| < draft-housley-cms-mts-hash-sig-00.txt | draft-housley-cms-mts-hash-sig-01.txt > | |||
|---|---|---|---|---|
| INTERNET-DRAFT R. Housley | INTERNET-DRAFT R. Housley | |||
| Intended Status: Proposed Standard Vigil Security | Intended Status: Proposed Standard Vigil Security | |||
| Expires: 27 February 2014 26 August 2013 | Expires: 24 October 2014 24 April 2014 | |||
| Use of the Hash-based Merkle Tree Signature (MTS) Algorithm | Use of the Hash-based Merkle Tree Signature (MTS) Algorithm | |||
| in the Cryptographic Message Syntax (CMS) | in the Cryptographic Message Syntax (CMS) | |||
| <draft-housley-cms-mts-hash-sig-00> | <draft-housley-cms-mts-hash-sig-01> | |||
| Abstract | Abstract | |||
| This document specifies the conventions for using the Merkle Tree | This document specifies the conventions for using the Merkle Tree | |||
| Signatures (MTS) digital signature algorithm with the Cryptographic | Signatures (MTS) digital signature algorithm with the Cryptographic | |||
| Message Syntax (CMS). The MTS algorithm is one form of hash-based | Message Syntax (CMS). The MTS algorithm is one form of hash-based | |||
| digital signature. | digital signature. | |||
| Status of this Memo | Status of this Memo | |||
| skipping to change at page 1, line 41 ¶ | skipping to change at page 2, line 7 ¶ | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/1id-abstracts.html | http://www.ietf.org/1id-abstracts.html | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html | http://www.ietf.org/shadow.html | |||
| Copyright and License Notice | Copyright and License Notice | |||
| Copyright (c) 2013 IETF Trust and the persons identified as the | Copyright (c) 2014 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| skipping to change at page 7, line 30 ¶ | skipping to change at page 7, line 30 ¶ | |||
| is invented. The use of MTS signatures to protect software update | is invented. The use of MTS signatures to protect software update | |||
| distribution, perhaps using the format described in [FWPROT], will | distribution, perhaps using the format described in [FWPROT], will | |||
| allow the deployment of software that implements new cryptosystems. | allow the deployment of software that implements new cryptosystems. | |||
| 5. IANA Considerations | 5. IANA Considerations | |||
| {{ RFC Editor: Please remove this section prior to publication. }} | {{ RFC Editor: Please remove this section prior to publication. }} | |||
| This document has no actions for IANA. | This document has no actions for IANA. | |||
| 6. References | 6. Normative References | |||
| 6.1. Normative References | ||||
| [ASN1-02] ITU-T, "ITU-T Recommendation X.680, X.681, X.682, and | [ASN1-02] ITU-T, "ITU-T Recommendation X.680, X.681, X.682, and | |||
| X.683", ITU-T X.680, X.681, X.682, and X.683, 2002. | X.683", ITU-T X.680, X.681, X.682, and X.683, 2002. | |||
| [CMS] Housley, R., "Cryptographic Message Syntax (CMS)", STD 70, | [CMS] Housley, R., "Cryptographic Message Syntax (CMS)", STD 70, | |||
| RFC 5652, September 2009. | RFC 5652, September 2009. | |||
| [HASHSIG] McGrew, D., and M. Curcio, "Hash-Based Signatures", Work | [HASHSIG] McGrew, D., and M. Curcio, "Hash-Based Signatures", Work | |||
| in progress. <draft-mcgrew-hash-sigs-01> | in progress. <draft-mcgrew-hash-sigs-01> | |||
| [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate | [KEYWORDS] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| [SHS] National Institute of Standards and Technology (NIST), | [SHS] National Institute of Standards and Technology (NIST), | |||
| FIPS Publication 180-3: Secure Hash Standard, October | FIPS Publication 180-3: Secure Hash Standard, October | |||
| 2008. | 2008. | |||
| 6.2. Informative References | 7. Informative References | |||
| [BH2013] Ptacek, T., T. Ritter, J. Samuel, and A. Stamos, "The | [BH2013] Ptacek, T., T. Ritter, J. Samuel, and A. Stamos, "The | |||
| Factoring Dead: Preparing for the Cryptopocalypse", August | Factoring Dead: Preparing for the Cryptopocalypse", August | |||
| 2013. | 2013. | |||
| [https://media.blackhat.com/us-13/us-13-Stamos-The- | [https://media.blackhat.com/us-13/us-13-Stamos-The- | |||
| Factoring-Dead.pdf] | Factoring-Dead.pdf] | |||
| [CMSASN1] Hoffman, P. and J. Schaad, "New ASN.1 Modules for | [CMSASN1] Hoffman, P. and J. Schaad, "New ASN.1 Modules for | |||
| Cryptographic Message Syntax (CMS) and S/MIME", RFC 5911, | Cryptographic Message Syntax (CMS) and S/MIME", RFC 5911, | |||
| June 2010. | June 2010. | |||
| skipping to change at page 9, line 22 ¶ | skipping to change at page 9, line 12 ¶ | |||
| EXPORTS ALL; | EXPORTS ALL; | |||
| IMPORTS | IMPORTS | |||
| SIGNATURE-ALGORITHM PUBLIC-KEY | SIGNATURE-ALGORITHM PUBLIC-KEY | |||
| FROM AlgorithmInformation-2009 -- RFC 5911 [CMSASN1] | FROM AlgorithmInformation-2009 -- RFC 5911 [CMSASN1] | |||
| { iso(1) identified-organization(3) dod(6) internet(1) | { iso(1) identified-organization(3) dod(6) internet(1) | |||
| security(5) mechanisms(5) pkix(7) id-mod(0) | security(5) mechanisms(5) pkix(7) id-mod(0) | |||
| id-mod-algorithmInformation-02(58) } | id-mod-algorithmInformation-02(58) } | |||
| mda-sha256 | mda-sha256 | |||
| FROM PKIX1-PSS-OAEP-Algorithms-2009 -- RFC 5912 [PKIXASN1] | FROM PKIX1-PSS-OAEP-Algorithms-2009 -- RFC 5912 [PKIXASN1] | |||
| { iso(1) identified-organization(3) dod(6) | { iso(1) identified-organization(3) dod(6) | |||
| internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) | internet(1) security(5) mechanisms(5) pkix(7) id-mod(0) | |||
| id-mod-pkix1-rsa-pkalgs-02(54) } ; | id-mod-pkix1-rsa-pkalgs-02(54) } ; | |||
| -- | -- | |||
| -- Object Identifiers | -- Object Identifiers | |||
| -- | -- | |||
| id-smime OBJECT IDENTIFIER ::= { iso(1) member-body(2) | id-smime OBJECT IDENTIFIER ::= { iso(1) member-body(2) | |||
| us(840) rsadsi(113549) pkcs(1) pkcs9(9) 16 } | us(840) rsadsi(113549) pkcs(1) pkcs9(9) 16 } | |||
| id-alg OBJECT IDENTIFIER ::= { id-smime 3 } | id-alg OBJECT IDENTIFIER ::= { id-smime 3 } | |||
| End of changes. 6 change blocks. | ||||
| 11 lines changed or deleted | 9 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||