It's won't used by real CA, so mostly theoretical lawyering.
BR's definition of authorized ports only says about port numbers,
Authorized Ports: One of the following ports: 80 (http), 443 (http), 25 (smtp), 22 (ssh).
while protocols it mentions all uses TCP as default, TCP and UDP ports are both assigned to same protocals.
Also TLS (as in RFC 4366) require specific protocol, and have well defined implantation (DTLS) that use TLS over UDP like OpenVPN, would using 3.2.2.4.10. TLS Using a Random Number challenge over 443/udp legal?