= https://tools.ietf.org/rfc/rfc5746#3.4 + *= https://www.rfc-editor.org/rfc/rfc5746#3.4 *= type=test *# o The client MUST include either an empty "renegotiation_info" *# extension, or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling diff --git a/tests/unit/s2n_client_key_share_extension_test.c b/tests/unit/s2n_client_key_share_extension_test.c index f929d1629d3..31a079887a6 100644 --- a/tests/unit/s2n_client_key_share_extension_test.c +++ b/tests/unit/s2n_client_key_share_extension_test.c @@ -184,13 +184,13 @@ int main(int argc, char **argv) * For HelloRetryRequests when a keyshare does not match, test that s2n_client_key_share_extension.send replaces * the list of keyshares with a list containing a single KeyShareEntry for the server selected group. * - *= https://tools.ietf.org/rfc/rfc8446#4.1.2 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.2 *= type=test *# - If a "key_share" extension was supplied in the HelloRetryRequest, *# replacing the list of shares with a list containing a single *# KeyShareEntry from the indicated group. * - *= https://tools.ietf.org/rfc/rfc8446#4.2.8 + *= https://www.rfc-editor.org/rfc/rfc8446#4.2.8 *= type=test *# Otherwise, when sending the new ClientHello, the client MUST *# replace the original "key_share" extension with one containing only a diff --git a/tests/unit/s2n_client_max_frag_len_extension_test.c b/tests/unit/s2n_client_max_frag_len_extension_test.c index 6e1e0dc7f7d..aacbc82afce 100644 --- a/tests/unit/s2n_client_max_frag_len_extension_test.c +++ b/tests/unit/s2n_client_max_frag_len_extension_test.c @@ -95,7 +95,7 @@ int main(int argc, char **argv) /* Test receive - invalid mfl code * - *= https://tools.ietf.org/rfc/rfc6066#section-4 + *= https://www.rfc-editor.org/rfc/rfc6066#section-4 *= type=test *# If a server receives a maximum fragment length negotiation request *# for a value other than the allowed values, it MUST abort the diff --git a/tests/unit/s2n_client_psk_extension_test.c b/tests/unit/s2n_client_psk_extension_test.c index b4106154df2..585e8eb10ca 100644 --- a/tests/unit/s2n_client_psk_extension_test.c +++ b/tests/unit/s2n_client_psk_extension_test.c @@ -137,7 +137,7 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_client_psk_extension.if_missing(conn)); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# When a PSK is used and early data is allowed for that PSK, the client *# can send Application Data in its first flight of messages. If the @@ -399,7 +399,7 @@ int main(int argc, char **argv) /* On the second ClientHello after a retry request, * do not send any PSKs that do not match the cipher suite. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.4 *= type=test *# In addition, in its updated ClientHello, the client SHOULD NOT offer *# any pre-shared keys associated with a hash other than that of the @@ -472,7 +472,7 @@ int main(int argc, char **argv) /* On the second ClientHello after a retry request, * do not send the PSK extension if no valid PSKs. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.4 *= type=test *# In addition, in its updated ClientHello, the client SHOULD NOT offer *# any pre-shared keys associated with a hash other than that of the @@ -1508,7 +1508,7 @@ int main(int argc, char **argv) /** * Ensure obfuscated_ticket_age and binder values are updated on a client hello after a HRR * - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.2 *= type=test *# - Updating the "pre_shared_key" extension if present by recomputing *# the "obfuscated_ticket_age" and binder values and (optionally) diff --git a/tests/unit/s2n_client_renegotiation_info_extension_test.c b/tests/unit/s2n_client_renegotiation_info_extension_test.c index f5cf1ad91d4..1d44a29136a 100644 --- a/tests/unit/s2n_client_renegotiation_info_extension_test.c +++ b/tests/unit/s2n_client_renegotiation_info_extension_test.c @@ -56,7 +56,7 @@ int main(int argc, char **argv) /* Test receive - value not 0 * - *= https://tools.ietf.org/rfc/rfc5746#3.6 + *= https://www.rfc-editor.org/rfc/rfc5746#3.6 *= type=test *# The server MUST then verify *# that the length of the "renegotiated_connection" field is zero, @@ -98,7 +98,7 @@ int main(int argc, char **argv) /* Test receive when using SSLv3 * - *= https://tools.ietf.org/rfc/rfc5746#4.5 + *= https://www.rfc-editor.org/rfc/rfc5746#4.5 *= type=test *# TLS servers that support secure renegotiation and support SSLv3 MUST accept SCSV or the *# "renegotiation_info" extension and respond as described in this @@ -120,7 +120,7 @@ int main(int argc, char **argv) }; /* - *= https://tools.ietf.org/rfc/rfc5746#3.4 + *= https://www.rfc-editor.org/rfc/rfc5746#3.4 *= type=test *# o The client MUST include either an empty "renegotiation_info" *# extension, or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling @@ -162,7 +162,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc5746#3.6 + *= https://www.rfc-editor.org/rfc/rfc5746#3.6 *= type=test *# o The server MUST check if the "renegotiation_info" extension is *# included in the ClientHello. @@ -222,7 +222,7 @@ int main(int argc, char **argv) /* Test: should_send during renegotiation handshake * - *= https://tools.ietf.org/rfc/rfc5746#3.5 + *= https://www.rfc-editor.org/rfc/rfc5746#3.5 *= type=test *# o The client MUST include the "renegotiation_info" extension in the *# ClientHello @@ -242,7 +242,7 @@ int main(int argc, char **argv) /* Test: send during renegotiation handshake * - *= https://tools.ietf.org/rfc/rfc5746#3.5 + *= https://www.rfc-editor.org/rfc/rfc5746#3.5 *= type=test *# o The client MUST include the "renegotiation_info" extension in the *# ClientHello, containing the saved client_verify_data. @@ -288,7 +288,7 @@ int main(int argc, char **argv) }; /* - *= https://tools.ietf.org/rfc/rfc5746#3.5 + *= https://www.rfc-editor.org/rfc/rfc5746#3.5 *= type=test *# The SCSV MUST NOT be included. */ @@ -321,7 +321,7 @@ int main(int argc, char **argv) /* Test: recv during renegotiation handshake * - *= https://tools.ietf.org/rfc/rfc5746#3.7 + *= https://www.rfc-editor.org/rfc/rfc5746#3.7 *= type=test *# o The server MUST verify that the value of the *# "renegotiated_connection" field is equal to the saved @@ -387,7 +387,7 @@ int main(int argc, char **argv) /* Test: if_missing during renegotiation handshake * - *= https://tools.ietf.org/rfc/rfc5746#3.7 + *= https://www.rfc-editor.org/rfc/rfc5746#3.7 *= type=test *# o The server MUST verify that the "renegotiation_info" extension is *# present; if it is not, the server MUST abort the handshake. @@ -418,7 +418,7 @@ int main(int argc, char **argv) /* Test: receiving SCSV during renegotiation is an error * - *= https://tools.ietf.org/rfc/rfc5746#3.7 + *= https://www.rfc-editor.org/rfc/rfc5746#3.7 *= type=test *# o When a ClientHello is received, the server MUST verify that it *# does not contain the TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If diff --git a/tests/unit/s2n_client_supported_versions_extension_test.c b/tests/unit/s2n_client_supported_versions_extension_test.c index 79fa0d0f9ee..e76ff132c1a 100644 --- a/tests/unit/s2n_client_supported_versions_extension_test.c +++ b/tests/unit/s2n_client_supported_versions_extension_test.c @@ -391,7 +391,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-D.2 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-D.2 *= type=test *# A TLS server can also receive a ClientHello indicating a version number smaller than its highest supported *# version. If the "supported_versions" extension is present, the server MUST negotiate using that extension as diff --git a/tests/unit/s2n_cookie_test.c b/tests/unit/s2n_cookie_test.c index d3ede10c3b2..30e9af1fe90 100644 --- a/tests/unit/s2n_cookie_test.c +++ b/tests/unit/s2n_cookie_test.c @@ -43,7 +43,7 @@ int main() /** * Test: client only sends extension if cookie present * - *= https://tools.ietf.org/rfc/rfc8446#4.1.2 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.2 *= type=test *# - Including a "cookie" extension if one was provided in the *# HelloRetryRequest. @@ -252,7 +252,7 @@ int main() /* Self-Talk: Server does use cookies * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.2 *= type=test *# When sending a HelloRetryRequest, the server MAY provide a "cookie" *# extension to the client (this is an exception to the usual rule that diff --git a/tests/unit/s2n_early_data_io_api_test.c b/tests/unit/s2n_early_data_io_api_test.c index 966da872a56..38b56330e51 100644 --- a/tests/unit/s2n_early_data_io_api_test.c +++ b/tests/unit/s2n_early_data_io_api_test.c @@ -738,7 +738,7 @@ int main(int argc, char **argv) struct s2n_psk *known_psk = &resumption_psk; /** - *= https://tools.ietf.org/rfc/rfc8448#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} generate resumption secret "tls13 resumption": *# @@ -759,7 +759,7 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_psk_set_secret(known_psk, psk_secret.data, psk_secret.size)); /** - *= https://tools.ietf.org/rfc/rfc8448#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} construct a NewSessionTicket handshake message: *# @@ -799,7 +799,7 @@ int main(int argc, char **argv) /** ClientHello record * - *= https://tools.ietf.org/rfc/rfc8448#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# *# complete record (517 octets): 16 03 01 02 00 01 00 01 fc 03 03 1b @@ -858,7 +858,7 @@ int main(int argc, char **argv) /* ApplicationData record containing early data * - *= https://tools.ietf.org/rfc/rfc8448#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# {client} send application_data record: *# @@ -873,7 +873,7 @@ int main(int argc, char **argv) /* EndOfEarlyData record * - *= https://tools.ietf.org/rfc/rfc8448#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# *# complete record (26 octets): 17 03 03 00 15 ac a6 fc 94 48 41 29 diff --git a/tests/unit/s2n_early_data_test.c b/tests/unit/s2n_early_data_test.c index f2c9460733f..15c0011c23c 100644 --- a/tests/unit/s2n_early_data_test.c +++ b/tests/unit/s2n_early_data_test.c @@ -424,7 +424,7 @@ int main(int argc, char **argv) /* Not valid if the first wire PSK was not chosen * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# In order to accept early data, the server MUST have accepted a PSK *# cipher suite and selected the first key offered in the client's @@ -457,7 +457,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# In addition, it MUST verify that the *# following values are the same as those associated with the @@ -465,7 +465,7 @@ int main(int argc, char **argv) **/ { /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# - The TLS version number **/ @@ -492,7 +492,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# - The selected cipher suite **/ @@ -515,7 +515,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# - The selected ALPN [RFC7301] protocol, if any **/ diff --git a/tests/unit/s2n_ecc_evp_test.c b/tests/unit/s2n_ecc_evp_test.c index 44c0827d2dc..99ca191f563 100644 --- a/tests/unit/s2n_ecc_evp_test.c +++ b/tests/unit/s2n_ecc_evp_test.c @@ -418,7 +418,7 @@ int main(int argc, char** argv) }; /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.8.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.8.2 *= type=test *# For the curves secp256r1, secp384r1, and secp521r1, peers MUST *# validate each other's public value Q by ensuring that the point is a diff --git a/tests/unit/s2n_ems_extension_test.c b/tests/unit/s2n_ems_extension_test.c index d2bdf43a107..a647d52964a 100644 --- a/tests/unit/s2n_ems_extension_test.c +++ b/tests/unit/s2n_ems_extension_test.c @@ -72,7 +72,7 @@ int main(int argc, char **argv) EXPECT_NOT_NULL(conn); /** - *= https://tools.ietf.org/rfc/rfc7627#section-5.3 + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.3 *= type=test *# If the original session used the extension but the new ServerHello *# does not contain the extension, the client MUST abort the diff --git a/tests/unit/s2n_extended_master_secret_test.c b/tests/unit/s2n_extended_master_secret_test.c index 2541c203598..d036667f9d1 100644 --- a/tests/unit/s2n_extended_master_secret_test.c +++ b/tests/unit/s2n_extended_master_secret_test.c @@ -28,7 +28,7 @@ int main(int argc, char **argv) EXPECT_OK(s2n_resumption_test_ticket_key_setup(config)); /** - *= https://tools.ietf.org/rfc/rfc7627#section-5.3 + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.3 *= type=test *# If the original session used the "extended_master_secret" *# extension but the new ClientHello does not contain it, the server @@ -65,7 +65,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc7627#section-5.3 + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.3 *= type=test *# If the original session did not use the "extended_master_secret" *# extension but the new ClientHello contains the extension, then the diff --git a/tests/unit/s2n_extension_type_test.c b/tests/unit/s2n_extension_type_test.c index 189dc20458b..2b5ea4e9ddf 100644 --- a/tests/unit/s2n_extension_type_test.c +++ b/tests/unit/s2n_extension_type_test.c @@ -171,18 +171,18 @@ int main() /** * Ensure response extensions are only received if sent * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2 *= type=test *# Upon receiving such an extension, an endpoint MUST abort the handshake *# with an "unsupported_extension" alert. * - *= https://tools.ietf.org/rfc/rfc7627#section-5.3 + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.3 *= type=test *# If the original session did not use the "extended_master_secret" *# extension but the new ServerHello contains the extension, the *# client MUST abort the handshake. * - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *= type=test *# As with the ServerHello, a HelloRetryRequest MUST NOT contain any *# extensions that were not first offered by the client in its @@ -267,13 +267,13 @@ int main() /** * Ensure correct response extension send behavior * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2 *= type=test *# Implementations MUST NOT send extension responses if the remote *# endpoint did not send the corresponding extension requests, with the *# exception of the "cookie" extension in the HelloRetryRequest. * - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *= type=test *# As with the ServerHello, a HelloRetryRequest MUST NOT contain any *# extensions that were not first offered by the client in its diff --git a/tests/unit/s2n_handshake_io_early_data_test.c b/tests/unit/s2n_handshake_io_early_data_test.c index 5d99ec1e492..9bcc95c0997 100644 --- a/tests/unit/s2n_handshake_io_early_data_test.c +++ b/tests/unit/s2n_handshake_io_early_data_test.c @@ -40,7 +40,7 @@ int main(int argc, char **argv) test_cipher_suite->record_alg->cipher->key_material_size)); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# If the client attempts a 0-RTT handshake but the server *# rejects it, the server will generally not have the 0-RTT record diff --git a/tests/unit/s2n_key_update_test.c b/tests/unit/s2n_key_update_test.c index 4146ad29442..d56b2309617 100644 --- a/tests/unit/s2n_key_update_test.c +++ b/tests/unit/s2n_key_update_test.c @@ -100,7 +100,7 @@ int main(int argc, char **argv) { /* Key update message not allowed when running with QUIC * - *= https://tools.ietf.org/rfc/rfc9001.txt#6 + *= https://www.rfc-editor.org/rfc/rfc9001#6 *= type=test *# Endpoints MUST treat the receipt of a TLS KeyUpdate message as a connection error *# of type 0x010a, equivalent to a fatal TLS alert of unexpected_message diff --git a/tests/unit/s2n_post_handshake_recv_test.c b/tests/unit/s2n_post_handshake_recv_test.c index 9789c785bff..f9c82134f66 100644 --- a/tests/unit/s2n_post_handshake_recv_test.c +++ b/tests/unit/s2n_post_handshake_recv_test.c @@ -480,7 +480,7 @@ int main(int argc, char **argv) } /** - *= https://tools.ietf.org/rfc/rfc8446#section-5.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-5.1 *= type=test *# - Handshake messages MUST NOT be interleaved with other record *# types. That is, if a handshake message is split over two or more diff --git a/tests/unit/s2n_psk_offered_test.c b/tests/unit/s2n_psk_offered_test.c index 8e039b7c61c..18c576db820 100644 --- a/tests/unit/s2n_psk_offered_test.c +++ b/tests/unit/s2n_psk_offered_test.c @@ -193,7 +193,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.11 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.11 *= type=test *# For identities established externally, an obfuscated_ticket_age of 0 SHOULD be *# used, and servers MUST ignore the value. diff --git a/tests/unit/s2n_psk_test.c b/tests/unit/s2n_psk_test.c index 3dfea4caf0a..a6c18936dda 100644 --- a/tests/unit/s2n_psk_test.c +++ b/tests/unit/s2n_psk_test.c @@ -376,7 +376,7 @@ int main(int argc, char **argv) /* On a retry, do not write binders for PSKs that do not match the cipher suite. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.4 *= type=test *# In addition, in its updated ClientHello, the client SHOULD NOT offer *# any pre-shared keys associated with a hash other than that of the diff --git a/tests/unit/s2n_quic_transport_params_extension_test.c b/tests/unit/s2n_quic_transport_params_extension_test.c index 4d2a81cb8f0..a07d24e538c 100644 --- a/tests/unit/s2n_quic_transport_params_extension_test.c +++ b/tests/unit/s2n_quic_transport_params_extension_test.c @@ -70,7 +70,7 @@ int main(int argc, char **argv) /* Fails if quic enabled * - *= https://tools.ietf.org/rfc/rfc9001.txt#8.2 + *= https://www.rfc-editor.org/rfc/rfc9001#8.2 *= type=test *# Endpoints MUST send the quic_transport_parameters extension; endpoints that receive *# ClientHello or EncryptedExtensions messages without the quic_transport_parameters diff --git a/tests/unit/s2n_resume_test.c b/tests/unit/s2n_resume_test.c index 5d70b026d2c..3112c2b0c7b 100644 --- a/tests/unit/s2n_resume_test.c +++ b/tests/unit/s2n_resume_test.c @@ -830,7 +830,7 @@ int main(int argc, char **argv) EXPECT_TRUE(conn->ems_negotiated); /** - *= https://tools.ietf.org/rfc/rfc7627#section-5.3 + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.3 *= type=test *# If the original session used the "extended_master_secret" *# extension but the new ClientHello does not contain it, the server @@ -843,7 +843,7 @@ int main(int argc, char **argv) EXPECT_TRUE(conn->ems_negotiated); /** - *= https://tools.ietf.org/rfc/rfc7627#section-5.3 + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.3 *= type=test *# If the original session did not use the "extended_master_secret" *# extension but the new ClientHello contains the extension, then the @@ -1261,7 +1261,7 @@ int main(int argc, char **argv) }; /** Ticket age is longer than a week - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *= type=test *# Clients MUST NOT cache *# tickets for longer than 7 days, regardless of the ticket_lifetime, diff --git a/tests/unit/s2n_self_talk_session_id_test.c b/tests/unit/s2n_self_talk_session_id_test.c index f4991cbb8dc..f111e77cd33 100644 --- a/tests/unit/s2n_self_talk_session_id_test.c +++ b/tests/unit/s2n_self_talk_session_id_test.c @@ -528,7 +528,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc7627#section-5.3 + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.3 *= type=test *# If the original session used the "extended_master_secret" *# extension but the new ClientHello does not contain it, the server @@ -581,7 +581,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc7627#section-5.3 + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.3 *= type=test *# If the original session did not use the "extended_master_secret" *# extension but the new ClientHello contains the extension, then the diff --git a/tests/unit/s2n_server_early_data_indication_test.c b/tests/unit/s2n_server_early_data_indication_test.c index 0e78b3fb477..cd0389a9e6e 100644 --- a/tests/unit/s2n_server_early_data_indication_test.c +++ b/tests/unit/s2n_server_early_data_indication_test.c @@ -169,12 +169,12 @@ int main(int argc, char **argv) /** When early data accepted. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# A server which receives an "early_data" extension MUST behave in one *# of three ways: * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# - Return its own "early_data" extension in EncryptedExtensions, *# indicating that it intends to process the early data. @@ -209,7 +209,7 @@ int main(int argc, char **argv) /** When early data rejected. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# A server which receives an "early_data" extension MUST behave in one *# of three ways: *# @@ -244,12 +244,12 @@ int main(int argc, char **argv) }; /* - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# A server which receives an "early_data" extension MUST behave in one *# of three ways: * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *= type=test *# - Request that the client send another ClientHello by responding *# with a HelloRetryRequest. diff --git a/tests/unit/s2n_server_hello_retry_test.c b/tests/unit/s2n_server_hello_retry_test.c index db3c73160fb..9338e0b0eea 100644 --- a/tests/unit/s2n_server_hello_retry_test.c +++ b/tests/unit/s2n_server_hello_retry_test.c @@ -551,7 +551,7 @@ int main(int argc, char **argv) }; /* - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.4 *= type=test *# Clients MUST abort the handshake with an *# "illegal_parameter" alert if the HelloRetryRequest would not result @@ -566,7 +566,7 @@ int main(int argc, char **argv) /** * Retry for key share is valid * - *= https://tools.ietf.org/rfc/rfc8446#4.2.8 + *= https://www.rfc-editor.org/rfc/rfc8446#4.2.8 *= type=test *# and (2) the selected_group field does not *# correspond to a group which was provided in the "key_share" extension diff --git a/tests/unit/s2n_server_hello_test.c b/tests/unit/s2n_server_hello_test.c index 31bfd950d64..b13b63e9e91 100644 --- a/tests/unit/s2n_server_hello_test.c +++ b/tests/unit/s2n_server_hello_test.c @@ -605,7 +605,7 @@ int main(int argc, char **argv) /* Test that negotiating TLS1.2 with an early data enabled client fails. * - *= https://tools.ietf.org/rfc/rfc8446#appendix-D.3 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-D.3 *= type=test *# A client that attempts to send 0-RTT data MUST fail a connection if *# it receives a ServerHello with TLS 1.2 or older. diff --git a/tests/unit/s2n_server_max_frag_len_extension_test.c b/tests/unit/s2n_server_max_frag_len_extension_test.c index 4e351899d22..19e469326ea 100644 --- a/tests/unit/s2n_server_max_frag_len_extension_test.c +++ b/tests/unit/s2n_server_max_frag_len_extension_test.c @@ -72,7 +72,7 @@ int main(int argc, char **argv) /* Test receive - does not match requested value * - *= https://tools.ietf.org/rfc/rfc6066#section-4 + *= https://www.rfc-editor.org/rfc/rfc6066#section-4 *= type=test *# Similarly, if a client *# receives a maximum fragment length negotiation response that differs diff --git a/tests/unit/s2n_server_new_session_ticket_test.c b/tests/unit/s2n_server_new_session_ticket_test.c index 2dea0697ebe..78704217866 100644 --- a/tests/unit/s2n_server_new_session_ticket_test.c +++ b/tests/unit/s2n_server_new_session_ticket_test.c @@ -61,7 +61,7 @@ static int s2n_setup_test_resumption_secret(struct s2n_connection *conn) { POSIX_ENSURE_REF(conn); /** - *= https://tools.ietf.org/rfc/rfc8448#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *# PRK (32 octets): 7d f2 35 f2 03 1d 2a 05 12 87 d0 2b 02 41 b0 bf *# da f8 6c c8 56 23 1f 2d 5a ba 46 c4 34 ec 19 6c **/ @@ -183,7 +183,7 @@ int main(int argc, char **argv) }; /** ticket_age_add values do not repeat after sending multiple new session tickets - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *= type=test *# The server MUST generate a fresh value *# for each ticket it sends. @@ -322,7 +322,7 @@ int main(int argc, char **argv) EXPECT_EQUAL(min_lifetime, ONE_HOUR_IN_NANOS / ONE_SEC_IN_NANOS); /** Test: Both session state and decrypt key have longer lifetimes than a week - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *= type=test *# Servers MUST NOT use any value greater than *# 604800 seconds (7 days). @@ -399,7 +399,7 @@ int main(int argc, char **argv) /* s2n_generate_session_secret */ { /** - *= https://tools.ietf.org/rfc/rfc8448#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *# expanded (32 octets): 4e cd 0e b6 ec 3b 4d 87 f5 d6 02 8f 92 2c *# a4 c5 85 1a 27 7f d4 13 11 c9 e6 2d 2c 94 92 e1 c4 f3 **/ @@ -566,7 +566,7 @@ int main(int argc, char **argv) /** * NewSessionTicket handshake message * - *= https://tools.ietf.org/rfc/rfc8448#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *# NewSessionTicket (205 octets): 04 00 00 c9 00 00 00 1e fa d6 aa *# c5 02 00 00 00 b2 2c 03 5d 82 93 59 ee 5f f7 af 4e c9 00 00 00 *# 00 26 2a 64 94 dc 48 6d 2c 8a 34 cb 33 fa 90 bf 1b 00 70 ad 3c @@ -745,7 +745,7 @@ int main(int argc, char **argv) EXPECT_SUCCESS(s2n_config_set_session_ticket_cb(config, s2n_test_session_ticket_cb, NULL)); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *= type=test *# The value of zero indicates that the *# ticket should be discarded immediately. @@ -771,7 +771,7 @@ int main(int argc, char **argv) }; /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *= type=test *# Servers MUST NOT use any value greater than *# 604800 seconds (7 days). @@ -1018,7 +1018,7 @@ int main(int argc, char **argv) /* Send no more tickets if keying material is expired * - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *= type=test *# Note that in principle it is possible to continue issuing new tickets *# which indefinitely extend the lifetime of the keying material diff --git a/tests/unit/s2n_server_renegotiation_info_test.c b/tests/unit/s2n_server_renegotiation_info_test.c index 9c9c6fdab7d..e342c91cfa5 100644 --- a/tests/unit/s2n_server_renegotiation_info_test.c +++ b/tests/unit/s2n_server_renegotiation_info_test.c @@ -61,7 +61,7 @@ int main(int argc, char **argv) /* Test should_send * - *= https://tools.ietf.org/rfc/rfc5746#3.6 + *= https://www.rfc-editor.org/rfc/rfc5746#3.6 *= type=test *# o If the secure_renegotiation flag is set to TRUE, the server MUST *# include an empty "renegotiation_info" extension in the ServerHello @@ -96,7 +96,7 @@ int main(int argc, char **argv) /* Test server_renegotiation_info send and recv during initial handshake * - *= https://tools.ietf.org/rfc/rfc5746#4.3 + *= https://www.rfc-editor.org/rfc/rfc5746#4.3 *= type=test *# In order to enable clients to probe, even servers that do not support *# renegotiation MUST implement the minimal version of the extension @@ -128,7 +128,7 @@ int main(int argc, char **argv) /* Test server_renegotiation_info recv when using SSLv3 * - *= https://tools.ietf.org/rfc/rfc5746#4.5 + *= https://www.rfc-editor.org/rfc/rfc5746#4.5 *= type=test *# Clients that support SSLv3 and offer secure renegotiation (either via SCSV or *# "renegotiation_info") MUST accept the "renegotiation_info" extension @@ -184,7 +184,7 @@ int main(int argc, char **argv) /* Test server_renegotiation_info recv during initial handshake - extension length wrong * - *= https://tools.ietf.org/rfc/rfc5746#3.4 + *= https://www.rfc-editor.org/rfc/rfc5746#3.4 *= type=test *# * The client MUST then verify that the length of the *# "renegotiated_connection" field is zero, and if it is not, MUST @@ -209,7 +209,7 @@ int main(int argc, char **argv) /* Test: if_missing during initial handshake is a no-op * - *= https://tools.ietf.org/rfc/rfc5746#3.4 + *= https://www.rfc-editor.org/rfc/rfc5746#3.4 *= type=test *# * If the extension is not present, the server does not support *# secure renegotiation; set secure_renegotiation flag to FALSE. @@ -224,7 +224,7 @@ int main(int argc, char **argv) /* Test: if_missing during renegotiation handshake is an error * - *= https://tools.ietf.org/rfc/rfc5746#3.5 + *= https://www.rfc-editor.org/rfc/rfc5746#3.5 *= type=test *# o When a ServerHello is received, the client MUST verify that the *# "renegotiation_info" extension is present; if it is not, the @@ -241,7 +241,7 @@ int main(int argc, char **argv) /* Test: recv during renegotiation handshake * - *= https://tools.ietf.org/rfc/rfc5746#3.5 + *= https://www.rfc-editor.org/rfc/rfc5746#3.5 *= type=test *# o The client MUST then verify that the first half of the *# "renegotiated_connection" field is equal to the saved @@ -356,7 +356,7 @@ int main(int argc, char **argv) /* Test send during renegotiation handshake * - *= https://tools.ietf.org/rfc/rfc5746#3.7 + *= https://www.rfc-editor.org/rfc/rfc5746#3.7 *= type=test *# o The server MUST include a "renegotiation_info" extension *# containing the saved client_verify_data and server_verify_data in @@ -404,7 +404,7 @@ int main(int argc, char **argv) /* Functional Test * - *= https://tools.ietf.org/rfc/rfc5746#3.4 + *= https://www.rfc-editor.org/rfc/rfc5746#3.4 *= type=test *# o When a ServerHello is received, the client MUST check if it *# includes the "renegotiation_info" extension: @@ -455,7 +455,7 @@ int main(int argc, char **argv) /* Functional Test: SSLv3 * - *= https://tools.ietf.org/rfc/rfc5746#4.5 + *= https://www.rfc-editor.org/rfc/rfc5746#4.5 *= type=test *# Clients that support SSLv3 and offer secure renegotiation (either via SCSV or *# "renegotiation_info") MUST accept the "renegotiation_info" extension diff --git a/tests/unit/s2n_tls13_handshake_early_data_test.c b/tests/unit/s2n_tls13_handshake_early_data_test.c index e0203553d3a..d0f351a3447 100644 --- a/tests/unit/s2n_tls13_handshake_early_data_test.c +++ b/tests/unit/s2n_tls13_handshake_early_data_test.c @@ -38,7 +38,7 @@ int main() /* Test early data encryption */ { /** - *= https://tools.ietf.org/rfc/rfc8448#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} generate resumption secret "tls13 resumption": *# @@ -57,7 +57,7 @@ int main() a4 c5 85 1a 27 7f d4 13 11 c9 e6 2d 2c 94 92 e1 c4 f3"); /** - *= https://tools.ietf.org/rfc/rfc8448#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} construct a NewSessionTicket handshake message: *# @@ -95,7 +95,7 @@ int main() const uint32_t max_early_data = 0x00000400; /** - *= https://tools.ietf.org/rfc/rfc8448#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# {client} send handshake record: *# @@ -152,7 +152,7 @@ int main() cb 00 21 20 3a dd 4f b2 d8 fd f8 22 a0 ca 3c f7 67 8e f5 e8 8d \ ae 99 01 41 c5 92 4d 57 bb 6f a3 1b 9e 5f 9d") /** - *= https://tools.ietf.org/rfc/rfc8448#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# *# complete record (517 octets): 16 03 01 02 00 01 00 01 fc 03 03 1b @@ -210,7 +210,7 @@ int main() 9d"); /** - *= https://tools.ietf.org/rfc/rfc8448#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# {client} extract secret "early": *# @@ -227,7 +227,7 @@ int main() bb 41 91 50 00 f6 78 aa 83 9c bb 79 7c b7 d8 33 2c"); /** - *= https://tools.ietf.org/rfc/rfc8448#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# {client} derive write traffic keys for early application data: *# @@ -246,7 +246,7 @@ int main() S2N_BLOB_FROM_HEX(iv, "6d 47 5f 09 93 c8 e5 64 61 0d b2 b9"); /** - *= https://tools.ietf.org/rfc/rfc8448#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# {client} send application_data record: *# @@ -254,7 +254,7 @@ int main() */ S2N_BLOB_FROM_HEX(payload, "41 42 43 44 45 46"); /** - *= https://tools.ietf.org/rfc/rfc8448#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# *# complete record (28 octets): 17 03 03 00 17 ab 1d f4 20 e7 5c 45 diff --git a/tests/unit/s2n_tls13_handshake_state_machine_test.c b/tests/unit/s2n_tls13_handshake_state_machine_test.c index b9848188772..8a34d6f4ed6 100644 --- a/tests/unit/s2n_tls13_handshake_state_machine_test.c +++ b/tests/unit/s2n_tls13_handshake_state_machine_test.c @@ -646,7 +646,7 @@ int main(int argc, char **argv) /* Test: TLS 1.3 MIDDLEBOX_COMPAT handshakes all follow CCS middlebox compatibility rules. * - *= https://tools.ietf.org/rfc/rfc8446#appendix-D.4 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-D.4 *= type=test *# Field measurements [Ben17a] [Ben17b] [Res17a] [Res17b] have found *# that a significant number of middleboxes misbehave when a TLS @@ -656,7 +656,7 @@ int main(int argc, char **argv) */ { /* - *= https://tools.ietf.org/rfc/rfc8446#appendix-D.4 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-D.4 *= type=test *# If not offering early data, the client sends a dummy *# change_cipher_spec record (see the third paragraph of Section 5) @@ -695,7 +695,7 @@ int main(int argc, char **argv) } /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-D.4 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-D.4 *= type=test *# If offering early data, the record is placed immediately after the *# first ClientHello. @@ -717,7 +717,7 @@ int main(int argc, char **argv) } /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-D.4 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-D.4 *= type=test *# The server sends a dummy change_cipher_spec record immediately *# after its first handshake message. This may either be after a diff --git a/tests/unit/s2n_tls13_key_schedule_rfc8448_test.c b/tests/unit/s2n_tls13_key_schedule_rfc8448_test.c index 66dcbef76fc..065dc1092fb 100644 --- a/tests/unit/s2n_tls13_key_schedule_rfc8448_test.c +++ b/tests/unit/s2n_tls13_key_schedule_rfc8448_test.c @@ -107,12 +107,12 @@ int main(int argc, char **argv) /* Derive server handshake traffic keys */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} derive read traffic keys for handshake data (same as server *# handshake data write traffic keys) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} derive write traffic keys for handshake data: *# @@ -153,12 +153,12 @@ int main(int argc, char **argv) /* Derive client handshake traffic keys */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} derive write traffic keys for handshake data (same as *# server handshake data read traffic keys) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} derive read traffic keys for handshake data: *# @@ -200,12 +200,12 @@ int main(int argc, char **argv) /* Derive server application traffic keys */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} derive read traffic keys for application data (same as *# server application data write traffic keys) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} derive write traffic keys for application data: *# @@ -253,12 +253,12 @@ int main(int argc, char **argv) /* Derive client application traffic keys */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} derive read traffic keys for application data (same as *# client application data write traffic keys) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} derive write traffic keys for application data: *# @@ -309,12 +309,12 @@ int main(int argc, char **argv) /* Derive early application traffic keys */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# {server} derive read traffic keys for early application data (same *# as client early application data write traffic keys) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# {client} derive write traffic keys for early application data: *# diff --git a/tests/unit/s2n_tls13_parse_record_type_test.c b/tests/unit/s2n_tls13_parse_record_type_test.c index 0b5393e9405..e962d05bbfa 100644 --- a/tests/unit/s2n_tls13_parse_record_type_test.c +++ b/tests/unit/s2n_tls13_parse_record_type_test.c @@ -97,7 +97,7 @@ int main(int argc, char **argv) /** test: padding without record type should fail * - *= https://tools.ietf.org/rfc/rfc8446#section-5.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-5.4 *= type=test *# If a receiving implementation does not *# find a non-zero octet in the cleartext, it MUST terminate the diff --git a/tests/unit/s2n_tls13_secrets_rfc8448_test.c b/tests/unit/s2n_tls13_secrets_rfc8448_test.c index 12a8783ae58..a98a3243563 100644 --- a/tests/unit/s2n_tls13_secrets_rfc8448_test.c +++ b/tests/unit/s2n_tls13_secrets_rfc8448_test.c @@ -49,11 +49,11 @@ int main(int argc, char **argv) */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} extract secret "early" (same as server early secret) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} extract secret "early": *# @@ -82,12 +82,12 @@ int main(int argc, char **argv) }; /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} extract secret "handshake" (same as server handshake *# secret) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} extract secret "handshake": *# @@ -113,7 +113,7 @@ int main(int argc, char **argv) const int openssl_type = EVP_PKEY_X25519; /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} create an ephemeral x25519 key pair: *# @@ -129,7 +129,7 @@ int main(int argc, char **argv) ba fe b3 c0 6e 51 c1 3c ae 4d 54 13 69 1e 52 9a af 2c"); /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} create an ephemeral x25519 key pair: *# @@ -193,18 +193,18 @@ int main(int argc, char **argv) /* Derive S2N_CLIENT_HANDSHAKE_TRAFFIC_SECRET */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} derive secret "tls13 c hs traffic" (same as server) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} derive secret "tls13 c hs traffic": *# *# PRK (32 octets): 1d c8 26 e9 36 06 aa 6f dc 0a ad c1 2f 74 1b 01 *# 04 6a a6 b9 9f 69 1e d2 21 a9 f0 ca 04 3f be ac ** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# hash (32 octets): 86 0c 06 ed c0 78 58 ee 8e 78 f0 e7 42 8c 58 ed *# d6 b4 3f 2c a3 e6 e9 5f 02 ed 06 3c f0 e1 ca d8 @@ -222,18 +222,18 @@ int main(int argc, char **argv) 2d 8f 3b 1a 95 07 38 f5 2e 96 00 74 6a 0e 27 a5 5a 21"); /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} calculate finished "tls13 finished" (same as server) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} calculate finished "tls13 finished": *# *# PRK (32 octets): b3 ed db 12 6e 06 7f 35 a7 80 b3 ab f4 5e 2d 8f *# 3b 1a 95 07 38 f5 2e 96 00 74 6a 0e 27 a5 5a 21 ** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# hash (0 octets): (empty) *# @@ -265,11 +265,11 @@ int main(int argc, char **argv) /* Derive S2N_SERVER_HANDSHAKE_TRAFFIC_SECRET */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} derive secret "tls13 s hs traffic" (same as server) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} derive secret "tls13 s hs traffic": *# @@ -292,11 +292,11 @@ int main(int argc, char **argv) 37 b4 e9 c9 12 bc de d9 10 5d 42 be fd 59 d3 91 ad 38"); /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} calculate finished "tls13 finished" (same as server) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} calculate finished "tls13 finished": *# @@ -330,11 +330,11 @@ int main(int argc, char **argv) }; /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} extract secret "master" (same as server master secret) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} extract secret "master": *# @@ -344,7 +344,7 @@ int main(int argc, char **argv) *# IKM (32 octets): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 *# 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# secret (32 octets): 18 df 06 84 3d 13 a0 8b f2 a4 49 84 4c 5f 8a *# 47 80 01 bc 4d 4c 62 79 84 d5 a4 1d a8 d0 40 29 19 @@ -371,11 +371,11 @@ int main(int argc, char **argv) /* Derive CLIENT_APPLICATION_TRAFFIC_SECRET_0 */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} derive secret "tls13 c ap traffic" (same as server) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} derive secret "tls13 c ap traffic": *# @@ -413,11 +413,11 @@ int main(int argc, char **argv) /* Derive SERVER_APPLICATION_TRAFFIC_SECRET_0 */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} derive secret "tls13 s ap traffic" (same as server) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} derive secret "tls13 s ap traffic": *# @@ -431,7 +431,7 @@ int main(int argc, char **argv) *# 61 66 66 69 63 20 96 08 10 2a 0f 1c cc 6d b6 25 0b 7b 7e 41 7b *# 1a 00 0e aa da 3d aa e4 77 7a 76 86 c9 ff 83 df 13 ** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# expanded (32 octets): a1 1a f9 f0 55 31 f8 56 ad 47 11 6b 45 a9 *# 50 32 82 04 b4 f4 4b fb 6b 3a 4b 4f 1f 3f cb 63 16 43 @@ -458,11 +458,11 @@ int main(int argc, char **argv) /* Derive RESUMPTION_MASTER_SECRET */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} derive secret "tls13 res master" (same as client) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} derive secret "tls13 res master": *# @@ -472,7 +472,7 @@ int main(int argc, char **argv) *# hash (32 octets): 20 91 45 a9 6e e8 e2 a1 22 ff 81 00 47 cc 95 26 *# 84 65 8d 60 49 e8 64 29 42 6d b8 7c 54 ad 14 3d ** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# info (52 octets): 00 20 10 74 6c 73 31 33 20 72 65 73 20 6d 61 73 *# 74 65 72 20 20 91 45 a9 6e e8 e2 a1 22 ff 81 00 47 cc 95 26 84 @@ -502,11 +502,11 @@ int main(int argc, char **argv) /* Derive EXPORTER_MASTER_SECRET */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {client} derive secret "tls13 exp master" (same as server) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# {server} derive secret "tls13 exp master": *# @@ -517,7 +517,7 @@ int main(int argc, char **argv) *# 00 0e aa da 3d aa e4 77 7a 76 86 c9 ff 83 df 13 *# ** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-3 + *= https://www.rfc-editor.org/rfc/rfc8448#section-3 *= type=test *# info (52 octets): 00 20 10 74 6c 73 31 33 20 65 78 70 20 6d 61 73 *# 74 65 72 20 96 08 10 2a 0f 1c cc 6d b6 25 0b 7b 7e 41 7b 1a 00 @@ -547,11 +547,11 @@ int main(int argc, char **argv) /* Resumed 0-RTT Handshake */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# {server} extract secret "early" (same as client early secret) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# {client} extract secret "early": *# @@ -595,7 +595,7 @@ int main(int argc, char **argv) /* Derive BINDER_KEY */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# PRK (32 octets): 69 fe 13 1a 3b ba d5 d6 3c 64 ee bc c3 0e 39 5b *# 9d 81 07 72 6a 13 d0 74 e3 89 db c8 a4 e4 72 56 @@ -622,11 +622,11 @@ int main(int argc, char **argv) /* Derive CLIENT_EARLY_TRAFFIC_SECRET */ { /** - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# {server} derive secret "tls13 c e traffic" (same as client) * - *= https://www.rfc-editor.org/rfc/rfc8448.html#section-4 + *= https://www.rfc-editor.org/rfc/rfc8448#section-4 *= type=test *# {client} derive secret "tls13 c e traffic": *# diff --git a/tests/unit/s2n_tls13_zero_length_payload_test.c b/tests/unit/s2n_tls13_zero_length_payload_test.c index 337ebb211aa..c2ce4c451ea 100644 --- a/tests/unit/s2n_tls13_zero_length_payload_test.c +++ b/tests/unit/s2n_tls13_zero_length_payload_test.c @@ -45,7 +45,7 @@ int main(int argc, char **argv) /** Test 0 length application data record handled gracefully in client and server mode * - *= https://tools.ietf.org/rfc/rfc8446#section-5.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-5.4 *= type=test *# Application Data records may contain a zero-length *# TLSInnerPlaintext.content if the sender desires. @@ -96,7 +96,7 @@ int main(int argc, char **argv) /** Test 0 length payload in handshake record terminates connection in client and server mode * - *= https://tools.ietf.org/rfc/rfc8446#section-5.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-5.4 *= type=test *# Implementations MUST NOT send Handshake and Alert records that have a zero-length *# TLSInnerPlaintext.content; if such a message is received, the receiving @@ -135,7 +135,7 @@ int main(int argc, char **argv) /** Test 0 length payload in alert record terminates connection in client and server modes * - *= https://tools.ietf.org/rfc/rfc8446#section-5.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-5.4 *= type=test *# Implementations MUST NOT send Handshake and Alert records that have a zero-length *# TLSInnerPlaintext.content; if such a message is received, the receiving diff --git a/tests/unit/s2n_tls_prf_test.c b/tests/unit/s2n_tls_prf_test.c index 975106e268b..7c1ce076b8c 100644 --- a/tests/unit/s2n_tls_prf_test.c +++ b/tests/unit/s2n_tls_prf_test.c @@ -91,7 +91,7 @@ int main(int argc, char **argv) conn->secure->cipher_suite = &s2n_ecdhe_ecdsa_with_aes_256_gcm_sha384; /** - *= https://tools.ietf.org/rfc/rfc7627#section-4 + *= https://www.rfc-editor.org/rfc/rfc7627#section-4 *= type=test *# When the extended master secret extension is negotiated in a full *# handshake, the "master_secret" is computed as @@ -149,7 +149,7 @@ int main(int argc, char **argv) * Here we test that the retrieved digest is the same as the digest after the Client Key Exchange * message is added to the transcript hash. * - *= https://tools.ietf.org/rfc/rfc7627#section-3 + *= https://www.rfc-editor.org/rfc/rfc7627#section-3 *= type=test *# When a full TLS handshake takes place, we define *# diff --git a/tls/extensions/s2n_cert_authorities.c b/tls/extensions/s2n_cert_authorities.c index 5dcf562fe70..8fea7b38dd8 100644 --- a/tls/extensions/s2n_cert_authorities.c +++ b/tls/extensions/s2n_cert_authorities.c @@ -109,7 +109,7 @@ const s2n_extension_type s2n_cert_authorities_extension = { /* s2n-tls supports sending the extension, but does not support parsing it. * If received, the extension is ignored. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.4 *= type=exception *= reason=Extension ignored when received - No customer use case *# The "certificate_authorities" extension is used to indicate the diff --git a/tls/extensions/s2n_cert_status.c b/tls/extensions/s2n_cert_status.c index 557902854e1..2b12052c1e7 100644 --- a/tls/extensions/s2n_cert_status.c +++ b/tls/extensions/s2n_cert_status.c @@ -63,7 +63,7 @@ int s2n_cert_status_recv(struct s2n_connection *conn, struct s2n_stuffer *in) { POSIX_ENSURE_REF(conn); /** - *= https://tools.ietf.org/rfc/rfc6066#section-8 + *= https://www.rfc-editor.org/rfc/rfc6066#section-8 *# struct { *# CertificateStatusType status_type; *# select (status_type) { diff --git a/tls/extensions/s2n_client_cookie.c b/tls/extensions/s2n_client_cookie.c index 3143286b5e7..1a77cfeba96 100644 --- a/tls/extensions/s2n_client_cookie.c +++ b/tls/extensions/s2n_client_cookie.c @@ -18,7 +18,7 @@ #include "utils/s2n_random.h" /* - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.2 *# When sending the new ClientHello, the client MUST copy *# the contents of the extension received in the HelloRetryRequest into *# a "cookie" extension in the new ClientHello. @@ -31,7 +31,7 @@ static bool s2n_client_cookie_should_send(struct s2n_connection *conn) } /* - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.2 *# struct { *# opaque cookie<1..2^16-1>; *# } Cookie; diff --git a/tls/extensions/s2n_client_early_data_indication.c b/tls/extensions/s2n_client_early_data_indication.c index 5063b82f006..c73c9a792b6 100644 --- a/tls/extensions/s2n_client_early_data_indication.c +++ b/tls/extensions/s2n_client_early_data_indication.c @@ -25,7 +25,7 @@ /* S2N determines the handshake type after the ServerHello, but that will be * too late to handle the early data + middlebox compatibility case: * - *= https://tools.ietf.org/rfc/rfc8446#appendix-D.4 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-D.4 *# - If not offering early data, the client sends a dummy *# change_cipher_spec record (see the third paragraph of Section 5) *# immediately before its second flight. This may either be before @@ -98,13 +98,13 @@ static bool s2n_client_early_data_indication_should_send(struct s2n_connection * return s2n_result_is_ok(s2n_early_data_config_is_possible(conn)) && conn && conn->early_data_expected /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# A client MUST NOT include the *# "early_data" extension in its followup ClientHello. **/ && !s2n_is_hello_retry_handshake(conn) /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# When a PSK is used and early data is allowed for that PSK, the client *# can send Application Data in its first flight of messages. If the *# client opts to do so, it MUST supply both the "pre_shared_key" and @@ -124,7 +124,7 @@ static int s2n_client_early_data_indication_is_missing(struct s2n_connection *co /** * The client version of this extension is empty, so we don't read/write any data. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# The "extension_data" field of this extension contains an *# "EarlyDataIndication" value. *# @@ -133,10 +133,10 @@ static int s2n_client_early_data_indication_is_missing(struct s2n_connection *co *# struct { *# select (Handshake.msg_type) { ** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# case client_hello: Empty; ** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# }; *# } EarlyDataIndication; **/ @@ -161,7 +161,7 @@ static int s2n_client_early_data_indication_send(struct s2n_connection *conn, st static int s2n_client_early_data_indiction_recv(struct s2n_connection *conn, struct s2n_stuffer *in) { /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# A client MUST NOT include the *# "early_data" extension in its followup ClientHello. */ diff --git a/tls/extensions/s2n_client_ems.c b/tls/extensions/s2n_client_ems.c index 9ec2366d5f6..1c1ab607aaf 100644 --- a/tls/extensions/s2n_client_ems.c +++ b/tls/extensions/s2n_client_ems.c @@ -24,7 +24,7 @@ static int s2n_client_ems_recv(struct s2n_connection *conn, struct s2n_stuffer * static bool s2n_client_ems_should_send(struct s2n_connection *conn); /** - *= https://tools.ietf.org/rfc/rfc7627#section-5.1 + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.1 *# *# This document defines a new TLS extension, "extended_master_secret" *# (with extension type 0x0017), which is used to signal both client and diff --git a/tls/extensions/s2n_client_key_share.c b/tls/extensions/s2n_client_key_share.c index d7ce45eeea6..ad691c4fd5a 100644 --- a/tls/extensions/s2n_client_key_share.c +++ b/tls/extensions/s2n_client_key_share.c @@ -85,7 +85,7 @@ static int s2n_generate_default_ecc_key_share(struct s2n_connection *conn, struc } /** - *= https://tools.ietf.org/rfc/rfc8446#4.2.8 + *= https://www.rfc-editor.org/rfc/rfc8446#4.2.8 *# Otherwise, when sending the new ClientHello, the client MUST *# replace the original "key_share" extension with one containing only a *# new KeyShareEntry for the group indicated in the selected_group field @@ -169,7 +169,7 @@ static int s2n_generate_default_pq_hybrid_key_share(struct s2n_connection *conn, } /** - *= https://tools.ietf.org/rfc/rfc8446#4.2.8 + *= https://www.rfc-editor.org/rfc/rfc8446#4.2.8 *# Otherwise, when sending the new ClientHello, the client MUST *# replace the original "key_share" extension with one containing only a *# new KeyShareEntry for the group indicated in the selected_group field @@ -443,7 +443,7 @@ static int s2n_client_key_share_recv(struct s2n_connection *conn, struct s2n_stu * If there were no matching key shares, then we received an empty key share extension * or we didn't match a key share with a supported group. We should send a retry. * - *= https://tools.ietf.org/rfc/rfc8446#4.1.1 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.1 *# If the server selects an (EC)DHE group and the client did not offer a *# compatible "key_share" extension in the initial ClientHello, the *# server MUST respond with a HelloRetryRequest (Section 4.1.4) message. diff --git a/tls/extensions/s2n_client_max_frag_len.c b/tls/extensions/s2n_client_max_frag_len.c index 5a47dbfb0ab..eae493df6a7 100644 --- a/tls/extensions/s2n_client_max_frag_len.c +++ b/tls/extensions/s2n_client_max_frag_len.c @@ -55,7 +55,7 @@ static int s2n_client_max_frag_len_recv(struct s2n_connection *conn, struct s2n_ POSIX_GUARD(s2n_stuffer_read_uint8(extension, &mfl_code)); /* - *= https://tools.ietf.org/rfc/rfc6066#section-4 + *= https://www.rfc-editor.org/rfc/rfc6066#section-4 *= type=exception *= reason=For compatibility, we choose to ignore malformed extensions if they are optional *# If a server receives a maximum fragment length negotiation request @@ -67,7 +67,7 @@ static int s2n_client_max_frag_len_recv(struct s2n_connection *conn, struct s2n_ } /* - *= https://tools.ietf.org/rfc/rfc6066#section-4 + *= https://www.rfc-editor.org/rfc/rfc6066#section-4 *# Once a maximum fragment length other than 2^14 has been successfully *# negotiated, the client and server MUST immediately begin fragmenting *# messages (including handshake messages) to ensure that no fragment diff --git a/tls/extensions/s2n_client_psk.c b/tls/extensions/s2n_client_psk.c index 98d4773126c..271548b2990 100644 --- a/tls/extensions/s2n_client_psk.c +++ b/tls/extensions/s2n_client_psk.c @@ -54,7 +54,7 @@ int s2n_client_psk_is_missing(struct s2n_connection *conn) /* If the PSK extension is missing, we must not have received * a request for early data. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# When a PSK is used and early data is allowed for that PSK, the client *# can send Application Data in its first flight of messages. If the *# client opts to do so, it MUST supply both the "pre_shared_key" and @@ -92,7 +92,7 @@ bool s2n_client_psk_should_send(struct s2n_connection *conn) } /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.11.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.11.1 *# The "obfuscated_ticket_age" *# field of each PskIdentity contains an obfuscated version of the *# ticket age formed by taking the age in milliseconds and adding the @@ -105,7 +105,7 @@ static S2N_RESULT s2n_generate_obfuscated_ticket_age(struct s2n_psk *psk, uint64 RESULT_ENSURE_MUT(output); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.11 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.11 *# For identities *# established externally, an obfuscated_ticket_age of 0 SHOULD be *# used, @@ -150,7 +150,7 @@ static int s2n_client_psk_send(struct s2n_connection *conn, struct s2n_stuffer * POSIX_ENSURE_REF(psk); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.4 *# In addition, in its updated ClientHello, the client SHOULD NOT offer *# any pre-shared keys associated with a hash other than that of the *# selected cipher suite. @@ -358,7 +358,7 @@ int s2n_client_psk_recv(struct s2n_connection *conn, struct s2n_stuffer *extensi POSIX_ENSURE_REF(conn); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.11 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.11 *# The "pre_shared_key" extension MUST be the last extension in the *# ClientHello (this facilitates implementation as described below). *# Servers MUST check that it is the last extension and otherwise fail @@ -372,7 +372,7 @@ int s2n_client_psk_recv(struct s2n_connection *conn, struct s2n_stuffer *extensi POSIX_ENSURE(extension_wire_index == last_wire_index, S2N_ERR_UNSUPPORTED_EXTENSION); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.9 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.9 *# If clients offer "pre_shared_key" without a "psk_key_exchange_modes" extension, *# servers MUST abort the handshake. * @@ -399,7 +399,7 @@ int s2n_client_psk_recv(struct s2n_connection *conn, struct s2n_stuffer *extensi if (s2n_result_is_error(s2n_client_psk_recv_identities(conn, extension))) { /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.11 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.11 *# If no acceptable PSKs are found, the server SHOULD perform a non-PSK *# handshake if possible. */ @@ -408,7 +408,7 @@ int s2n_client_psk_recv(struct s2n_connection *conn, struct s2n_stuffer *extensi if (conn->psk_params.chosen_psk) { /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.11 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.11 *# Prior to accepting PSK key establishment, the server MUST validate *# the corresponding binder value (see Section 4.2.11.2 below). If this *# value is not present or does not validate, the server MUST abort the diff --git a/tls/extensions/s2n_client_renegotiation_info.c b/tls/extensions/s2n_client_renegotiation_info.c index 28b9e6c6e4d..b5a5f48ddcf 100644 --- a/tls/extensions/s2n_client_renegotiation_info.c +++ b/tls/extensions/s2n_client_renegotiation_info.c @@ -36,7 +36,7 @@ const s2n_extension_type s2n_client_renegotiation_info_extension = { }; /** - *= https://tools.ietf.org/rfc/rfc5746#3.5 + *= https://www.rfc-editor.org/rfc/rfc5746#3.5 *# o The client MUST include the "renegotiation_info" extension in the *# ClientHello */ @@ -46,7 +46,7 @@ static bool s2n_client_renegotiation_should_send(struct s2n_connection *conn) } /** - *= https://tools.ietf.org/rfc/rfc5746#3.5 + *= https://www.rfc-editor.org/rfc/rfc5746#3.5 *# o The client MUST include the "renegotiation_info" extension in the *# ClientHello, containing the saved client_verify_data. */ @@ -55,7 +55,7 @@ static int s2n_client_renegotiation_send(struct s2n_connection *conn, struct s2n POSIX_ENSURE_REF(conn); /** - *= https://tools.ietf.org/rfc/rfc5746#3.5 + *= https://www.rfc-editor.org/rfc/rfc5746#3.5 *# This text applies if the connection's "secure_renegotiation" flag is *# set to TRUE (if it is set to FALSE, see Section 4.2). */ @@ -70,12 +70,12 @@ static int s2n_client_renegotiation_send(struct s2n_connection *conn, struct s2n } /** - *= https://tools.ietf.org/rfc/rfc5746#3.6 + *= https://www.rfc-editor.org/rfc/rfc5746#3.6 *# o The server MUST check if the "renegotiation_info" extension is *# included in the ClientHello. * * Note that this extension must also work for SSLv3: - *= https://tools.ietf.org/rfc/rfc5746#4.5 + *= https://www.rfc-editor.org/rfc/rfc5746#4.5 *# TLS servers that support secure renegotiation and support SSLv3 MUST accept SCSV or the *# "renegotiation_info" extension and respond as described in this *# specification even if the offered client version is {0x03, 0x00}. @@ -83,7 +83,7 @@ static int s2n_client_renegotiation_send(struct s2n_connection *conn, struct s2n static int s2n_client_renegotiation_recv_initial(struct s2n_connection *conn, struct s2n_stuffer *extension) { /** - *= https://tools.ietf.org/rfc/rfc5746#3.6 + *= https://www.rfc-editor.org/rfc/rfc5746#3.6 *# The server MUST then verify *# that the length of the "renegotiated_connection" field is zero, *# and if it is not, MUST abort the handshake. @@ -94,7 +94,7 @@ static int s2n_client_renegotiation_recv_initial(struct s2n_connection *conn, st POSIX_ENSURE(renegotiated_connection_len == 0, S2N_ERR_NON_EMPTY_RENEGOTIATION_INFO); /** - *= https://tools.ietf.org/rfc/rfc5746#3.6 + *= https://www.rfc-editor.org/rfc/rfc5746#3.6 *# If the extension is present, set secure_renegotiation flag to TRUE. */ conn->secure_renegotiation = 1; @@ -112,14 +112,14 @@ static int s2n_client_renegotiation_recv_renegotiation(struct s2n_connection *co POSIX_ENSURE(s2n_in_unit_test(), S2N_ERR_NOT_IN_UNIT_TEST); /** - *= https://tools.ietf.org/rfc/rfc5746#3.7 + *= https://www.rfc-editor.org/rfc/rfc5746#3.7 *# This text applies if the connection's "secure_renegotiation" flag is *# set to TRUE (if it is set to FALSE, see Section 4.4). */ POSIX_ENSURE(conn->secure_renegotiation, S2N_ERR_NO_RENEGOTIATION); /** - *= https://tools.ietf.org/rfc/rfc5746#3.7 + *= https://www.rfc-editor.org/rfc/rfc5746#3.7 *# o The server MUST verify that the value of the *# "renegotiated_connection" field is equal to the saved *# client_verify_data value; if it is not, the server MUST abort the @@ -162,21 +162,21 @@ static int s2n_client_renegotiation_if_missing(struct s2n_connection *conn) POSIX_ENSURE(s2n_in_unit_test(), S2N_ERR_NOT_IN_UNIT_TEST); /** - *= https://tools.ietf.org/rfc/rfc5746#3.7 + *= https://www.rfc-editor.org/rfc/rfc5746#3.7 *# This text applies if the connection's "secure_renegotiation" flag is *# set to TRUE (if it is set to FALSE, see Section 4.4). */ POSIX_ENSURE(conn->secure_renegotiation, S2N_ERR_NO_RENEGOTIATION); /** - *= https://tools.ietf.org/rfc/rfc5746#3.7 + *= https://www.rfc-editor.org/rfc/rfc5746#3.7 *# o The server MUST verify that the "renegotiation_info" extension is *# present; if it is not, the server MUST abort the handshake. */ POSIX_BAIL(S2N_ERR_MISSING_EXTENSION); } else { /** - *= https://tools.ietf.org/rfc/rfc5746#3.6 + *= https://www.rfc-editor.org/rfc/rfc5746#3.6 *# o If neither the TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV nor the *# "renegotiation_info" extension was included, set the *# secure_renegotiation flag to FALSE. In this case, some servers diff --git a/tls/extensions/s2n_ec_point_format.c b/tls/extensions/s2n_ec_point_format.c index d5e6c877423..41d4427d9d4 100644 --- a/tls/extensions/s2n_ec_point_format.c +++ b/tls/extensions/s2n_ec_point_format.c @@ -67,7 +67,7 @@ static int s2n_ec_point_format_recv(struct s2n_connection *conn, struct s2n_stuf /* Only uncompressed points are supported by the server and the client must include it in * the extension. Just skip the extension. * - *= https://tools.ietf.org/rfc/rfc8422#section-5.1.2 + *= https://www.rfc-editor.org/rfc/rfc8422#section-5.1.2 *= type=exception *= reason=Incorrect implementations exist in the wild. Skipping validation. *# If the client sends the extension and the extension does not contain diff --git a/tls/extensions/s2n_extension_list.c b/tls/extensions/s2n_extension_list.c index 2a5fc8f98aa..625a850d59a 100644 --- a/tls/extensions/s2n_extension_list.c +++ b/tls/extensions/s2n_extension_list.c @@ -103,7 +103,7 @@ int s2n_extension_list_process(s2n_extension_list_id list_type, struct s2n_conne } /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2 *= type=exception *= reason=Incorrect implementations exist in the wild. Ignoring instead. *# If an implementation receives an extension diff --git a/tls/extensions/s2n_extension_type.c b/tls/extensions/s2n_extension_type.c index 49f1bee2d95..870fe5fa464 100644 --- a/tls/extensions/s2n_extension_type.c +++ b/tls/extensions/s2n_extension_type.c @@ -135,19 +135,19 @@ int s2n_extension_recv(const s2n_extension_type *extension_type, struct s2n_conn POSIX_GUARD(s2n_extension_supported_iana_value_to_id(extension_type->iana_value, &extension_id)); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2 *# Implementations MUST NOT send extension responses if the remote *# endpoint did not send the corresponding extension requests, with the *# exception of the "cookie" extension in the HelloRetryRequest. Upon *# receiving such an extension, an endpoint MUST abort the handshake *# with an "unsupported_extension" alert. * - *= https://tools.ietf.org/rfc/rfc7627#section-5.3 + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.3 *# If the original session did not use the "extended_master_secret" *# extension but the new ServerHello contains the extension, the *# client MUST abort the handshake. * - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *# As with the ServerHello, a HelloRetryRequest MUST NOT contain any *# extensions that were not first offered by the client in its *# ClientHello, with the exception of optionally the "cookie" (see diff --git a/tls/extensions/s2n_extension_type_lists.c b/tls/extensions/s2n_extension_type_lists.c index 849d626acee..c585e126954 100644 --- a/tls/extensions/s2n_extension_type_lists.c +++ b/tls/extensions/s2n_extension_type_lists.c @@ -99,7 +99,7 @@ static const s2n_extension_type *const tls12_server_hello_extensions[] = { }; /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.4 *# The *# HelloRetryRequest extensions defined in this specification are: *# @@ -133,13 +133,13 @@ static const s2n_extension_type *const cert_req_extensions[] = { &s2n_server_signature_algorithms_extension, &s2n_server_cert_status_request_extension, /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.4 *= type=exception *= reason=Currently only supported for servers -- no client use case *# The client MAY send the "certificate_authorities" extension in the *# ClientHello message. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.4 *# The server MAY send it in the CertificateRequest message. */ &s2n_cert_authorities_extension, diff --git a/tls/extensions/s2n_nst_early_data_indication.c b/tls/extensions/s2n_nst_early_data_indication.c index f6802b30148..3af6dc60de2 100644 --- a/tls/extensions/s2n_nst_early_data_indication.c +++ b/tls/extensions/s2n_nst_early_data_indication.c @@ -30,7 +30,7 @@ static bool s2n_nst_early_data_indication_should_send(struct s2n_connection *con /** * The client version of this extension is empty, so we don't read/write any data. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# The "extension_data" field of this extension contains an *# "EarlyDataIndication" value. *# @@ -40,7 +40,7 @@ static bool s2n_nst_early_data_indication_should_send(struct s2n_connection *con *# select (Handshake.msg_type) { *# case new_session_ticket: uint32 max_early_data_size; ** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# }; *# } EarlyDataIndication; **/ diff --git a/tls/extensions/s2n_psk_key_exchange_modes.c b/tls/extensions/s2n_psk_key_exchange_modes.c index e9a7bdb0463..5602962d6c5 100644 --- a/tls/extensions/s2n_psk_key_exchange_modes.c +++ b/tls/extensions/s2n_psk_key_exchange_modes.c @@ -39,7 +39,7 @@ const s2n_extension_type s2n_psk_key_exchange_modes_extension = { static bool s2n_psk_key_exchange_modes_should_send(struct s2n_connection *conn) { /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.9 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.9 *# Servers MUST NOT select a key exchange mode that is not listed by the *# client. This extension also restricts the modes for use with PSK *# resumption. diff --git a/tls/extensions/s2n_server_cert_status_request.c b/tls/extensions/s2n_server_cert_status_request.c index 1e63d4de43f..314044094c1 100644 --- a/tls/extensions/s2n_server_cert_status_request.c +++ b/tls/extensions/s2n_server_cert_status_request.c @@ -32,7 +32,7 @@ const s2n_extension_type s2n_server_cert_status_request_extension = { static int s2n_server_cert_status_request_send(struct s2n_connection *conn, struct s2n_stuffer *out) { /** - *= https://tools.ietf.org/rfc/rfc8446#4.4.2.1 + *= https://www.rfc-editor.org/rfc/rfc8446#4.4.2.1 *# A server MAY request that a client present an OCSP response with its *# certificate by sending an empty "status_request" extension in its *# CertificateRequest message. diff --git a/tls/extensions/s2n_server_cookie.c b/tls/extensions/s2n_server_cookie.c index 2be81eb5c28..f9abd97a0d4 100644 --- a/tls/extensions/s2n_server_cookie.c +++ b/tls/extensions/s2n_server_cookie.c @@ -18,7 +18,7 @@ #include "utils/s2n_random.h" /* - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.2 *# Cookies serve two primary purposes: *# *# - Allowing the server to force the client to demonstrate @@ -49,7 +49,7 @@ static bool s2n_server_cookie_should_send(struct s2n_connection *conn) } /* - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.2 *# When sending the new ClientHello, the client MUST copy *# the contents of the extension received in the HelloRetryRequest into *# a "cookie" extension in the new ClientHello. diff --git a/tls/extensions/s2n_server_early_data_indication.c b/tls/extensions/s2n_server_early_data_indication.c index 24064425aed..b306909e78f 100644 --- a/tls/extensions/s2n_server_early_data_indication.c +++ b/tls/extensions/s2n_server_early_data_indication.c @@ -26,7 +26,7 @@ static bool s2n_server_early_data_indication_should_send(struct s2n_connection * } /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# A server which receives an "early_data" extension MUST behave in one *# of three ways: *# @@ -44,7 +44,7 @@ static int s2n_server_early_data_indication_is_missing(struct s2n_connection *co /** * The server version of this extension is empty, so we don't read/write any data. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# The "extension_data" field of this extension contains an *# "EarlyDataIndication" value. *# @@ -53,18 +53,18 @@ static int s2n_server_early_data_indication_is_missing(struct s2n_connection *co *# struct { *# select (Handshake.msg_type) { ** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# case encrypted_extensions: Empty; *# }; *# } EarlyDataIndication; **/ /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# A server which receives an "early_data" extension MUST behave in one *# of three ways: * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# - Return its own "early_data" extension in EncryptedExtensions, *# indicating that it intends to process the early data. **/ @@ -77,7 +77,7 @@ static int s2n_server_early_data_indication_send(struct s2n_connection *conn, st static int s2n_server_early_data_indication_recv(struct s2n_connection *conn, struct s2n_stuffer *in) { /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# If any of these checks fail, the server MUST NOT respond with the *# extension **/ diff --git a/tls/extensions/s2n_server_ems.c b/tls/extensions/s2n_server_ems.c index 24dea1f8ab2..8e5f5712e77 100644 --- a/tls/extensions/s2n_server_ems.c +++ b/tls/extensions/s2n_server_ems.c @@ -25,7 +25,7 @@ static bool s2n_server_ems_should_send(struct s2n_connection *conn); static int s2n_server_ems_if_missing(struct s2n_connection *conn); /** - *= https://tools.ietf.org/rfc/rfc7627#section-5.1 + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.1 *# *# This document defines a new TLS extension, "extended_master_secret" *# (with extension type 0x0017), which is used to signal both client and @@ -63,7 +63,7 @@ static int s2n_server_ems_if_missing(struct s2n_connection *conn) POSIX_ENSURE_REF(conn); /** - *= https://tools.ietf.org/rfc/rfc7627#section-5.3 + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.3 *# If the original session used the extension but the new ServerHello *# does not contain the extension, the client MUST abort the *# handshake. diff --git a/tls/extensions/s2n_server_key_share.c b/tls/extensions/s2n_server_key_share.c index dad49ec14e1..08128c8df34 100644 --- a/tls/extensions/s2n_server_key_share.c +++ b/tls/extensions/s2n_server_key_share.c @@ -258,7 +258,7 @@ static int s2n_server_key_share_recv_ecc(struct s2n_connection *conn, uint16_t n const struct s2n_ecc_named_curve *negotiated_curve = ecc_pref->ecc_curves[supported_curve_index]; /** - *= https://tools.ietf.org/rfc/rfc8446#4.2.8 + *= https://www.rfc-editor.org/rfc/rfc8446#4.2.8 *# If using (EC)DHE key establishment and a HelloRetryRequest containing a *# "key_share" extension was received by the client, the client MUST *# verify that the selected NamedGroup in the ServerHello is the same as diff --git a/tls/extensions/s2n_server_max_fragment_length.c b/tls/extensions/s2n_server_max_fragment_length.c index 45158f5e4f4..0e6cd9e53bc 100644 --- a/tls/extensions/s2n_server_max_fragment_length.c +++ b/tls/extensions/s2n_server_max_fragment_length.c @@ -58,7 +58,7 @@ static int s2n_max_fragment_length_recv(struct s2n_connection *conn, struct s2n_ POSIX_GUARD(s2n_stuffer_read_uint8(extension, &mfl_code)); /* - *= https://tools.ietf.org/rfc/rfc6066#section-4 + *= https://www.rfc-editor.org/rfc/rfc6066#section-4 *# Similarly, if a client *# receives a maximum fragment length negotiation response that differs *# from the length it requested, it MUST also abort the handshake with @@ -67,7 +67,7 @@ static int s2n_max_fragment_length_recv(struct s2n_connection *conn, struct s2n_ S2N_ERROR_IF(mfl_code != conn->config->mfl_code, S2N_ERR_MAX_FRAG_LEN_MISMATCH); /* - *= https://tools.ietf.org/rfc/rfc6066#section-4 + *= https://www.rfc-editor.org/rfc/rfc6066#section-4 *# Once a maximum fragment length other than 2^14 has been successfully *# negotiated, the client and server MUST immediately begin fragmenting *# messages (including handshake messages) to ensure that no fragment diff --git a/tls/extensions/s2n_server_renegotiation_info.c b/tls/extensions/s2n_server_renegotiation_info.c index 845d5735014..7dc9e0c9dea 100644 --- a/tls/extensions/s2n_server_renegotiation_info.c +++ b/tls/extensions/s2n_server_renegotiation_info.c @@ -26,7 +26,7 @@ * s2n-tls servers do NOT support renegotiation. * * We implement this extension to handle clients that require secure renegotiation support: - *= https://tools.ietf.org/rfc/rfc5746#4.3 + *= https://www.rfc-editor.org/rfc/rfc5746#4.3 *# In order to enable clients to probe, even servers that do not support *# renegotiation MUST implement the minimal version of the extension *# described in this document for initial handshakes, thus signaling @@ -46,7 +46,7 @@ const s2n_extension_type s2n_server_renegotiation_info_extension = { .if_missing = s2n_renegotiation_info_if_missing, /** - *= https://tools.ietf.org/rfc/rfc5746#3.6 + *= https://www.rfc-editor.org/rfc/rfc5746#3.6 *# Note that sending a "renegotiation_info" extension in response to a *# ClientHello containing only the SCSV is an explicit exception to the *# prohibition in RFC 5246, Section 7.4.1.4, on the server sending @@ -62,7 +62,7 @@ const s2n_extension_type s2n_server_renegotiation_info_extension = { }; /** - *= https://tools.ietf.org/rfc/rfc5746#3.6 + *= https://www.rfc-editor.org/rfc/rfc5746#3.6 *# o If the secure_renegotiation flag is set to TRUE, the server MUST *# include an empty "renegotiation_info" extension in the ServerHello *# message. @@ -73,7 +73,7 @@ static bool s2n_renegotiation_info_should_send(struct s2n_connection *conn) } /** - *= https://tools.ietf.org/rfc/rfc5746#3.6 + *= https://www.rfc-editor.org/rfc/rfc5746#3.6 *# o If the secure_renegotiation flag is set to TRUE, the server MUST *# include an empty "renegotiation_info" extension in the ServerHello *# message. @@ -94,14 +94,14 @@ static int s2n_renegotiation_info_send_renegotiation(struct s2n_connection *conn POSIX_ENSURE(s2n_in_unit_test(), S2N_ERR_NOT_IN_UNIT_TEST); /** - *= https://tools.ietf.org/rfc/rfc5746#3.7 + *= https://www.rfc-editor.org/rfc/rfc5746#3.7 *# This text applies if the connection's "secure_renegotiation" flag is *# set to TRUE (if it is set to FALSE, see Section 4.4). */ POSIX_ENSURE(conn->secure_renegotiation, S2N_ERR_NO_RENEGOTIATION); /** - *= https://tools.ietf.org/rfc/rfc5746#3.7 + *= https://www.rfc-editor.org/rfc/rfc5746#3.7 *# o The server MUST include a "renegotiation_info" extension *# containing the saved client_verify_data and server_verify_data in *# the ServerHello. @@ -126,7 +126,7 @@ static int s2n_renegotiation_info_send(struct s2n_connection *conn, struct s2n_s } /** - *= https://tools.ietf.org/rfc/rfc5746#3.4 + *= https://www.rfc-editor.org/rfc/rfc5746#3.4 *# o When a ServerHello is received, the client MUST check if it *# includes the "renegotiation_info" extension: */ @@ -135,7 +135,7 @@ static int s2n_renegotiation_info_recv_initial(struct s2n_connection *conn, stru POSIX_ENSURE_REF(conn); /** - *= https://tools.ietf.org/rfc/rfc5746#3.4 + *= https://www.rfc-editor.org/rfc/rfc5746#3.4 *# * The client MUST then verify that the length of the *# "renegotiated_connection" field is zero, and if it is not, MUST *# abort the handshake (by sending a fatal handshake_failure alert). @@ -146,7 +146,7 @@ static int s2n_renegotiation_info_recv_initial(struct s2n_connection *conn, stru POSIX_ENSURE(renegotiated_connection_len == 0, S2N_ERR_NON_EMPTY_RENEGOTIATION_INFO); /** - *= https://tools.ietf.org/rfc/rfc5746#3.4 + *= https://www.rfc-editor.org/rfc/rfc5746#3.4 *# * If the extension is present, set the secure_renegotiation flag to TRUE. */ conn->secure_renegotiation = 1; @@ -160,14 +160,14 @@ static int s2n_renegotiation_info_recv_renegotiation(struct s2n_connection *conn POSIX_ENSURE_GT(verify_data_len, 0); /** - *= https://tools.ietf.org/rfc/rfc5746#3.5 + *= https://www.rfc-editor.org/rfc/rfc5746#3.5 *# This text applies if the connection's "secure_renegotiation" flag is *# set to TRUE (if it is set to FALSE, see Section 4.2). */ POSIX_ENSURE(conn->secure_renegotiation, S2N_ERR_NO_RENEGOTIATION); /** - *= https://tools.ietf.org/rfc/rfc5746#3.5 + *= https://www.rfc-editor.org/rfc/rfc5746#3.5 *# o The client MUST then verify that the first half of the *# "renegotiated_connection" field is equal to the saved *# client_verify_data value, and the second half is equal to the @@ -194,7 +194,7 @@ static int s2n_renegotiation_info_recv_renegotiation(struct s2n_connection *conn /** * Note that this extension must also work for SSLv3: - *= https://tools.ietf.org/rfc/rfc5746#4.5 + *= https://www.rfc-editor.org/rfc/rfc5746#4.5 *# Clients that support SSLv3 and offer secure renegotiation (either via SCSV or *# "renegotiation_info") MUST accept the "renegotiation_info" extension *# from the server, even if the server version is {0x03, 0x00}, and @@ -215,7 +215,7 @@ static int s2n_renegotiation_info_if_missing(struct s2n_connection *conn) POSIX_ENSURE_REF(conn); if (s2n_handshake_is_renegotiation(conn)) { /** - *= https://tools.ietf.org/rfc/rfc5746#3.5 + *= https://www.rfc-editor.org/rfc/rfc5746#3.5 *# o When a ServerHello is received, the client MUST verify that the *# "renegotiation_info" extension is present; if it is not, the *# client MUST abort the handshake. @@ -223,7 +223,7 @@ static int s2n_renegotiation_info_if_missing(struct s2n_connection *conn) POSIX_BAIL(S2N_ERR_NO_RENEGOTIATION); } else { /** - *= https://tools.ietf.org/rfc/rfc5746#3.4 + *= https://www.rfc-editor.org/rfc/rfc5746#3.4 *# * If the extension is not present, the server does not support *# secure renegotiation; set secure_renegotiation flag to FALSE. *# In this case, some clients may want to terminate the handshake @@ -232,7 +232,7 @@ static int s2n_renegotiation_info_if_missing(struct s2n_connection *conn) conn->secure_renegotiation = false; /** - *= https://tools.ietf.org/rfc/rfc5746#4.1 + *= https://www.rfc-editor.org/rfc/rfc5746#4.1 *= type=exception *= reason=Avoid interoperability problems *# If clients wish to ensure that such attacks are impossible, they need diff --git a/tls/extensions/s2n_server_supported_versions.c b/tls/extensions/s2n_server_supported_versions.c index d950b166fae..7b70f32800d 100644 --- a/tls/extensions/s2n_server_supported_versions.c +++ b/tls/extensions/s2n_server_supported_versions.c @@ -71,7 +71,7 @@ static int s2n_extensions_server_supported_versions_process(struct s2n_connectio uint16_t server_version = (server_version_parts[0] * 10) + server_version_parts[1]; /** - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *# The value of selected_version in the HelloRetryRequest *# "supported_versions" extension MUST be retained in the ServerHello, *# and a client MUST abort the handshake with an "illegal_parameter" diff --git a/tls/s2n_aead.c b/tls/s2n_aead.c index 61cbe78810d..30143a99c3f 100644 --- a/tls/s2n_aead.c +++ b/tls/s2n_aead.c @@ -60,7 +60,7 @@ S2N_RESULT s2n_tls13_aead_aad_init(uint16_t record_length, uint8_t tag_length, s size_t idx = 0; /** - *= https://tools.ietf.org/rfc/rfc8446#section-5.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-5.2 *# opaque_type: The outer opaque_type field of a TLSCiphertext record *# is always set to the value 23 (application_data) for outward *# compatibility with middleboxes accustomed to parsing previous @@ -70,7 +70,7 @@ S2N_RESULT s2n_tls13_aead_aad_init(uint16_t record_length, uint8_t tag_length, s data[idx++] = TLS_APPLICATION_DATA; /** - *= https://tools.ietf.org/rfc/rfc8446#section-5.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-5.2 *# legacy_record_version: The legacy_record_version field is always *# 0x0303. TLS 1.3 TLSCiphertexts are not generated until after *# TLS 1.3 has been negotiated, so there are no historical @@ -83,7 +83,7 @@ S2N_RESULT s2n_tls13_aead_aad_init(uint16_t record_length, uint8_t tag_length, s data[idx++] = 0x03; /** - *= https://tools.ietf.org/rfc/rfc8446#section-5.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-5.2 *# length: The length (in bytes) of the following *# TLSCiphertext.encrypted_record, which is the sum of the lengths of *# the content and the padding, plus one for the inner content type, diff --git a/tls/s2n_alerts.c b/tls/s2n_alerts.c index 175c26c0e2f..73c46c63da9 100644 --- a/tls/s2n_alerts.c +++ b/tls/s2n_alerts.c @@ -56,7 +56,7 @@ static S2N_RESULT s2n_translate_protocol_error_to_alert(int error_code, uint8_t S2N_ALERT_CASE(S2N_ERR_MISSING_CERT_REQUEST, S2N_TLS_ALERT_UNEXPECTED_MESSAGE); /* For errors involving secure renegotiation: - *= https://tools.ietf.org/rfc/rfc5746#3.4 + *= https://www.rfc-editor.org/rfc/rfc5746#3.4 *# Note: later in Section 3, "abort the handshake" is used as *# shorthand for "send a fatal handshake_failure alert and *# terminate the connection". @@ -152,7 +152,7 @@ static bool s2n_alerts_supported(struct s2n_connection *conn) } /* In TLS1.3 all Alerts - *= https://tools.ietf.org/rfc/rfc8446#section-6 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6 *# MUST be treated as error alerts when received *# regardless of the AlertLevel in the message. */ @@ -237,7 +237,7 @@ int s2n_process_alert_fragment(struct s2n_connection *conn) /* All other alerts are treated as fatal errors. * - *= https://tools.ietf.org/rfc/rfc8446#section-6 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6 *# Unknown Alert types MUST be treated as error alerts. */ POSIX_GUARD_RESULT(s2n_connection_set_closed(conn)); @@ -273,7 +273,7 @@ int s2n_queue_reader_handshake_failure_alert(struct s2n_connection *conn) S2N_RESULT s2n_queue_reader_no_renegotiation_alert(struct s2n_connection *conn) { /** - *= https://tools.ietf.org/rfc/rfc5746#4.5 + *= https://www.rfc-editor.org/rfc/rfc5746#4.5 *# SSLv3 does not define the "no_renegotiation" alert (and does *# not offer a way to indicate a refusal to renegotiate at a "warning" *# level). SSLv3 clients that refuse renegotiation SHOULD use a fatal @@ -297,7 +297,7 @@ S2N_RESULT s2n_alerts_write_error_or_close_notify(struct s2n_connection *conn) } /* - *= https://tools.ietf.org/rfc/rfc8446#section-6.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6.2 *= type=exception *= reason=Specific alerts could expose a side-channel attack vector. *# The phrases "terminate the connection with an X diff --git a/tls/s2n_alerts.h b/tls/s2n_alerts.h index 910296eb97f..1e158ad1726 100644 --- a/tls/s2n_alerts.h +++ b/tls/s2n_alerts.h @@ -24,7 +24,7 @@ typedef enum { /* - *= https://tools.ietf.org/rfc/rfc8446#section-6 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6 *# enum { *# close_notify(0), *# unexpected_message(10), @@ -38,7 +38,7 @@ typedef enum { S2N_TLS_ALERT_RECORD_OVERFLOW = 22, S2N_TLS_ALERT_HANDSHAKE_FAILURE = 40, /* - *= https://tools.ietf.org/rfc/rfc8446#section-6 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6 *# bad_certificate(42), *# unsupported_certificate(43), *# certificate_revoked(44), @@ -51,7 +51,7 @@ typedef enum { S2N_TLS_ALERT_CERTIFICATE_EXPIRED = 45, S2N_TLS_ALERT_CERTIFICATE_UNKNOWN = 46, /* - *= https://tools.ietf.org/rfc/rfc8446#section-6 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6 *# illegal_parameter(47), *# unknown_ca(48), *# access_denied(49), @@ -64,7 +64,7 @@ typedef enum { S2N_TLS_ALERT_DECODE_ERROR = 50, S2N_TLS_ALERT_DECRYPT_ERROR = 51, /* - *= https://tools.ietf.org/rfc/rfc8446#section-6 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6 *# protocol_version(70), *# insufficient_security(71), *# internal_error(80), @@ -77,12 +77,12 @@ typedef enum { S2N_TLS_ALERT_INAPPROPRIATE_FALLBACK = 86, S2N_TLS_ALERT_USER_CANCELED = 90, /* - *= https://tools.ietf.org/rfc/rfc5246#section-7.2 + *= https://www.rfc-editor.org/rfc/rfc5246#section-7.2 *# no_renegotiation(100), */ S2N_TLS_ALERT_NO_RENEGOTIATION = 100, /* - *= https://tools.ietf.org/rfc/rfc8446#section-6 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6 *# missing_extension(109), *# unsupported_extension(110), *# unrecognized_name(112), @@ -95,7 +95,7 @@ typedef enum { S2N_TLS_ALERT_BAD_CERTIFICATE_STATUS_RESPONSE = 113, S2N_TLS_ALERT_UNKNOWN_PSK_IDENTITY = 115, /* - *= https://tools.ietf.org/rfc/rfc8446#section-6 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6 *# certificate_required(116), *# no_application_protocol(120), *# (255) diff --git a/tls/s2n_cipher_suites.c b/tls/s2n_cipher_suites.c index 74402344c18..4c32e680147 100644 --- a/tls/s2n_cipher_suites.c +++ b/tls/s2n_cipher_suites.c @@ -1135,16 +1135,16 @@ int s2n_set_cipher_as_client(struct s2n_connection *conn, uint8_t wire[S2N_TLS_C * Ensure that the wire cipher suite is contained in the security * policy, and thus was offered by the client. * - *= https://tools.ietf.org/rfc/rfc8446#4.1.3 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.3 *# A client which receives a *# cipher suite that was not offered MUST abort the handshake with an *# "illegal_parameter" alert. * - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *# A client which receives a cipher suite that was not offered MUST *# abort the handshake. * - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *# Upon receipt of a HelloRetryRequest, the client MUST check the *# legacy_version, legacy_session_id_echo, cipher_suite **/ @@ -1161,7 +1161,7 @@ int s2n_set_cipher_as_client(struct s2n_connection *conn, uint8_t wire[S2N_TLS_C POSIX_ENSURE(cipher_suite->available, S2N_ERR_CIPHER_NOT_SUPPORTED); /** Clients MUST verify - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.11 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.11 *# that the server selected a cipher suite *# indicating a Hash associated with the PSK **/ @@ -1171,7 +1171,7 @@ int s2n_set_cipher_as_client(struct s2n_connection *conn, uint8_t wire[S2N_TLS_C } /** - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *# Upon receiving *# the ServerHello, clients MUST check that the cipher suite supplied in *# the ServerHello is the same as that in the HelloRetryRequest and @@ -1254,7 +1254,7 @@ static int s2n_set_cipher_as_server(struct s2n_connection *conn, uint8_t *wire, if (s2n_wire_ciphers_contain(renegotiation_info_scsv, wire, count, cipher_suite_len)) { /** For renegotiation handshakes: - *= https://tools.ietf.org/rfc/rfc5746#3.7 + *= https://www.rfc-editor.org/rfc/rfc5746#3.7 *# o When a ClientHello is received, the server MUST verify that it *# does not contain the TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If *# the SCSV is present, the server MUST abort the handshake. @@ -1262,7 +1262,7 @@ static int s2n_set_cipher_as_server(struct s2n_connection *conn, uint8_t *wire, POSIX_ENSURE(!s2n_handshake_is_renegotiation(conn), S2N_ERR_BAD_MESSAGE); /** For initial handshakes: - *= https://tools.ietf.org/rfc/rfc5746#3.6 + *= https://www.rfc-editor.org/rfc/rfc5746#3.6 *# o When a ClientHello is received, the server MUST check if it *# includes the TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If it does, *# set the secure_renegotiation flag to TRUE. @@ -1327,7 +1327,7 @@ static int s2n_set_cipher_as_server(struct s2n_connection *conn, uint8_t *wire, } /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.11 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.11 *# The server MUST ensure that it selects a compatible PSK *# (if any) and cipher suite. **/ diff --git a/tls/s2n_client_hello.c b/tls/s2n_client_hello.c index 17bf3e6a82b..9ea7f557e71 100644 --- a/tls/s2n_client_hello.c +++ b/tls/s2n_client_hello.c @@ -85,7 +85,7 @@ static S2N_RESULT s2n_generate_client_session_id(struct s2n_connection *conn) /* QUIC should not allow session ids for any reason. * - *= https://tools.ietf.org/rfc/rfc9001#section-8.4 + *= https://www.rfc-editor.org/rfc/rfc9001#section-8.4 *# A server SHOULD treat the receipt of a TLS ClientHello with a non-empty *# legacy_session_id field as a connection error of type PROTOCOL_VIOLATION. */ @@ -225,7 +225,7 @@ static S2N_RESULT s2n_client_hello_verify_for_retry(struct s2n_connection *conn, } /* - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.2 *# The client will also send a *# ClientHello when the server has responded to its ClientHello with a *# HelloRetryRequest. In that case, the client MUST send the same @@ -292,7 +292,7 @@ static S2N_RESULT s2n_client_hello_verify_for_retry(struct s2n_connection *conn, switch (extension_type) { /* - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.2 *# - If a "key_share" extension was supplied in the HelloRetryRequest, *# replacing the list of shares with a list containing a single *# KeyShareEntry from the indicated group. @@ -301,7 +301,7 @@ static S2N_RESULT s2n_client_hello_verify_for_retry(struct s2n_connection *conn, /* Handled when parsing the key share extension */ break; /* - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.2 *# - Removing the "early_data" extension (Section 4.2.10) if one was *# present. Early data is not permitted after a HelloRetryRequest. */ @@ -309,7 +309,7 @@ static S2N_RESULT s2n_client_hello_verify_for_retry(struct s2n_connection *conn, RESULT_ENSURE(new_size == 0, S2N_ERR_BAD_MESSAGE); break; /* - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.2 *# - Including a "cookie" extension if one was provided in the *# HelloRetryRequest. */ @@ -317,7 +317,7 @@ static S2N_RESULT s2n_client_hello_verify_for_retry(struct s2n_connection *conn, /* Handled when parsing the cookie extension */ break; /* - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.2 *# - Updating the "pre_shared_key" extension if present by recomputing *# the "obfuscated_ticket_age" and binder values and (optionally) *# removing any PSKs which are incompatible with the server's @@ -481,7 +481,7 @@ int s2n_parse_client_hello(struct s2n_connection *conn) * A TLS-compliant application MUST support key exchange with secp256r1 (NIST P-256) * and SHOULD support key exchange with X25519 [RFC7748] * - *= https://tools.ietf.org/rfc/rfc4492#section-4 + *= https://www.rfc-editor.org/rfc/rfc4492#section-4 *# A client that proposes ECC cipher suites may choose not to include these extensions. *# In this case, the server is free to choose any one of the elliptic curves or point formats listed in Section 5. * @@ -599,7 +599,7 @@ int s2n_process_client_hello(struct s2n_connection *conn) /* Check if this is the second client hello in a hello retry handshake */ if (s2n_is_hello_retry_handshake(conn) && conn->handshake.message_number > 0) { /** - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *# Servers MUST ensure that they negotiate the *# same cipher suite when receiving a conformant updated ClientHello (if *# the server selects the cipher suite as the first step in the @@ -756,7 +756,7 @@ int s2n_client_hello_send(struct s2n_connection *conn) /** * For initial handshakes: - *= https://tools.ietf.org/rfc/rfc5746#3.4 + *= https://www.rfc-editor.org/rfc/rfc5746#3.4 *# o The client MUST include either an empty "renegotiation_info" *# extension, or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling *# cipher suite value in the ClientHello. Including both is NOT @@ -765,7 +765,7 @@ int s2n_client_hello_send(struct s2n_connection *conn) * rather than the "renegotiation_info" extension. * * For renegotiation handshakes: - *= https://tools.ietf.org/rfc/rfc5746#3.5 + *= https://www.rfc-editor.org/rfc/rfc5746#3.5 *# The SCSV MUST NOT be included. */ if (tls12_is_possible && !s2n_handshake_is_renegotiation(conn)) { diff --git a/tls/s2n_client_hello_request.c b/tls/s2n_client_hello_request.c index 699018f575c..82a9f22d57c 100644 --- a/tls/s2n_client_hello_request.c +++ b/tls/s2n_client_hello_request.c @@ -26,7 +26,7 @@ S2N_RESULT s2n_client_hello_request_validate(struct s2n_connection *conn) } /* - *= https://tools.ietf.org/rfc/rfc5246#section-7.4.1.1 + *= https://www.rfc-editor.org/rfc/rfc5246#section-7.4.1.1 *# The HelloRequest message MAY be sent by the server at any time. */ RESULT_ENSURE(conn->mode == S2N_CLIENT, S2N_ERR_BAD_MESSAGE); @@ -48,7 +48,7 @@ S2N_RESULT s2n_client_hello_request_recv(struct s2n_connection *conn) } /* - *= https://tools.ietf.org/rfc/rfc5746#section-4.2 + *= https://www.rfc-editor.org/rfc/rfc5746#section-4.2 *# This text applies if the connection's "secure_renegotiation" flag is *# set to FALSE. *# @@ -71,7 +71,7 @@ S2N_RESULT s2n_client_hello_request_recv(struct s2n_connection *conn) RESULT_ENSURE(result == S2N_SUCCESS, S2N_ERR_CANCELLED); /* - *= https://tools.ietf.org/rfc/rfc5246#section-7.4.1.1 + *= https://www.rfc-editor.org/rfc/rfc5246#section-7.4.1.1 *# This message MAY be ignored by *# the client if it does not wish to renegotiate a session, or the *# client may, if it wishes, respond with a no_renegotiation alert. diff --git a/tls/s2n_config.c b/tls/s2n_config.c index e188cc0db5f..5683b764ef0 100644 --- a/tls/s2n_config.c +++ b/tls/s2n_config.c @@ -1121,7 +1121,7 @@ int s2n_config_set_verify_after_sign(struct s2n_config *config, s2n_verify_after } /* - *= https://tools.ietf.org/rfc/rfc5746#5 + *= https://www.rfc-editor.org/rfc/rfc5746#5 *# TLS implementations SHOULD provide a mechanism to disable and enable *# renegotiation. */ diff --git a/tls/s2n_connection.c b/tls/s2n_connection.c index 874bd329bbe..74f1597aabb 100644 --- a/tls/s2n_connection.c +++ b/tls/s2n_connection.c @@ -1703,7 +1703,7 @@ bool s2n_connection_check_io_status(struct s2n_connection *conn, s2n_io_status s bool full_duplex = !read_closed && !write_closed; /* - *= https://tools.ietf.org/rfc/rfc8446#section-6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6.1 *# Note that this is a change from versions of TLS prior to TLS 1.3 in *# which implementations were required to react to a "close_notify" by *# discarding pending writes and sending an immediate "close_notify" diff --git a/tls/s2n_early_data.c b/tls/s2n_early_data.c index 51083975d97..6898721d9fe 100644 --- a/tls/s2n_early_data.c +++ b/tls/s2n_early_data.c @@ -64,7 +64,7 @@ static S2N_RESULT s2n_early_data_validate(struct s2n_connection *conn) RESULT_ENSURE_REF(conn->secure); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# In order to accept early data, the server MUST have accepted a PSK *# cipher suite and selected the first key offered in the client's *# "pre_shared_key" extension. @@ -76,7 +76,7 @@ static S2N_RESULT s2n_early_data_validate(struct s2n_connection *conn) RESULT_ENSURE_GT(config->max_early_data_size, 0); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# In addition, it MUST verify that the *# following values are the same as those associated with the *# selected PSK: @@ -85,12 +85,12 @@ static S2N_RESULT s2n_early_data_validate(struct s2n_connection *conn) **/ RESULT_ENSURE_EQ(config->protocol_version, s2n_connection_get_protocol_version(conn)); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# - The selected cipher suite **/ RESULT_ENSURE_EQ(config->cipher_suite, conn->secure->cipher_suite); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# - The selected ALPN [RFC7301] protocol, if any **/ const size_t app_protocol_size = strlen(conn->application_protocol); @@ -119,7 +119,7 @@ S2N_RESULT s2n_early_data_accept_or_reject(struct s2n_connection *conn) } /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# If any of these checks fail, the server MUST NOT respond with the *# extension **/ diff --git a/tls/s2n_early_data_io.c b/tls/s2n_early_data_io.c index e6a4ca8345a..2201c0fc4c5 100644 --- a/tls/s2n_early_data_io.c +++ b/tls/s2n_early_data_io.c @@ -39,7 +39,7 @@ int s2n_end_of_early_data_recv(struct s2n_connection *conn) } /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# If the client attempts a 0-RTT handshake but the server *# rejects it, the server will generally not have the 0-RTT record *# protection keys and must instead use trial decryption (either with diff --git a/tls/s2n_handshake_io.c b/tls/s2n_handshake_io.c index a285453f160..33cb4b0f382 100644 --- a/tls/s2n_handshake_io.c +++ b/tls/s2n_handshake_io.c @@ -918,11 +918,11 @@ int s2n_set_hello_retry_required(struct s2n_connection *conn) /* HelloRetryRequests also indicate rejection of early data. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# A server which receives an "early_data" extension MUST behave in one *# of three ways: * - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# - Request that the client send another ClientHello by responding *# with a HelloRetryRequest. **/ @@ -994,7 +994,7 @@ static S2N_RESULT s2n_validate_ems_status(struct s2n_connection *conn) bool ems_extension_recv = S2N_CBIT_TEST(conn->extension_requests_received, ems_ext_id); /** - *= https://tools.ietf.org/rfc/rfc7627#section-5.3 + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.3 *# If the original session used the "extended_master_secret" *# extension but the new ClientHello does not contain it, the server *# MUST abort the abbreviated handshake. @@ -1407,7 +1407,7 @@ static int s2n_handshake_read_io(struct s2n_connection *conn) int r = s2n_read_full_record(conn, &record_type, &isSSLv2); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# If the client attempts a 0-RTT handshake but the server *# rejects it, the server will generally not have the 0-RTT record *# protection keys and must instead use trial decryption (either with @@ -1519,7 +1519,7 @@ static int s2n_handshake_read_io(struct s2n_connection *conn) } /* - *= https://tools.ietf.org/rfc/rfc5246#section-7.4 + *= https://www.rfc-editor.org/rfc/rfc5246#section-7.4 *# The one message that is not bound by these ordering rules *# is the HelloRequest message, which can be sent at any time, but which *# SHOULD be ignored by the client if it arrives in the middle of a handshake. diff --git a/tls/s2n_post_handshake.c b/tls/s2n_post_handshake.c index 6255fa9c009..e0c3daed848 100644 --- a/tls/s2n_post_handshake.c +++ b/tls/s2n_post_handshake.c @@ -39,7 +39,7 @@ S2N_RESULT s2n_post_handshake_process(struct s2n_connection *conn, struct s2n_st /* * s2n-tls does not support post-handshake authentication. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.2 *# A client that receives a CertificateRequest message without having *# sent the "post_handshake_auth" extension MUST send an *# "unexpected_message" fatal alert. diff --git a/tls/s2n_prf.c b/tls/s2n_prf.c index c467d3b616b..8ae6602d61f 100644 --- a/tls/s2n_prf.c +++ b/tls/s2n_prf.c @@ -731,7 +731,7 @@ int s2n_prf_calculate_master_secret(struct s2n_connection *conn, struct s2n_blob } /** - *= https://tools.ietf.org/rfc/rfc7627#section-4 + *= https://www.rfc-editor.org/rfc/rfc7627#section-4 *# When the extended master secret extension is negotiated in a full *# handshake, the "master_secret" is computed as *# diff --git a/tls/s2n_protocol_preferences.c b/tls/s2n_protocol_preferences.c index 6320550c01a..cf5674e6fec 100644 --- a/tls/s2n_protocol_preferences.c +++ b/tls/s2n_protocol_preferences.c @@ -62,7 +62,7 @@ S2N_RESULT s2n_protocol_preferences_append(struct s2n_blob *application_protocol RESULT_ENSURE_REF(protocol); /** - *= https://tools.ietf.org/rfc/rfc7301#section-3.1 + *= https://www.rfc-editor.org/rfc/rfc7301#section-3.1 *# Empty strings *# MUST NOT be included and byte strings MUST NOT be truncated. */ @@ -114,7 +114,7 @@ S2N_RESULT s2n_protocol_preferences_set(struct s2n_blob *application_protocols, size_t length = strlen(protocols[i]); /** - *= https://tools.ietf.org/rfc/rfc7301#section-3.1 + *= https://www.rfc-editor.org/rfc/rfc7301#section-3.1 *# Empty strings *# MUST NOT be included and byte strings MUST NOT be truncated. */ diff --git a/tls/s2n_psk.c b/tls/s2n_psk.c index 4b5e5b4f71c..74da8a45386 100644 --- a/tls/s2n_psk.c +++ b/tls/s2n_psk.c @@ -216,7 +216,7 @@ S2N_RESULT s2n_offered_psk_list_read_next(struct s2n_offered_psk_list *psk_list, RESULT_ENSURE_REF(identity_data); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.11 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.11 *# For identities established externally, an obfuscated_ticket_age of 0 SHOULD be *# used, and servers MUST ignore the value. */ @@ -285,7 +285,7 @@ static S2N_RESULT s2n_match_psk_identity(struct s2n_array *known_psks, const str } /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.2.10 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.2.10 *# For PSKs provisioned via NewSessionTicket, a server MUST validate *# that the ticket age for the selected PSK identity (computed by *# subtracting ticket_age_add from PskIdentity.obfuscated_ticket_age @@ -496,7 +496,7 @@ static S2N_RESULT s2n_psk_write_binder_list(struct s2n_connection *conn, const s RESULT_ENSURE_REF(psk); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.4 *# In addition, in its updated ClientHello, the client SHOULD NOT offer *# any pre-shared keys associated with a hash other than that of the *# selected cipher suite. This allows the client to avoid having to diff --git a/tls/s2n_record.h b/tls/s2n_record.h index 36d34d59eaa..fe97e3f13cc 100644 --- a/tls/s2n_record.h +++ b/tls/s2n_record.h @@ -33,11 +33,11 @@ /* * All versions of TLS limit the data fragment to 2^14 bytes. * - *= https://tools.ietf.org/rfc/rfc5246#section-6.2.1 + *= https://www.rfc-editor.org/rfc/rfc5246#section-6.2.1 *# The record layer fragments information blocks into TLSPlaintext *# records carrying data in chunks of 2^14 bytes or less. * - *= https://tools.ietf.org/rfc/rfc8446#section-5.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-5.1 *# The record layer fragments information blocks into TLSPlaintext *# records carrying data in chunks of 2^14 bytes or less. */ @@ -53,7 +53,7 @@ #define S2N_TLS12_MAXIMUM_RECORD_LENGTH S2N_TLS12_MAX_RECORD_LEN_FOR(S2N_TLS_MAXIMUM_FRAGMENT_LENGTH) /* - *= https://tools.ietf.org/rfc/rfc8446#section-5.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-5.2 *# An AEAD algorithm used in TLS 1.3 MUST NOT produce an expansion *# greater than 255 octets. */ diff --git a/tls/s2n_record_read.c b/tls/s2n_record_read.c index 13323a41470..1a078befd3f 100644 --- a/tls/s2n_record_read.c +++ b/tls/s2n_record_read.c @@ -53,7 +53,7 @@ int s2n_sslv2_record_header_parse( * Since the first bit is not actually used to indicate length, we need to * remove it from the length. * - *= https://tools.ietf.org/rfc/rfc5246#appendix-E.2 + *= https://www.rfc-editor.org/rfc/rfc5246#appendix-E.2 *# msg_length *# The highest bit MUST be 1; the remaining bits contain the length *# of the following data in bytes. @@ -132,7 +132,7 @@ int s2n_record_header_parse( * Openssl 1.0.1), so we don't check if the fragment length is > * S2N_TLS_MAXIMUM_FRAGMENT_LENGTH. We allow up to 2^16. * - *= https://tools.ietf.org/rfc/rfc8446#section-5.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-5.1 *= type=exception *= reason=Incorrect implementations exist in the wild. Ignoring instead. *# The length MUST NOT exceed 2^14 bytes. An diff --git a/tls/s2n_recv.c b/tls/s2n_recv.c index a3d29274437..5f0d169503c 100644 --- a/tls/s2n_recv.c +++ b/tls/s2n_recv.c @@ -177,12 +177,12 @@ ssize_t s2n_recv_impl(struct s2n_connection *conn, void *buf, ssize_t size_signe if (!s2n_connection_check_io_status(conn, S2N_IO_READABLE)) { /* - *= https://tools.ietf.org/rfc/rfc8446#6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#6.1 *# If a transport-level close *# is received prior to a "close_notify", the receiver cannot know that *# all the data that was sent has been received. * - *= https://tools.ietf.org/rfc/rfc8446#6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#6.1 *# If the application protocol using TLS provides that any data may be *# carried over the underlying transport after the TLS connection is *# closed, the TLS implementation MUST receive a "close_notify" alert @@ -218,7 +218,7 @@ ssize_t s2n_recv_impl(struct s2n_connection *conn, void *buf, ssize_t size_signe if (record_type != TLS_HANDSHAKE) { /* - *= https://tools.ietf.org/rfc/rfc8446#section-5.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-5.1 *# - Handshake messages MUST NOT be interleaved with other record *# types. That is, if a handshake message is split over two or more *# records, there MUST NOT be any other records between them. diff --git a/tls/s2n_resume.c b/tls/s2n_resume.c index e4c428ba2d4..812fe114040 100644 --- a/tls/s2n_resume.c +++ b/tls/s2n_resume.c @@ -182,7 +182,7 @@ static int s2n_tls12_deserialize_resumption_state(struct s2n_connection *conn, s POSIX_GUARD(s2n_stuffer_read_uint8(from, &ems_negotiated)); /** - *= https://tools.ietf.org/rfc/rfc7627#section-5.3 + *= https://www.rfc-editor.org/rfc/rfc7627#section-5.3 *# o If the original session did not use the "extended_master_secret" *# extension but the new ClientHello contains the extension, then the *# server MUST NOT perform the abbreviated handshake. Instead, it @@ -311,7 +311,7 @@ static S2N_RESULT s2n_tls13_deserialize_session_state(struct s2n_connection *con RESULT_GUARD_POSIX(s2n_stuffer_read_uint64(from, &psk.ticket_issue_time)); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *# Clients MUST NOT cache *# tickets for longer than 7 days, regardless of the ticket_lifetime, *# and MAY delete tickets earlier based on local policy. diff --git a/tls/s2n_server_extensions.c b/tls/s2n_server_extensions.c index 90d4a088fcb..5454df2c629 100644 --- a/tls/s2n_server_extensions.c +++ b/tls/s2n_server_extensions.c @@ -67,7 +67,7 @@ int s2n_server_extensions_recv(struct s2n_connection *conn, struct s2n_stuffer * if (s2n_is_hello_retry_message(conn)) { /** - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *# Otherwise, the client MUST process all extensions in the *# HelloRetryRequest */ diff --git a/tls/s2n_server_hello.c b/tls/s2n_server_hello.c index 7c889bba63d..0524213f6e4 100644 --- a/tls/s2n_server_hello.c +++ b/tls/s2n_server_hello.c @@ -110,14 +110,14 @@ static int s2n_server_hello_parse(struct s2n_connection *conn) uint8_t legacy_version = (uint8_t) (protocol_version[0] * 10) + protocol_version[1]; /** - *= https://tools.ietf.org/rfc/rfc8446#4.1.3 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.3 *# Upon receiving a message with type server_hello, implementations MUST *# first examine the Random value and, if it matches this value, process *# it as described in Section 4.1.4). **/ if (s2n_random_value_is_hello_retry(conn) == S2N_SUCCESS) { /** - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *# If a client receives a second *# HelloRetryRequest in the same connection (i.e., where the ClientHello *# was itself in response to a HelloRetryRequest), it MUST abort the @@ -126,7 +126,7 @@ static int s2n_server_hello_parse(struct s2n_connection *conn) POSIX_ENSURE(!s2n_is_hello_retry_handshake(conn), S2N_ERR_INVALID_HELLO_RETRY); /** - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *# Upon receipt of a HelloRetryRequest, the client MUST check the *# legacy_version **/ @@ -145,11 +145,11 @@ static int s2n_server_hello_parse(struct s2n_connection *conn) POSIX_GUARD(s2n_stuffer_read_uint8(in, &compression_method)); /** - *= https://tools.ietf.org/rfc/rfc8446#4.1.3 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.3 *# legacy_compression_method: A single byte which MUST have the *# value 0. * - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *# Upon receipt of a HelloRetryRequest, the client MUST check the *# legacy_version, legacy_session_id_echo, cipher_suite, and *# legacy_compression_method @@ -165,7 +165,7 @@ static int s2n_server_hello_parse(struct s2n_connection *conn) POSIX_GUARD(s2n_server_extensions_recv(conn, in)); /** - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *# The server's extensions MUST contain "supported_versions". **/ if (s2n_is_hello_retry_message(conn)) { @@ -185,7 +185,7 @@ static int s2n_server_hello_parse(struct s2n_connection *conn) *# it sent in the ClientHello MUST abort the handshake with an *# "illegal_parameter" alert. * - *= https://tools.ietf.org/rfc/rfc8446#4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#4.1.4 *# Upon receipt of a HelloRetryRequest, the client MUST check the *# legacy_version, legacy_session_id_echo **/ @@ -206,7 +206,7 @@ static int s2n_server_hello_parse(struct s2n_connection *conn) POSIX_ENSURE(!s2n_is_hello_retry_handshake(conn), S2N_ERR_BAD_MESSAGE); /* - *= https://tools.ietf.org/rfc/rfc8446#appendix-D.3 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-D.3 *# A client that attempts to send 0-RTT data MUST fail a connection if *# it receives a ServerHello with TLS 1.2 or older. */ @@ -224,7 +224,7 @@ static int s2n_server_hello_parse(struct s2n_connection *conn) conn->actual_protocol_version = MIN(conn->server_protocol_version, conn->client_protocol_version); /* - *= https://tools.ietf.org/rfc/rfc5077#section-3.4 + *= https://www.rfc-editor.org/rfc/rfc5077#section-3.4 *# If the server accepts the ticket *# and the Session ID is not empty, then it MUST respond with the same *# Session ID present in the ClientHello. This allows the client to diff --git a/tls/s2n_server_hello_retry.c b/tls/s2n_server_hello_retry.c index 54d8dcb022d..fd05ca07236 100644 --- a/tls/s2n_server_hello_retry.c +++ b/tls/s2n_server_hello_retry.c @@ -75,7 +75,7 @@ int s2n_server_hello_retry_recv(struct s2n_connection *conn) POSIX_ENSURE((named_curve != NULL) != (kem_group != NULL), S2N_ERR_INVALID_HELLO_RETRY); /** - *= https://tools.ietf.org/rfc/rfc8446#4.2.8 + *= https://www.rfc-editor.org/rfc/rfc8446#4.2.8 *# Upon receipt of this extension in a HelloRetryRequest, the client *# MUST verify that (1) the selected_group field corresponds to a group *# which was provided in the "supported_groups" extension in the @@ -90,7 +90,7 @@ int s2n_server_hello_retry_recv(struct s2n_connection *conn) } /** - *= https://tools.ietf.org/rfc/rfc8446#4.2.8 + *= https://www.rfc-editor.org/rfc/rfc8446#4.2.8 *# and (2) the selected_group field does not *# correspond to a group which was provided in the "key_share" extension *# in the original ClientHello. @@ -107,12 +107,12 @@ int s2n_server_hello_retry_recv(struct s2n_connection *conn) } /** - *= https://tools.ietf.org/rfc/rfc8446#4.2.8 + *= https://www.rfc-editor.org/rfc/rfc8446#4.2.8 *# If either of these checks fails, then *# the client MUST abort the handshake with an "illegal_parameter" *# alert. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.1.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.1.4 *# Clients MUST abort the handshake with an *# "illegal_parameter" alert if the HelloRetryRequest would not result *# in any change in the ClientHello. diff --git a/tls/s2n_server_new_session_ticket.c b/tls/s2n_server_new_session_ticket.c index 9aef392001d..842c67e08c7 100644 --- a/tls/s2n_server_new_session_ticket.c +++ b/tls/s2n_server_new_session_ticket.c @@ -149,7 +149,7 @@ S2N_RESULT s2n_tls13_server_nst_send(struct s2n_connection *conn, s2n_blocked_st } /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *# Note that in principle it is possible to continue issuing new tickets *# which indefinitely extend the lifetime of the keying material *# originally derived from an initial non-PSK handshake (which was most @@ -185,7 +185,7 @@ S2N_RESULT s2n_tls13_server_nst_send(struct s2n_connection *conn, s2n_blocked_st } /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *# Indicates the lifetime in seconds as a 32-bit *# unsigned integer in network byte order from the time of ticket *# issuance. @@ -200,7 +200,7 @@ static S2N_RESULT s2n_generate_ticket_lifetime(struct s2n_connection *conn, uint uint32_t session_lifetime_in_secs = conn->config->session_state_lifetime_in_nanos / ONE_SEC_IN_NANOS; uint32_t key_and_session_min_lifetime = MIN(key_lifetime_in_secs, session_lifetime_in_secs); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *# Servers MUST NOT use any value greater than *# 604800 seconds (7 days). **/ @@ -210,7 +210,7 @@ static S2N_RESULT s2n_generate_ticket_lifetime(struct s2n_connection *conn, uint } /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *# A per-ticket value that is unique across all tickets *# issued on this connection. **/ @@ -226,7 +226,7 @@ static S2N_RESULT s2n_generate_ticket_nonce(uint16_t value, struct s2n_blob *out } /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *# A securely generated, random 32-bit value that is *# used to obscure the age of the ticket that the client includes in *# the "pre_shared_key" extension. @@ -245,7 +245,7 @@ static S2N_RESULT s2n_generate_ticket_age_add(struct s2n_blob *random_data, uint } /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *# The PSK associated with the ticket is computed as: *# *# HKDF-Expand-Label(resumption_master_secret, @@ -288,7 +288,7 @@ S2N_RESULT s2n_tls13_server_nst_write(struct s2n_connection *conn, struct s2n_st struct s2n_blob random_data = { 0 }; RESULT_GUARD_POSIX(s2n_blob_init(&random_data, data, sizeof(data))); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *# The server MUST generate a fresh value *# for each ticket it sends. **/ @@ -324,7 +324,7 @@ S2N_RESULT s2n_tls13_server_nst_write(struct s2n_connection *conn, struct s2n_st } /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *# struct { *# uint32 ticket_lifetime; *# uint32 ticket_age_add; @@ -351,13 +351,13 @@ S2N_RESULT s2n_tls13_server_nst_recv(struct s2n_connection *conn, struct s2n_stu uint32_t ticket_lifetime = 0; RESULT_GUARD_POSIX(s2n_stuffer_read_uint32(input, &ticket_lifetime)); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *# Servers MUST NOT use any value greater than *# 604800 seconds (7 days). */ RESULT_ENSURE(ticket_lifetime <= ONE_WEEK_IN_SEC, S2N_ERR_BAD_MESSAGE); /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.6.1 *# The value of zero indicates that the *# ticket should be discarded immediately. */ diff --git a/tls/s2n_shutdown.c b/tls/s2n_shutdown.c index f390b98290f..2ce139433b4 100644 --- a/tls/s2n_shutdown.c +++ b/tls/s2n_shutdown.c @@ -96,7 +96,7 @@ int s2n_shutdown_send(struct s2n_connection *conn, s2n_blocked_status *blocked) S2N_ERROR_IF(elapsed < conn->delay, S2N_ERR_SHUTDOWN_PAUSED); /** - *= https://tools.ietf.org/rfc/rfc8446#section-6.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-6.1 *# Each party MUST send a "close_notify" alert before closing its write *# side of the connection, unless it has already sent some error alert. */ diff --git a/tls/s2n_signature_algorithms.c b/tls/s2n_signature_algorithms.c index a871d220356..bfb5b6b7d22 100644 --- a/tls/s2n_signature_algorithms.c +++ b/tls/s2n_signature_algorithms.c @@ -228,14 +228,14 @@ S2N_RESULT s2n_signature_algorithm_select(struct s2n_connection *conn) * otherwise an intentional deviation from the RFC. * * TLS1.3 servers: - *= https://www.rfc-editor.org/rfc/rfc8446.html#section-4.4.3 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.4.3 *# If the CertificateVerify message is sent by a server, the signature *# algorithm MUST be one offered in the client's "signature_algorithms" *# extension unless no valid certificate chain can be produced without *# unsupported algorithms * * TLS1.3 clients: - *= https://www.rfc-editor.org/rfc/rfc8446.html#section-4.4.3 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.4.3 *= type=exception *= reason=Compatibility with hypothetical faulty peers *# If sent by a client, the signature algorithm used in the signature diff --git a/tls/s2n_tls13_key_schedule.c b/tls/s2n_tls13_key_schedule.c index e86660874a0..3062e60ff5d 100644 --- a/tls/s2n_tls13_key_schedule.c +++ b/tls/s2n_tls13_key_schedule.c @@ -23,7 +23,7 @@ #define S2N_APPLICATION_SECRET S2N_MASTER_SECRET /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-A + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-A *# The notation "K_{send,recv} = foo" means "set *# the send/recv key to the given key". */ @@ -59,7 +59,7 @@ static S2N_RESULT s2n_tls13_key_schedule_get_keying_material( RESULT_ENSURE_REF(cipher); /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.3 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.3 *# The traffic keying material is generated from the following input *# values: *# @@ -71,7 +71,7 @@ static S2N_RESULT s2n_tls13_key_schedule_get_keying_material( RESULT_GUARD(s2n_tls13_secrets_get(conn, secret_type, mode, &secret)); /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.3 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.3 *# *# - A purpose value indicating the specific value being generated **/ @@ -79,7 +79,7 @@ static S2N_RESULT s2n_tls13_key_schedule_get_keying_material( const struct s2n_blob *iv_purpose = &s2n_tls13_label_traffic_secret_iv; /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.3 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.3 *# *# - The length of the key being generated **/ @@ -96,7 +96,7 @@ static S2N_RESULT s2n_tls13_key_schedule_get_keying_material( RESULT_GUARD_POSIX(s2n_hmac_new(&hmac)); /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.3 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.3 *# *# The traffic keying material is generated from an input traffic secret *# value using: @@ -108,7 +108,7 @@ static S2N_RESULT s2n_tls13_key_schedule_get_keying_material( RESULT_GUARD_POSIX(s2n_hkdf_expand_label(&hmac, hmac_alg, &secret, key_purpose, &s2n_zero_length_context, key)); /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.3 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.3 *# [sender]_write_iv = HKDF-Expand-Label(Secret, "iv", "", iv_length) **/ RESULT_ENSURE_LTE(iv_size, iv->size); @@ -156,7 +156,7 @@ S2N_RESULT s2n_tls13_key_schedule_set_key(struct s2n_connection *conn, s2n_extra } /** - *= https://tools.ietf.org/rfc/rfc8446#section-5.3 + *= https://www.rfc-editor.org/rfc/rfc8446#section-5.3 *# Each sequence number is *# set to zero at the beginning of a connection and whenever the key is *# changed; the first record transmitted under a particular traffic key @@ -176,13 +176,13 @@ static S2N_RESULT s2n_client_key_schedule(struct s2n_connection *conn) /** * How client keys are set varies depending on early data state. * - *= https://tools.ietf.org/rfc/rfc8446#appendix-A + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-A *# Actions which are taken only in certain circumstances *# are indicated in []. */ /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-A.1 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-A.1 *# START <----+ *# Send ClientHello | | Recv HelloRetryRequest *# [K_send = early data] | | @@ -192,7 +192,7 @@ static S2N_RESULT s2n_client_key_schedule(struct s2n_connection *conn) K_send(conn, S2N_EARLY_SECRET); } /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-A.1 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-A.1 *# v | *# / WAIT_SH ----+ *# | | Recv ServerHello @@ -202,7 +202,7 @@ static S2N_RESULT s2n_client_key_schedule(struct s2n_connection *conn) K_recv(conn, S2N_HANDSHAKE_SECRET); } /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-A.1 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-A.1 *# Can | V *# send | WAIT_EE *# early | | Recv EncryptedExtensions @@ -227,7 +227,7 @@ static S2N_RESULT s2n_client_key_schedule(struct s2n_connection *conn) K_send(conn, S2N_HANDSHAKE_SECRET); } /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-A.1 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-A.1 *# | [Send Certificate [+ CertificateVerify]] *# Can send | Send Finished *# app data --> | K_send = K_recv = application @@ -237,7 +237,7 @@ static S2N_RESULT s2n_client_key_schedule(struct s2n_connection *conn) K_recv(conn, S2N_APPLICATION_SECRET); } /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-A.1 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-A.1 *# after here v *# CONNECTED */ @@ -251,7 +251,7 @@ static S2N_RESULT s2n_server_key_schedule(struct s2n_connection *conn) message_type_t message_type = s2n_conn_get_current_message_type(conn); /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-A.2 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-A.2 *# START <-----+ *# Recv ClientHello | | Send HelloRetryRequest *# v | @@ -266,7 +266,7 @@ static S2N_RESULT s2n_server_key_schedule(struct s2n_connection *conn) K_send(conn, S2N_HANDSHAKE_SECRET); } /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-A.2 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-A.2 *# | Send EncryptedExtensions *# | [Send CertificateRequest] *# Can send | [Send Certificate + CertificateVerify] @@ -277,7 +277,7 @@ static S2N_RESULT s2n_server_key_schedule(struct s2n_connection *conn) K_send(conn, S2N_APPLICATION_SECRET); /* clang-format off */ /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-A.2 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-A.2 *# here +--------+--------+ *# No 0-RTT | | 0-RTT *# | | @@ -291,7 +291,7 @@ static S2N_RESULT s2n_server_key_schedule(struct s2n_connection *conn) } } /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-A.2 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-A.2 *# [Skip decrypt errors] | +------> WAIT_EOED -+ *# | | Recv | | Recv EndOfEarlyData *# | | early data | | K_recv = handshake @@ -301,7 +301,7 @@ static S2N_RESULT s2n_server_key_schedule(struct s2n_connection *conn) K_recv(conn, S2N_HANDSHAKE_SECRET); } /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-A.2 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-A.2 *# | | *# +> WAIT_FLIGHT2 <--------+ *# | @@ -323,7 +323,7 @@ static S2N_RESULT s2n_server_key_schedule(struct s2n_connection *conn) K_recv(conn, S2N_APPLICATION_SECRET); } /** - *= https://tools.ietf.org/rfc/rfc8446#appendix-A.2 + *= https://www.rfc-editor.org/rfc/rfc8446#appendix-A.2 *# v *# CONNECTED */ diff --git a/tls/s2n_tls13_secrets.c b/tls/s2n_tls13_secrets.c index 9bdfeb17a00..f3272977ba7 100644 --- a/tls/s2n_tls13_secrets.c +++ b/tls/s2n_tls13_secrets.c @@ -34,7 +34,7 @@ (struct s2n_blob){ .data = (conn)->handshake.mode##_finished, .size = s2n_get_hash_len(CONN_HMAC_ALG(conn)) }) /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# If a given secret is not available, then the 0-value consisting of a *# string of Hash.length bytes set to zeros is used. */ @@ -46,7 +46,7 @@ static uint8_t zero_value_bytes[S2N_MAX_HASHLEN] = { 0 }; * When an operation doesn't need an actual transcript hash, * it uses an empty transcript hash as an input instead. * - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# Note that in some cases a zero- *# length Context (indicated by "") is passed to HKDF-Expand-Label */ @@ -139,7 +139,7 @@ static S2N_RESULT s2n_extract_secret(s2n_hmac_algorithm hmac_alg, } /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# Derive-Secret(Secret, Label, Messages) = *# HKDF-Expand-Label(Secret, Label, *# Transcript-Hash(Messages), Hash.length) @@ -190,7 +190,7 @@ static S2N_RESULT s2n_derive_secret_without_context(struct s2n_connection *conn, } /** - *= https://tools.ietf.org/rfc/rfc8446#section-4.4.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.4.4 *# The key used to compute the Finished message is computed from the *# Base Key defined in Section 4.4 using HKDF (see Section 7.1). *# Specifically: @@ -251,13 +251,13 @@ static S2N_RESULT s2n_trigger_secret_callbacks(struct s2n_connection *conn, } /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# 0 *# | *# v *# PSK -> HKDF-Extract = Early Secret * - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# There are multiple potential Early Secret values, depending on which *# PSK the server ultimately selects. The client will need to compute *# one for each potential PSK @@ -295,7 +295,7 @@ static S2N_RESULT s2n_extract_early_secret_for_schedule(struct s2n_connection *c } /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# if no PSK is selected, it will then need *# to compute the Early Secret corresponding to the zero PSK. */ @@ -318,7 +318,7 @@ static S2N_RESULT s2n_extract_early_secret_for_schedule(struct s2n_connection *c } /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# | *# +-----> Derive-Secret(., "ext binder" | "res binder", "") *# | = binder_key @@ -342,7 +342,7 @@ S2N_RESULT s2n_derive_binder_key(struct s2n_psk *psk, struct s2n_blob *output) } /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# | *# +-----> Derive-Secret(., "c e traffic", ClientHello) *# | = client_early_traffic_secret @@ -358,7 +358,7 @@ static S2N_RESULT s2n_derive_client_early_traffic_secret(struct s2n_connection * } /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# | *# v *# Derive-Secret(., "derived", "") @@ -387,7 +387,7 @@ static S2N_RESULT s2n_extract_handshake_secret(struct s2n_connection *conn) } /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# | *# +-----> Derive-Secret(., "c hs traffic", *# | ClientHello...ServerHello) @@ -408,7 +408,7 @@ static S2N_RESULT s2n_derive_client_handshake_traffic_secret(struct s2n_connecti * The client finished key needs to be calculated using the * same connection state as the client handshake secret. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.4.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.4.4 *# The key used to compute the Finished message is computed from the *# Base Key defined in Section 4.4 using HKDF (see Section 7.1). */ @@ -419,7 +419,7 @@ static S2N_RESULT s2n_derive_client_handshake_traffic_secret(struct s2n_connecti } /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# | *# +-----> Derive-Secret(., "s hs traffic", *# | ClientHello...ServerHello) @@ -440,7 +440,7 @@ static S2N_RESULT s2n_derive_server_handshake_traffic_secret(struct s2n_connecti * The server finished key needs to be calculated using the * same connection state as the server handshake secret. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.4.4 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.4.4 *# The key used to compute the Finished message is computed from the *# Base Key defined in Section 4.4 using HKDF (see Section 7.1). */ @@ -451,7 +451,7 @@ static S2N_RESULT s2n_derive_server_handshake_traffic_secret(struct s2n_connecti } /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# v *# Derive-Secret(., "derived", "") *# | @@ -475,7 +475,7 @@ static S2N_RESULT s2n_extract_master_secret(struct s2n_connection *conn) } /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# | *# +-----> Derive-Secret(., "c ap traffic", *# | ClientHello...server Finished) @@ -492,7 +492,7 @@ static S2N_RESULT s2n_derive_client_application_traffic_secret(struct s2n_connec } /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# | *# +-----> Derive-Secret(., "s ap traffic", *# | ClientHello...server Finished) @@ -509,7 +509,7 @@ static S2N_RESULT s2n_derive_server_application_traffic_secret(struct s2n_connec } /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# | *# +-----> Derive-Secret(., "res master", *# ClientHello...client Finished) @@ -531,7 +531,7 @@ S2N_RESULT s2n_derive_resumption_master_secret(struct s2n_connection *conn) } /** - *= https://tools.ietf.org/rfc/rfc8446#section-7.1 + *= https://www.rfc-editor.org/rfc/rfc8446#section-7.1 *# | *# +-----> Derive-Secret(., "exp master", *# | ClientHello...server Finished) diff --git a/tls/s2n_tls_parameters.h b/tls/s2n_tls_parameters.h index cc34c33113a..a35b8d1d721 100644 --- a/tls/s2n_tls_parameters.h +++ b/tls/s2n_tls_parameters.h @@ -119,7 +119,7 @@ #define TLS_PSK_DHE_KE_MODE 1 /** - *= https://tools.ietf.org/rfc/rfc9001.txt#8.2 + *= https://www.rfc-editor.org/rfc/rfc9001#8.2 *# enum { *# quic_transport_parameters(0x39), (65535) *# } ExtensionType; diff --git a/tls/s2n_x509_validator.c b/tls/s2n_x509_validator.c index f7af91640dc..75b6842351e 100644 --- a/tls/s2n_x509_validator.c +++ b/tls/s2n_x509_validator.c @@ -780,7 +780,7 @@ S2N_RESULT s2n_x509_validator_validate_cert_chain(struct s2n_x509_validator *val /* Only process certificate extensions received in the first certificate. Extensions received in all other * certificates are ignored. * - *= https://tools.ietf.org/rfc/rfc8446#section-4.4.2 + *= https://www.rfc-editor.org/rfc/rfc8446#section-4.4.2 *# If an extension applies to the entire chain, it SHOULD be included in *# the first CertificateEntry. */ @@ -879,7 +879,7 @@ S2N_RESULT s2n_x509_validator_validate_cert_stapled_ocsp_response(struct s2n_x50 RESULT_ENSURE_REF(cert_id); /** - *= https://www.rfc-editor.org/rfc/rfc6960.html#section-2.4 + *= https://www.rfc-editor.org/rfc/rfc6960#section-2.4 *# *# thisUpdate The most recent time at which the status being *# indicated is known by the responder to have been