Name | Use | Mandatory | Change from 4210 |
---|---|---|---|

MSG_SIG_ALG | protection of PKI messages using signature | RSA | DSA/SHA1 Others:RSA/MD5, ECDSA |

MSG_MAC_ALG | protection of PKI messages using MACing | PasswordBasedMac | PasswordBasedMac Others:HMAC, X9.9 |

SYM_PENC_ALG | symmetric encryption of an end entity's private key where symmetric key is distributed out-of-band | AES-wrap | 3-DES(3-key-EDE), CBC Mode Others:AES, RC5, CAST-128 |

PROT_ENC_ALG | asymmetric algorithm used for encryption of (symmetric keys for encryption of) private keys transported in PKIMessages | D-H | D-H Others:RSA, ECDH |

PROT_SYM_ALG | symmetric encryption algorithm used for encryption of private key bits (a key of this type is encrypted using PROT_ENC_ALG) | AES | 3-DES(3-key-EDE), CBC Mode Others:AES, RC5, CAST-128 |

Name | Use | Mandatory |
---|---|---|

MSG_SIG_ALG | protection of PKI messages using signature and for SignedData, e.g., a private key transported in PKIMessages | RSA, ECDSA |

MSG_MAC_ALG | protection of PKI messages using MACing | PasswordBasedMac |

KM_KA_ALG | asymmetric key agreement algorithm used for agreement of a symmetric key for use with KM_KW_ALG | D-H, ECDH |

KM_KT_ALG | asymmetric key encryption algorithm used for transport of a symmetric key for PROT_SYM_ALG | RSA |

KM_KD_ALG | symmetric key derivation algorithm used for derivation of a symmetric key for use with KM_KW_ALG | PBKDF2 |

KM_KW_ALG | algorithm to wrap a symmetric key for PROT_SYM_ALG | AES-wrap |

PROT_SYM_ALG | symmetric content encryption algorithm used for encryption of EnvelopedData, e.g., a private key transported in PKIMessages | AES |

- Moved former Appendix A to new Section 7 as suggested by Rich and Russ (see thread "I-D Action: draft-ietf-lamps-cmp-algorithms-02.txt")
- Added a column to Table 1 in Section 7.2 to reflect the changes to RFC 4210
- Updated Table 2 in Section 7.3
- Added a paragraph to Section 9 to discuss backward compatibility with RFC 4210
- Minor changes in wording

- Added Hans Aschauer, Mike Ounsworth, and Serge Mister as co-author
- Changed to XML V3
- Added SHAKE digest algorithm to Section 2 as discussed at IETF 109
- Deleted DSA from Section 3 as discussed at IETF 109
- Added RSASSA-PSS with SHAKE to Section 3
- Added SECP curves the section on ECDSA with SHA2, ECDSA with SHAKE, and EdDSA to Section 3 as discussed at IETF 109
- Deleted static-static D-H and ECDH from Section 4.1 based on the discussion on the mailing list (see thread "[CMP Algorithms] Section 4.1.1 and 4.1.2 drop static-static (EC)DH key agreement algorithms for use in CMP")
- Added ECDH OIDs and SECP curves, as well as ECDH with curve25519 and curve448 to Section 4.1 as discussed at IETF 109
- Deleted RSA-OAEP from Section 4.2 first as discussed at IETF 109, but re-added it after discussion on the mailing list (see thread "Mail regarding draft-ietf-lamps-cmp-algorithms")
- Added a paragraph to Section 4.3.1 to explain that the algorithms and key length for content encryption and key wrapping must be aligned as discussed on the mailing list (see thread "[CMP Algorithms] Use Key-Wrap with or without padding in Section 4.3 and Section 5")
- Deleted AES-CCM and AES-GMC from and added AES-CBC to Section 5 as discussed at IETF 109
- Added Section 6.1.2 to offer PBMAC1 as discusses on the mailing list (see thread "Mail regarding draft-ietf-lamps-crmf-update-algs-02") and restructured text in Section 6 to be easier to differentiate between password- and shared-key-based MAC
- Deleted Diffie-Hellmann based MAC from Section 6 as is only relevant when using enrolling Diffie-Hellmann certificates
- Added AES-GMAC and SHAKE-based KMAC to Section 6 as discussed at IETF 109
- Extended Section 9 to mention Russ supporting with two additional I-Ds and name further supporters of the draft
- Added a first draft of a generic algorithm selection guideline to Appendix A
- Added a first proposal for mandatory algorithms for the Lightweight CMP Profile to Appendix A
- Minor changes in wording

- Changed sections Symmetric Key-Encryption Algorithms and Content Encryption Algorithms based on the discussion on the mailing list (see thread "[CMP Algorithms] Use Key-Wrap with or without padding in Section 4.3 and Section 5")
- Added Appendix A with updated algorithms profile for RDC4210 Appendix D.2 and first proposal for the Lightweight CMP Profile
- Minor changes in wording