diff --git a/openssl-rfc.mappping.html b/openssl-rfc.mappping.html
index 6dd7538..c916534 100644
--- a/openssl-rfc.mappping.html
+++ b/openssl-rfc.mappping.html
@@ -204,9 +204,32 @@ td { border:1px solid #999; }
 <tr><td> [0xc030]</td><td>   ECDHE-RSA-AES256-GCM-SHA384  </td><td> ECDH     </td><td>   AESGCM  </td><td>  256          </td><td> TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384   </td></tr>
 <tr><td> [0xc031]</td><td>   ECDH-RSA-AES128-GCM-SHA256   </td><td> ECDH/RSA </td><td>   AESGCM  </td><td>  128          </td><td> TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256    </td></tr>
 <tr><td> [0xc032]</td><td>   ECDH-RSA-AES256-GCM-SHA384   </td><td> ECDH/RSA </td><td>   AESGCM  </td><td>  256          </td><td> TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384    </td></tr>
+
+<tr><td> [0xc09c]</td><td>   AES128-CCM                   </td><td> RSA      </td><td>   AESCCM  </td><td>  128          </td><td> TLS_RSA_WITH_AES_128_CCM        </td></tr>
+<tr><td> [0xc09d]</td><td>   AES256-CCM                   </td><td> RSA      </td><td>   AESCCM  </td><td>  256          </td><td> TLS_RSA_WITH_AES_256_CCM        </td></tr>
+<tr><td> [0xc09e]</td><td>   DHE-RSA-AES128-CCM           </td><td> DH       </td><td>   AESCCM  </td><td>  128          </td><td> TLS_DHE_RSA_WITH_AES_128_CCM    </td></tr>
+<tr><td> [0xc09f]</td><td>   DHE-RSA-AES256-CCM           </td><td> DH       </td><td>   AESCCM  </td><td>  256          </td><td> TLS_DHE_RSA_WITH_AES_256_CCM    </td></tr>
+<tr><td> [0xc0a0]</td><td>   AES128-CCM8                  </td><td> RSA      </td><td>   AESCCM8 </td><td>  128          </td><td> TLS_RSA_WITH_AES_128_CCM_8    </td></tr>
+<tr><td> [0xc0a1]</td><td>   AES256-CCM8                  </td><td> RSA      </td><td>   AESCCM8 </td><td>  256          </td><td> TLS_RSA_WITH_AES_256_CCM_8    </td></tr>
+<tr><td> [0xc0a2]</td><td>   DHE-RSA-AES128-CCM8          </td><td> DH       </td><td>   AESCCM8 </td><td>  128          </td><td> TLS_DHE_RSA_WITH_AES_128_CCM_8 </td></tr>
+<tr><td> [0xc0a3]</td><td>   DHE-RSA-AES256-CCM8          </td><td> DH       </td><td>   AESCCM8 </td><td>  256          </td><td> TLS_DHE_RSA_WITH_AES_256_CCM_8 </td></tr>
+<tr><td> [0xc0a4]</td><td>   PSK-AES128-CCM               </td><td> PSK      </td><td>   AESCCM  </td><td>  128          </td><td> TLS_PSK_WITH_AES_128_CCM        </td></tr>
+<tr><td> [0xc0a5]</td><td>   PSK-AES256-CCM               </td><td> PSK      </td><td>   AESCCM  </td><td>  256          </td><td> TLS_PSK_WITH_AES_256_CCM        </td></tr>
+<tr><td> [0xc0a6]</td><td>   DHE-PSK-AES128-CCM           </td><td> PSK/DHE  </td><td>   AESCCM  </td><td>  128          </td><td> TLS_DHE_PSK_WITH_AES_128_CCM    </td></tr>
+<tr><td> [0xc0a7]</td><td>   DHE-PSK-AES256-CCM           </td><td> PSK/DHE  </td><td>   AESCCM  </td><td>  256          </td><td> TLS_DHE_PSK_WITH_AES_256_CCM    </td></tr>
+<tr><td> [0xc0a8]</td><td>   PSK-AES128-CCM8              </td><td> PSK      </td><td>   AESCCM  </td><td>  128          </td><td> TLS_PSK_WITH_AES_128_CCM_8      </td></tr>
+<tr><td> [0xc0a9]</td><td>   PSK-AES256-CCM8              </td><td> PSK      </td><td>   AESCCM  </td><td>  256          </td><td> TLS_PSK_WITH_AES_256_CCM_8      </td></tr>
+<tr><td> [0xc0aa]</td><td>   DHE-PSK-AES128-CCM8          </td><td> PSK/DHE  </td><td>   AESCCM  </td><td>  128          </td><td> TLS_PSK_DHE_WITH_AES_128_CCM_8  </td></tr>
+<tr><td> [0xc0ab]</td><td>   DHE-PSK-AES256-CCM8          </td><td> PSK/DHE  </td><td>   AESCCM  </td><td>  256          </td><td> TLS_PSK_DHE_WITH_AES_256_CCM_8  </td></tr>
+<tr><td> [0xc0ac]</td><td>   ECDHE-ECDSA-AES128-CCM       </td><td> ECDH     </td><td>   AESCCM  </td><td>  128          </td><td> TLS_ECDHE_ECDSA_WITH_AES_128_CCM</td></tr>
+<tr><td> [0xc0ad]</td><td>   ECDHE-ECDSA-AES256-CCM       </td><td> ECDH     </td><td>   AESCCM  </td><td>  256          </td><td> TLS_ECDHE_ECDSA_WITH_AES_256_CCM    </td></tr>
+<tr><td> [0xc0ae]</td><td>   ECDHE-ECDSA-AES128-CCM8      </td><td> ECDH     </td><td>   AESCCM  </td><td>  128          </td><td> TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8  </td></tr>
+<tr><td> [0xc0af]</td><td>   ECDHE-ECDSA-AES256-CCM8      </td><td> ECDH     </td><td>   AESCCM  </td><td>  256          </td><td> TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8  </td></tr>
+
 <tr><td> [0xcc13]</td><td>   ECDHE-RSA-CHACHA20-POLY1305  </td><td> ECDH     </td><td>   ChaCha20-Poly1305</td><td>    </td><td> TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256</td></tr>
 <tr><td> [0xcc14]</td><td>   ECDHE-ECDSA-CHACHA20-POLY1305</td><td> ECDH     </td><td>   ChaCha20-Poly1305</td><td>     </td><td> TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256</td></tr>
 <tr><td> [0xcc15]</td><td>   DHE-RSA-CHACHA20-POLY1305    </td><td> DH       </td><td>   ChaCha20-Poly1305</td><td>     </td><td> TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256</td></tr>
+
 <tr><td> [0xff00]</td><td>   GOST-MD5                     </td><td> RSA      </td><td>   GOST89  </td><td>  256    </td><td>TLS_GOSTR341094_RSA_WITH_28147_CNT_MD5</td></tr>
 <tr><td> [0xff01]</td><td>   GOST-GOST94                  </td><td> RSA      </td><td>   GOST89  </td><td>  256    </td><td>TLS_RSA_WITH_28147_CNT_GOST94</td></tr>
 <tr><td> [0xff02]</td><td>   GOST-GOST89MAC               </td><td> RSA      </td><td>   GOST89  </td><td>  256    </td></tr>
diff --git a/testssl.sh b/testssl.sh
index e99f5ce..47b719e 100755
--- a/testssl.sh
+++ b/testssl.sh
@@ -198,6 +198,7 @@ HAS_DH_BITS=${HAS_DH_BITS:-false}
 HAS_SSL2=true                           #TODO: in the future we'll do the fastest possible test (openssl s_client -ssl2 is currently faster than sockets)
 HAS_SSL3=true
 HAS_ALPN=false
+ADD_RFC_STR="rfc"                       # display RFC ciphernames
 PORT=443                                # unless otherwise auto-determined, see below
 NODE=""
 NODEIP=""
@@ -1251,17 +1252,17 @@ rfc2openssl() {
 
 
 show_rfc_style(){
-     local rfcname
+     [[ -z "$ADD_RFC_STR" ]] && return 1
 
-     [[ -z "$MAPPING_FILE_RFC" ]] && return 1
+     local rfcname
      rfcname=$(grep -iw "$1" "$MAPPING_FILE_RFC" | sed -e 's/^.*TLS/TLS/' -e 's/^.*SSL/SSL/')
      [[ -n "$rfcname" ]] && out "$rfcname"
      return 0
 }
 
 neat_header(){
-     printf -- "Hexcode  Cipher Suite Name (OpenSSL)    KeyExch.   Encryption Bits${MAPPING_FILE_RFC:+        Cipher Suite Name (RFC)}\n"
-     printf -- "%s-------------------------------------------------------------------------${MAPPING_FILE_RFC:+----------------------------------------------}\n"
+     printf -- "Hexcode  Cipher Suite Name (OpenSSL)    KeyExch.   Encryption Bits${ADD_RFC_STR:+        Cipher Suite Name (RFC)}\n"
+     printf -- "%s-------------------------------------------------------------------------${ADD_RFC_STR:+-------------------------------------------------}\n"
 }
 
 
@@ -1288,11 +1289,8 @@ neat_list(){
           [[ "${#kx}" -eq 19 ]] && kx="$kx "      # 19 means DH, colored >=1000. Add another space
           #echo ${#kx}                            # should be always 20
      fi
-     #if [[ -r "$MAPPING_FILE_RFC" ]]; then
-          printf -- " %-7s %-30s %-10s %-11s%-11s${MAPPING_FILE_RFC:+ %-48s}${SHOW_EACH_C:+  }" "$hexcode" "$ossl_cipher" "$kx" "$enc" "$strength" "$(show_rfc_style $HEXC)"
-     #else
-     #    printf -- " %-7s %-30s %-10s %-11s%-11s${SHOW_EACH_C:+  }" "$1" "$2" "$kx" "$enc" "$strength"
-     #fi
+
+     printf -- " %-7s %-30s %-10s %-11s%-11s${ADD_RFC_STR:+ %-48s}${SHOW_EACH_C:+  %-0s}" "$hexcode" "$ossl_cipher" "$kx" "$enc" "$strength" "$(show_rfc_style $HEXC)"
 }
 
 test_just_one(){
@@ -4550,7 +4548,7 @@ get_install_dir() {
           [[ -r "$INSTALL_DIR/mapping-rfc.txt" ]] && MAPPING_FILE_RFC="$INSTALL_DIR/mapping-rfc.txt"
      fi
 
-     [[ ! -r "$MAPPING_FILE_RFC" ]] && unset MAPPING_FILE_RFC && pr_litemagentaln "\nNo mapping file found"
+     [[ ! -r "$MAPPING_FILE_RFC" ]] && unset MAPPING_FILE_RFC && unset ADD_RFC_STR && pr_litemagentaln "\nNo mapping file found"
      debugme echo "$MAPPING_FILE_RFC"
 }
 
@@ -4734,6 +4732,7 @@ tuning options (can also be preset via environment variables):
      --logfile <file>              logs stdout to <file/NODE-YYYYMMDD-HHMM.log> if file is a dir or to specified file
      --wide                        wide output for tests like RC4, BEAST. PFS also with hexcode, kx, strength, RFC name
      --show-each                   for wide outputs: display all ciphers tested -- not only succeeded ones
+     --mapping <no-rfc>            don't display the RFC Cipher Suite Name
      --warnings <batch|off|false>  "batch" doesn't wait for keypress, "off" or "false" skips connection warning
      --color <0|1|2>               0: no escape or other codes,  1: b/w escape codes,  2: color (default)
      --debug <0-6>                 1: screen output normal but debug output in temp files.  2-6: see line ~120
@@ -5863,6 +5862,16 @@ parse_cmd_line() {
                     OPENSSL=$(parse_opt_equal_sign "$1" "$2")
                     [[ $? -eq 0 ]] && shift
                     ;;
+               --mapping|--mapping=*)
+                    local cipher_mapping
+                    cipher_mapping=$(parse_opt_equal_sign "$1" "$2")
+                    [[ $? -eq 0 ]] && shift
+                    case "$cipher_mapping" in
+                         no-rfc) unset ADD_RFC_STR;;
+                         *)   pr_magentaln "\nmapping can only be \"no-rfc\""
+                              help 1 ;;
+                    esac
+                    ;;
                --proxy|--proxy=*)
                     PROXY=$(parse_opt_equal_sign "$1" "$2")
                     [[ $? -eq 0 ]] && shift