< draft-moriarty-pkcs12v1-1-03.txt   draft-moriarty-pkcs12v1-1-05.txt >
Network Working Group K. Moriarty, Ed. Network Working Group K. Moriarty, Ed.
Internet-Draft EMC Internet-Draft EMC
Intended status: Informational M. Nystrom Intended status: Informational M. Nystrom
Expires: May 29, 2014 Microsoft Corporation Expires: November 9, 2014 Microsoft Corporation
S. Parkinson S. Parkinson
A. Rusch A. Rusch
M. Scott M. Scott
RSA RSA
November 25, 2013 May 8, 2014
PKCS #12: Personal Information Exchange Syntax v1.1 PKCS #12: Personal Information Exchange Syntax v1.1
draft-moriarty-pkcs12v1-1-03.txt draft-moriarty-pkcs12v1-1-05.txt
Abstract Abstract
This document represents a republication of PKCS #12 v1.1
(Republication) From RSA Laboratories' Public Key Cryptography
Standard (PKCS) series. Change control is transferred to the IETF,
and generally all rights in the copyright are hereby assigned from
RSA to IETF, except that RSA reserves the internal right to continue
publishing, with the right to modify, and distributing the
Republication and its predecessors internally to RSA and its parent
company EMC, including the right to make modifications to the
Republication and its predecessors (the "RSA Internal Right"). For
avoidance of doubt, RSA's Internal Right includes the right to post
on its public website for use by other parties. The body of this
document, except for the security considerations section, is taken
directly from the PKCS #12 v1.1 specification. The list of
references and the in-line cites have been updated or added where
appropriate to cite the most current documents in addition to those
current at the original publication of PKCS #12 v1.1.
PKCS #12 v1.1 describes a transfer syntax for personal identity PKCS #12 v1.1 describes a transfer syntax for personal identity
information, including private keys, certificates, miscellaneous information, including private keys, certificates, miscellaneous
secrets, and extensions. Machines, applications, browsers, Internet secrets, and extensions. Machines, applications, browsers, Internet
kiosks, and so on, that support this standard will allow a user to kiosks, and so on, that support this standard will allow a user to
import, export, and exercise a single set of personal identity import, export, and exercise a single set of personal identity
information. This standard supports direct transfer of personal information. This standard supports direct transfer of personal
information under several privacy and integrity modes. information under several privacy and integrity modes.
This document represents a republication of PKCS #12 v1.1 from RSA
Laboratories' Public Key Cryptography Standard (PKCS) series. By
publishing this RFC, change control is transferred to the IETF.
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on May 29, 2014. This Internet-Draft will expire on November 9, 2014.
Copyright Notice Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the Copyright (c) 2014 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 3, line 41 skipping to change at page 3, line 41
8.2. Informative References . . . . . . . . . . . . . . . . . . 19 8.2. Informative References . . . . . . . . . . . . . . . . . . 19
Appendix A. Message Authentication Codes (MACs) . . . . . . . . . 19 Appendix A. Message Authentication Codes (MACs) . . . . . . . . . 19
Appendix B. Deriving keys and IVs from passwords and salt . . . . 20 Appendix B. Deriving keys and IVs from passwords and salt . . . . 20
B.1. Password formatting . . . . . . . . . . . . . . . . . . . 20 B.1. Password formatting . . . . . . . . . . . . . . . . . . . 20
B.2. General method . . . . . . . . . . . . . . . . . . . . . . 21 B.2. General method . . . . . . . . . . . . . . . . . . . . . . 21
B.3. More on the ID byte . . . . . . . . . . . . . . . . . . . 22 B.3. More on the ID byte . . . . . . . . . . . . . . . . . . . 22
B.4. Keys for password integrity mode . . . . . . . . . . . . . 22 B.4. Keys for password integrity mode . . . . . . . . . . . . . 22
Appendix C. Keys and IVs for password privacy mode . . . . . . . 23 Appendix C. Keys and IVs for password privacy mode . . . . . . . 23
Appendix D. ASN.1 module . . . . . . . . . . . . . . . . . . . . 24 Appendix D. ASN.1 module . . . . . . . . . . . . . . . . . . . . 24
Appendix E. Intellectual property considerations . . . . . . . . 28 Appendix E. Intellectual property considerations . . . . . . . . 28
Appendix F. Acknowledgements . . . . . . . . . . . . . . . . . . 29 Appendix F. Acknowledgments . . . . . . . . . . . . . . . . . . . 29
Appendix G. About PKCS . . . . . . . . . . . . . . . . . . . . . 29 Appendix G. About PKCS . . . . . . . . . . . . . . . . . . . . . 29
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 29 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 29
1. Introduction 1. Introduction
This document represents a republication of PKCS #12 v1.1 from RSA
Laboratories' Public Key Cryptography Standard (PKCS) series. By
publishing this RFC, change control is transferred to the IETF. RSA
and its parent company EMC reserves the right to continue publishing
and distributing PKCS #12 v1.1 and its predecessors.
The body of this document, except for the security considerations
section, is taken directly from the PKCS #12 v1.1 specification. The
list of references and the in-line cites have been updated or added
where appropriate to cite the most current documents in addition to
those current at the original publication of PKCS #12 v1.1.
This standard describes a transfer syntax for personal identity This standard describes a transfer syntax for personal identity
information, including private keys, certificates, miscellaneous information, including private keys, certificates, miscellaneous
secrets, and extensions. Machines, applications, browsers, Internet secrets, and extensions. Machines, applications, browsers, Internet
kiosks, and so on, that support this standard will allow a user to kiosks, and so on, that support this standard will allow a user to
import, export, and exercise a single set of personal identity import, export, and exercise a single set of personal identity
information. information.
This standard supports direct transfer of personal information under This standard supports direct transfer of personal information under
several privacy and integrity modes. The most secure of the privacy several privacy and integrity modes. The most secure of the privacy
and integrity modes require the source and destination platforms to and integrity modes require the source and destination platforms to
skipping to change at page 5, line 14 skipping to change at page 5, line 24
o Removal of the export regulations discussion in the former o Removal of the export regulations discussion in the former
Appendix D. Appendix D.
o Replacement of RSA with EMC in the "Intellectual property o Replacement of RSA with EMC in the "Intellectual property
considerations". considerations".
o Many changes and additions to the references. o Many changes and additions to the references.
o A reference was added to SP 800-132 for its recommendations on o A reference was added to SP 800-132 for its recommendations on
selection of a the iteration count value for password integrity selection of the iteration count value for password integrity
(part of dictionary attack resistance). (part of dictionary attack resistance).
o Comment included on acronym expansion of PFX: The acronym is o Comment included on acronym expansion of PFX: The acronym is
sometimes expanded as Personal Information Exchange. sometimes expanded as Personal Information Exchange.
o In Appendix B, the phrase "no longer recommended" was changed to o In Appendix B, the phrase "no longer recommended" was changed to
not recommended in the following sentence to address a question not recommended in the following sentence to address a question
and make it clear the method was not recommended. "Note that this and make it clear the method was not recommended. "Note that this
method for password privacy mode is no longer recommended." method for password privacy mode is no longer recommended."
skipping to change at page 22, line 51 skipping to change at page 22, line 51
3. If ID=3, then the pseudo-random bits being produced are to be 3. If ID=3, then the pseudo-random bits being produced are to be
used as an integrity key for MACing. used as an integrity key for MACing.
B.4. Keys for password integrity mode B.4. Keys for password integrity mode
When password integrity mode is used to protect a PFX PDU, a password When password integrity mode is used to protect a PFX PDU, a password
and salt are used to derive a MAC key. As with password privacy and salt are used to derive a MAC key. As with password privacy
mode, the password is a Unicode string, and the salt is a byte mode, the password is a Unicode string, and the salt is a byte
string. No particular lengths are prescribed in this standard for string. No particular lengths are prescribed in this standard for
either the password or the salt, but the general advice about either the password or the salt, but the general advice about
passwords and salt that was given in Appendix C applies here, as passwords and salt that is given in Appendix C applies here, as well.
well.
The hash function used to derive MAC keys is whatever hash function The hash function used to derive MAC keys is whatever hash function
is going to be used for MACing. The MAC keys that are derived have is going to be used for MACing. The MAC keys that are derived have
the same length as the hash function's output. In this version of the same length as the hash function's output. In this version of
this standard, SHA-1, SHA-224, SHA-256, SHA384, SHA-512, SHA-512/224 this standard, SHA-1, SHA-224, SHA-256, SHA384, SHA-512, SHA-512/224
or SHA/512/256 can be used to perform MACing, and so the MAC keys can or SHA/512/256 can be used to perform MACing, and so the MAC keys can
be 160, 224, 256, 384 or 512 bits. See Appendix A for more be 160, 224, 256, 384 or 512 bits. See Appendix A for more
information on MACing. information on MACing.
Appendix C. Keys and IVs for password privacy mode Appendix C. Keys and IVs for password privacy mode
skipping to change at page 29, line 5 skipping to change at page 29, line 5
EMC Corporation makes no patent claims on the general constructions EMC Corporation makes no patent claims on the general constructions
described in this document, although specific underlying techniques described in this document, although specific underlying techniques
may be covered. may be covered.
RC2 and RC4 are trademarks of EMC Corporation. RC2 and RC4 are trademarks of EMC Corporation.
EMC Corporation makes no representations regarding intellectual EMC Corporation makes no representations regarding intellectual
property claims by other parties. Such determination is the property claims by other parties. Such determination is the
responsibility of the user. responsibility of the user.
Appendix F. Acknowledgements Appendix F. Acknowledgments
Many thanks to Dan Simon of Microsoft Corporation and Jim Spring of Many thanks to Dan Simon of Microsoft Corporation and Jim Spring of
Netscape Communications Corporation for their assistance in preparing Netscape Communications Corporation for their assistance in preparing
early drafts of this document. Especial thanks to Brian Beckman of early drafts of this document. Especial thanks to Brian Beckman of
Microsoft Corporation for writing the specification that this Microsoft Corporation for writing the specification that this
document is based on. document is based on.
Appendix G. About PKCS Appendix G. About PKCS
The Public-Key Cryptography Standards are specifications produced by The Public-Key Cryptography Standards are specifications produced by
skipping to change at page 29, line 40 skipping to change at page 29, line 40
Kathleen M. Moriarty (editor) Kathleen M. Moriarty (editor)
EMC Corporation EMC Corporation
176 South Street 176 South Street
Hopkinton, MA Hopkinton, MA
United States United States
Email: Kathleen.Moriarty@emc.com Email: Kathleen.Moriarty@emc.com
Magnus Nystrom Magnus Nystrom
Microsoft Corporation Microsoft Corporation
Editor affiliation address 1 Microsoft Way
Editor affiliation address Redmond, WA 98052
United States United States
Email: mnystrom@microsoft.com Email: mnystrom@microsoft.com
Sean Parkinson Sean Parkinson
RSA Security Inc. RSA Security Inc.
Editor affiliation address 345 Queen Street
Brisbane Brisbane, QLD, 4000
Australia Australia
Email: Sean.Parkinson@rsa.com Email: Sean.Parkinson@rsa.com
Andreas Rusch Andreas Rusch
RSA Security Inc. RSA Security Inc.
Editor affiliation address 345 Queen Street
Brisbane Brisbane, QLD, 4000
Australia Australia
Email: Andreas.Rusch@rsa.com Email: Andreas.Rusch@rsa.com
Michael Scott Michael Scott
RSA Security Inc. RSA Security Inc.
Editor affiliation address 345 Queen Street
Brisbane Brisbane, QLD, 4000
Australia Australia
Email: Michael2.Scott@rsa.com Email: Michael2.Scott@rsa.com
 End of changes. 16 change blocks. 
35 lines changed or deleted 33 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/