"Dynamic Symmetric Key Provisioning Protocol (DSKPP)", Andrea Doherty, Mingliang Pei, Salah Machani, Magnus Nystrom, 28-Jul-09. ( bytes)

DSKPP is a client-server protocol for initialization (and configuration) of symmetric keys to locally and remotely accessible cryptographic modules. The protocol can be run with or without private-key capabilities in the cryptographic modules, and with or without an established public-key infrastructure. Two variations of the protocol support multiple usage scenarios. With the four-pass variant, keys are mutually generated by the provisioning server and cryptographic module; provisioned keys are not transferred over-the-wire or over-the-air. The two-pass variant enables secure and efficient download and installation of pre- generated symmetric keys to a cryptographic module. This document builds on information contained in [RFC4758], adding specific enhancements in response to implementation experience and liaison requests.

"Symmetric Key Package Content Type", Sean Turner, Russ Housley, 13-Jul-09. ( bytes)

This document defines the symmetric key format content type. It is transport independent. The Cryptographic Message Syntax can be used to digitally sign, digest, authenticate, or encrypt this content type.

"Portable Symmetric Key Container (PSKC)", Philip Hoyer, Mingliang Pei, Salah Machani, 9-Jun-09. ( bytes)

This document specifies a symmetric key format for transport and provisioning of symmetric keys to different types of crypto modules. For example One Time Password (OTP) shared secrets or symmetric cryptographic keys to strong authentication devices. The standard key transport format enables enterprises to deploy best-of-breed solutions combining components from different vendors into the same infrastructure.

Return to Internet-Draft directory.

Return to IETF home page.