rification
     of Domain-Based Application Service Identity within Internet Public
     Key Infrastructure Using X.509 (PKIX) Certificates in the Context
     of Transport Layer Security (TLS)", March 2011, Available from
     <https://www.ietf.org/rfc/rfc6125.txt>.

[RFC7685]
     Adam Langley, "A Transport Layer Security (TLS) ClientHello Padding
     Extension", October 2015, Available from
     <https://www.ietf.org/rfc/rfc7685.txt>.

[RFC7613]
     Peter Saint-Andre and Alexey Melnikov, "Preparation, Enforcement,
     and Comparison of Internationalized Strings Representing Usernames
     and Passwords", August 2015, Available from
     <https://www.ietf.org/rfc/rfc7613.txt>.

[RFC2246]
     Tim Dierks and Christopher Allen, "The TLS Protocol Version 1.0",
     January 1999, Available from
     <https://www.ietf.org/rfc/rfc2246.txt>.

[RFC6083]
     M. Tuexen and R. Seggelmann and E. Rescorla, "Datagram Transport
     Layer Security (DTLS) for Stream Control Transmission Protocol
     (SCTP)", January 2011, Available from
     <https://www.ietf.org/rfc/rfc6083.txt>.

[RFC4418]
     Ted Krovetz, "UMAC: Message Authentication Code using Universal
     Hashing", March 2006, Available from
     <https://www.ietf.org/rfc/rfc4418.txt>.

[RFC4680]
     S. Santesson, "TLS Handshake Message for Supplemental Data",
     September 2006, Available from
     <https://www.ietf.org/rfc/rfc4680.txt>.

[RFC7633]
     P. Hallam-Baker, "X.509v3 Transport Layer Security (TLS) Feature
     Extension", October 2015, Available from
     <https://www.ietf.org/rfc/rfc7633.txt>.

[RFC7919]
     D. Gillmor, "Negotiated Finite Field Diffie-Hellman Ephemeral
     Parameters for Transport Layer Security (TLS)", August 2016,
     Available from <https://www.ietf.org/rfc/rfc7919.txt>.

[RFC4514]
     Kurt D. Zeilenga, "Lightweight Directory Access Protocol (LDAP):
     String Representation of Distinguished Names", June 2006, Available
     from <https://www.ietf.org/rfc/rfc4513.txt>.

[RFC4346]
     Tim Dierks and Eric Rescorla, "The TLS Protocol Version 1.1", Match
     2006, Available from <https://www.ietf.org/rfc/rfc4346.txt>.

[RFC4347]
     Eric Rescorla and Nagendra Modadugu, "Datagram Transport Layer
     Security", April 2006, Available from
     <https://www.ietf.org/rfc/rfc4347.txt>.

[RFC5246]
     Tim Dierks and Eric Rescorla, "The TLS Protocol Version 1.2",
     August 2008, Available from <https://www.ietf.org/rfc/rfc5246.txt>.

[RFC2440]
     Jon Callas, Lutz Donnerhacke, Hal Finney and Rodney Thayer,
     "OpenPGP Message Format", November 1998, Available from
     <https://www.ietf.org/rfc/rfc2440.txt>.

[RFC4880]
     Jon Callas, Lutz Donnerhacke, Hal Finney, David Shaw and Rodney
     Thayer, "OpenPGP Message Format", November 2007, Available from
     <https://www.ietf.org/rfc/rfc4880.txt>.

[RFC4211]
     J. Schaad, "Internet X.509 Public Key Infrastructure Certificate
     Request Message Format (CRMF)", September 2005, Available from
     <https://www.ietf.org/rfc/rfc4211.txt>.

[RFC2817]
     Rohit Khare and Scott Lawrence, "Upgrading to TLS Within HTTP/1.1",
     May 2000, Available from <https://www.ietf.org/rfc/rfc2817.txt>

[RFC2818]
     Eric Rescorla, "HTTP Over TLS", May 2000, Available from
     <https://www.ietf/rfc/rfc2818.txt>.

[RFC2945]
     Tom Wu, "The SRP Authentication and Key Exchange System", September
     2000, Available from <https://www.ietf.org/rfc/rfc2945.txt>.

[RFC7301]
     S. Friedl, A. Popov, A. Langley, E. Stephan, "Transport Layer
     Security (TLS) Application-Layer Protocol Negotiation Extension",
     July 2014, Available from <https://www.ietf.org/rfc/rfc7301.txt>.

[RFC2986]
     Magnus Nystrom and Burt Kaliski, "PKCS 10 v1.7: Certification
     Request Syntax Specification", November 2000, Available from
     <https://www.ietf.org/rfc/rfc2986.txt>.

[PKIX]
     D. Cooper, S. Santesson, S. Farrel, S. Boeyen, R. Housley, W. Polk,
     "Internet X.509 Public Key Infrastructure Certificate and
     Certificate Revocation List (CRL) Profile", May 2008, available
     from <https://www.ietf.org/rfc/rfc5280.txt>.

[RFC3749]
     Scott Hollenbeck, "Transport Layer Security Protocol Compression
     Methods", May 2004, available from
     <https://www.ietf.org/rfc/rfc3749.txt>.

[RFC3820]
     Steven Tuecke, Von Welch, Doug Engert, Laura Pearlman, and Mary
     Thompson, "Internet X.509 Public Key Infrastructure (PKI) Proxy
     Certificate Profile", June 2004, available from
     <https://www.ietf.org/rfc/rfc3820>.

[RFC6520]
     R. Seggelmann, M. Tuexen, and M. Williams, "Transport Layer
     Security (TLS) and Datagram Transport Layer Security (DTLS)
     Heartbeat Extension", February 2012, available from
     <https://www.ietf.org/rfc/rfc6520>.

[RFC5746]
     E. Rescorla, M. Ray, S. Dispensa, and N. Oskov, "Transport Layer
     Security (TLS) Renegotiation Indication Extension", February 2010,
     available from <https://www.ietf.org/rfc/rfc5746>.

[RFC5280]
     D. Cooper, S. Santesson, S. Farrell, S. Boeyen, R. Housley, and W.
     Polk, "Internet X.509 Public Key Infrastructure Certificate and
     Certificate Revocation List (CRL) Profile", May 2008, available
     from <https://www.ietf.org/rfc/rfc5280>.

[TLSTKT]
     Joseph Salowey, Hao Zhou, Pasi Eronen, Hannes Tschofenig,
     "Transport Layer Security (TLS) Session Resumption without
     Server-Side State", January 2008, available from
     <https://www.ietf.org/rfc/rfc5077>.

[PKCS12]
     RSA Laboratories, "PKCS 12 v1.0: Personal Information Exchange
     Syntax", June 1999, Available from <https://www.rsa.com>.

[PKCS11]
     RSA Laboratories, "PKCS #11 Base Functionality v2.30: Cryptoki –
     Draft 4", July 2009, Available from <https://www.rsa.com>.

[RESCORLA]
     Eric Rescorla, "SSL and TLS: Designing and Building Secure
     Systems", 2001

[SELKEY]
     Arjen Lenstra and Eric Verheul, "Selecting Cryptographic Key
     Sizes", 2003, available from
     <https://www.win.tue.nl/~klenstra/key.pdf>.

[SSL3]
     Alan Freier, Philip Karlton and Paul Kocher, "The Secure Sockets
     Layer (SSL) Protocol Version 3.0", August 2011, Available from
     <https://www.ietf.org/rfc/rfc6101.txt>.

[STEVENS]
     Richard Stevens, "UNIX Network Programming, Volume 1", Prentice
     Hall PTR, January 1998

[TLSEXT]
     Simon Blake-Wilson, Magnus Nystrom, David Hopwood, Jan Mikkelsen
     and Tim Wright, "Transport Layer Security (TLS) Extensions", June
     2003, Available from <https://www.ietf.org/rfc/rfc3546.txt>.

[TLSPGP]
     Nikos Mavrogiannopoulos, "Using OpenPGP keys for TLS
     authentication", January 2011.  Available from
     <https://www.ietf.org/rfc/rfc6091.txt>.

[TLSSRP]
     David Taylor, Trevor Perrin, Tom Wu and Nikos Mavrogiannopoulos,
     "Using SRP for TLS Authentication", November 2007.  Available from
     <https://www.ietf.org/rfc/rfc5054.txt>.

[TLSPSK]
     Pasi Eronen and Hannes Tschofenig, "Pre-shared key Ciphersuites for
     TLS", December 2005, Available from
     <https://www.ietf.org/rfc/rfc4279.txt>.

[TOMSRP]
     Tom Wu, "The Stanford SRP Authentication Project", Available at
     <https://srp.stanford.edu/>.

[WEGER]
     Arjen Lenstra and Xiaoyun Wang and Benne de Weger, "Colliding X.509
     Certificates", Cryptology ePrint Archive, Report 2005/067,
     Available at <https://eprint.iacr.org/>.

[ECRYPT]
     European Network of Excellence in Cryptology II, "ECRYPT II Yearly
     Report on Algorithms and Keysizes (2009-2010)", Available at
     <https://www.ecrypt.eu.org/documents/D.SPA.13.pdf>.

[RFC5056]
     N. Williams, "On the Use of Channel Bindings to Secure Channels",
     November 2007, available from <https://www.ietf.org/rfc/rfc5056>.

[RFC5764]
     D. McGrew, E. Rescorla, "Datagram Transport Layer Security (DTLS)
     Extension to Establish Keys for the Secure Real-time Transport
     Protocol (SRTP)On the Use of Channel Bindings to Secure Channels",
     May 2010, available from <https://www.ietf.org/rfc/rfc5764>.

[RFC5929]
     J. Altman, N. Williams, L. Zhu, "Channel Bindings for TLS", July
     2010, available from <https://www.ietf.org/rfc/rfc5929>.

[PKCS11URI]
     J. Pechanec, D. Moffat, "The PKCS#11 URI Scheme", April 2015,
     available from <https://www.ietf.org/rfc/rfc7512>.

[TPMURI]
     C. Latze, N. Mavrogiannopoulos, "The TPMKEY URI Scheme", January
     2013, Work in progress, available from
     <https://tools.ietf.org/html/draft-mavrogiannopoulos-tpmuri-01>.

[ANDERSON]
     R. J. Anderson, "Security Engineering: A Guide to Building
     Dependable Distributed Systems", John Wiley \& Sons, Inc., 2001.

[RFC4821]
     M. Mathis, J. Heffner, "Packetization Layer Path MTU Discovery",
     March 2007, available from <https://www.ietf.org/rfc/rfc4821.txt>.

[RFC2560]
     M. Myers et al, "X.509 Internet Public Key Infrastructure Online
     Certificate Status Protocol - OCSP", June 1999, Available from
     <https://www.ietf.org/rfc/rfc2560.txt>.

[RIVESTCRL]
     R. L. Rivest, "Can We Eliminate Certificate Revocation Lists?",
     Proceedings of Financial Cryptography '98; Springer Lecture Notes
     in Computer Science No.  1465 (Rafael Hirschfeld, ed.), February
     1998), pages 178-183, available from
     <https://people.csail.mit.edu/rivest/Rivest-CanWeEliminateCertificateRevocationLists.pdf>.

[RFC9266]
     S. Whited, "Channel Bindings for TLS 1.3", July 2022, available
     from <https://www.ietf.org/rfc/rfc9266.txt>.