RFC --> IANA

The cipher suites names in the RFCs stem (mostly) from IANA, see
https://www.iana.org/assignments/tls-parameters/tls-parameters.xhtml#tls-parameters-4

This PR corrects that in places visible to the user. For backwards
compatibility the cmd line switches still work as before, but there's
a preference to IANA. The RFC naming is labeled as to be retired
in the future.

doc/testssl.1

@@ -1,7 +1,7 @@
 .\" generated with Ronn/v0.7.3
 .\" http://github.com/rtomayko/ronn/tree/0.7.3
 .
-.TH "TESTSSL" "1" "September 2018" "" ""
+.TH "TESTSSL" "1" "November 2018" "" ""
 .
 .SH "NAME"
 \fBtestssl\fR
@@ -318,23 +318,26 @@ Security headers (X\-Frame\-Options, X\-XSS\-Protection, \.\.\., CSP headers)
 \fB\-\-wide\fR Except the "each cipher output" all tests displays the single cipher name (scheme see below)\. This option enables testssl\.sh to display also for the following sections the same output as for testing each ciphers: BEAST, PFS, RC4\. The client simulation has also a wide mode\. The difference here is restricted to a column aligned output and a proper headline\. The environment variable \fBWIDE\fR can be used instead\.
 .
 .P
-\fB\-\-mapping <openssl|rfc|no\-openssl|no\-rfc>\fR
+\fB\-\-mapping <openssl|iana|no\-openssl|no\-iana>\fR
 .
 .IP "\(bu" 4
 \fBopenssl\fR: use the OpenSSL cipher suite name as the primary name cipher suite name form (default),
 .
 .IP "\(bu" 4
-\fBrfc\fR: use the RFC cipher suite name as the primary name cipher suite name form\.
+\fBiana\fR: use the IANA cipher suite name as the primary name cipher suite name form\.
 .
 .IP "\(bu" 4
-\fBno\-openssl\fR: don\'t display the OpenSSL cipher suite name, display RFC names only\.
+\fBno\-openssl\fR: don\'t display the OpenSSL cipher suite name, display IANA names only\.
 .
 .IP "\(bu" 4
-\fBno\-rfc\fR: don\'t display the RFC cipher suite name, display OpenSSL names only\.
+\fBno\-iana\fR: don\'t display the IANA cipher suite name, display OpenSSL names only\.
 .
 .IP "" 0
 .
 .P
+Please note that in testssl\.sh 3,0 you can still use \fBrfc\fR instead of \fBiana\fR and \fBno\-rfc\fR instead of \fBno\-iana\fR but it\'ll disappear after 3\.0\.
+.
+.P
 \fB\-\-show\-each\fR This is an option for all wide modes only: it displays all ciphers tested \-\- not only succeeded ones\. \fBSHOW_EACH_C\fR is your friend if you prefer to set this via the shell environment\.
 .
 .P
@@ -738,7 +741,7 @@ TLSWG Draft: The Transport Layer Security (TLS) Protocol Version 1\.3
 \fBetc/*pem\fR Here are the certificate stores from Apple, Linux, Mozilla Firefox, Windows\.
 .
 .P
-\fBetc/mapping\-rfc\.txt\fR Provides a mandatory file with mapping from OpenSSL cipher suites names to the ones from IANA / used in the RFCs\.
+\fBetc/cipher\-mapping\.txt\fR Provides a mandatory file with mapping from OpenSSL cipher suites names to the ones from IANA / used in the RFCs\.
 .
 .P
 \fBetc/tls_data\.txt\fR Provides a mandatory file for ciphers (bash sockets) and key material\.

doc/testssl.1.html

@@ -334,16 +334,19 @@ The same can be achieved by setting the environment variable <code>WARNINGS</cod
 
 <p><code>--wide</code>                        Except the "each cipher output" all tests displays the single cipher name (scheme see below). This option enables testssl.sh to display also for the following sections the same output as for testing each ciphers: BEAST, PFS, RC4. The client simulation has also a wide mode. The difference here is restricted to a column aligned output and a proper headline. The environment variable <code>WIDE</code> can be used instead.</p>
 
-<p><code>--mapping &lt;openssl|rfc|no-openssl|no-rfc></code></p>
+<p><code>--mapping &lt;openssl|iana|no-openssl|no-iana></code></p>
 
 <ul>
 <li><code>openssl</code>: use the OpenSSL cipher suite name as the primary name cipher suite name form (default),</li>
-<li><code>rfc</code>: use the RFC cipher suite name as the primary name cipher suite name form.</li>
-<li><code>no-openssl</code>: don't display the OpenSSL cipher suite name, display RFC names only.</li>
-<li><code>no-rfc</code>: don't display the RFC cipher suite name, display OpenSSL names only.</li>
+<li><code>iana</code>: use the IANA cipher suite name as the primary name cipher suite name form.</li>
+<li><code>no-openssl</code>: don't display the OpenSSL cipher suite name, display IANA names only.</li>
+<li><code>no-iana</code>: don't display the IANA cipher suite name, display OpenSSL names only.</li>
 </ul>
 
 
+<p>Please note that in testssl.sh 3,0 you can still use <code>rfc</code> instead of <code>iana</code> and <code>no-rfc</code> instead of <code>no-iana</code> but it'll disappear
+after 3.0.</p>
+
 <p><code>--show-each</code>                   This is an option for all wide modes only: it displays all ciphers tested -- not only succeeded ones.  <code>SHOW_EACH_C</code> is your friend if you prefer to set this via the shell environment.</p>
 
 <p><code>--color &lt;0|1|2|3></code>               It determines the use of colors on the screen: <code>2</code> is the default and makes use of ANSI and termcap escape codes on your terminal. <code>1</code> just uses non-colored mark-up like bold, italics, underline, reverse.  <code>0</code> means no mark-up at all = no escape codes. <code>3</code> will color ciphers and EC according to an internal (not yet perfect) rating. Setting the environment variable <code>COLOR</code> achieves the same result.</p>
@@ -541,11 +544,11 @@ to create the hashes for HPKP.</li>
 
 <h2 id="FILES">FILES</h2>
 
-<p><strong>etc/*pem</strong>             Here are the certificate stores from Apple, Linux, Mozilla Firefox, Windows.</p>
+<p><strong>etc/*pem</strong>               Here are the certificate stores from Apple, Linux, Mozilla Firefox, Windows.</p>
 
-<p><strong>etc/mapping-rfc.txt</strong>   Provides a mandatory file with mapping from OpenSSL cipher suites names to the ones from IANA / used in the RFCs.</p>
+<p><strong>etc/cipher-mapping.txt</strong>  Provides a mandatory file with mapping from OpenSSL cipher suites names to the ones from IANA / used in the RFCs.</p>
 
-<p><strong>etc/tls_data.txt</strong>      Provides a mandatory file for ciphers (bash sockets) and key material.</p>
+<p><strong>etc/tls_data.txt</strong>        Provides a mandatory file for ciphers (bash sockets) and key material.</p>
 
 <h2 id="AUTHORS">AUTHORS</h2>
 
@@ -571,7 +574,7 @@ to create the hashes for HPKP.</li>
 
   <ol class='man-decor man-foot man foot'>
     <li class='tl'></li>
-    <li class='tc'>September 2018</li>
+    <li class='tc'>November 2018</li>
     <li class='tr'>testssl(1)</li>
   </ol>
 

doc/testssl.1.md

@@ -257,12 +257,15 @@ The same can be achieved by setting the environment variable `WARNINGS`.
 `--wide`                        Except the "each cipher output" all tests displays the single cipher name (scheme see below). This option enables testssl.sh to display also for the following sections the same output as for testing each ciphers: BEAST, PFS, RC4. The client simulation has also a wide mode. The difference here is restricted to a column aligned output and a proper headline. The environment variable `WIDE` can be used instead.
 
 
-`--mapping <openssl|rfc|no-openssl|no-rfc>`
+`--mapping <openssl|iana|no-openssl|no-iana>`
 
 * `openssl`: use the OpenSSL cipher suite name as the primary name cipher suite name form (default),
-* `rfc`: use the RFC cipher suite name as the primary name cipher suite name form.
-* `no-openssl`: don't display the OpenSSL cipher suite name, display RFC names only.
-* `no-rfc`: don't display the RFC cipher suite name, display OpenSSL names only.
+* `iana`: use the IANA cipher suite name as the primary name cipher suite name form.
+* `no-openssl`: don't display the OpenSSL cipher suite name, display IANA names only.
+* `no-iana`: don't display the IANA cipher suite name, display OpenSSL names only.
+
+Please note that in testssl.sh 3,0 you can still use `rfc` instead of `iana` and `no-rfc` instead of `no-iana` but it'll disappear
+after 3.0.
 
 
 `--show-each`                   This is an option for all wide modes only: it displays all ciphers tested -- not only succeeded ones.  `SHOW_EACH_C` is your friend if you prefer to set this via the shell environment.
@@ -466,11 +469,11 @@ does the same on the plain text IMAP port. Please note that for plain TLS-encryp
 
 ## FILES
 
-**etc/\*pem**             Here are the certificate stores from Apple, Linux, Mozilla Firefox, Windows.
+**etc/\*pem**               Here are the certificate stores from Apple, Linux, Mozilla Firefox, Windows.
 
-**etc/mapping-rfc.txt**   Provides a mandatory file with mapping from OpenSSL cipher suites names to the ones from IANA / used in the RFCs.
+**etc/cipher-mapping.txt**  Provides a mandatory file with mapping from OpenSSL cipher suites names to the ones from IANA / used in the RFCs.
 
-**etc/tls_data.txt**      Provides a mandatory file for ciphers (bash sockets) and key material.
+**etc/tls_data.txt**        Provides a mandatory file for ciphers (bash sockets) and key material.
 
 
 ## AUTHORS