| < draft-housley-ct-keypackage-receipt-n-error-01.txt | draft-housley-ct-keypackage-receipt-n-error-02.txt > | |||
|---|---|---|---|---|
| Internet Engineering Task Force (IETF) Russ Housley | Internet Engineering Task Force (IETF) Russ Housley | |||
| Internet-Draft Vigil Security | Internet-Draft Vigil Security | |||
| Intended Status: Standards Track 2 May 2013 | Intended Status: Standards Track 17 May 2013 | |||
| Expires: 2 November 2013 | Expires: 17 November 2013 | |||
| Cryptographic Message Syntax (CMS) | Cryptographic Message Syntax (CMS) | |||
| Key Package Receipt and Error Content Types | Key Package Receipt and Error Content Types | |||
| draft-housley-ct-keypackage-receipt-n-error-01.txt | draft-housley-ct-keypackage-receipt-n-error-02.txt | |||
| Abstract | Abstract | |||
| This document defines the syntax for two Cryptographic Message Syntax | This document defines the syntax for two Cryptographic Message Syntax | |||
| (CMS) content types, one for key package receipts, and another for | (CMS) content types, one for key package receipts, and another for | |||
| key package errors. The key package receipt content type is used to | key package errors. The key package receipt content type is used to | |||
| confirm receipt of an identified key package or collection of key | confirm receipt of an identified key package or collection of key | |||
| packages. The key package error content type is used to indicate an | packages. The key package error content type is used to indicate an | |||
| error occurred during the processing of a key package. CMS can be | error occurred during the processing of a key package. CMS can be | |||
| used to digitally sign, digest, authenticate, or encrypt these | used to digitally sign, digest, authenticate, or encrypt these | |||
| skipping to change at page 3, line 41 ¶ | skipping to change at page 3, line 41 ¶ | |||
| Within a key distribution system, the source, intermediary, and | Within a key distribution system, the source, intermediary, and | |||
| receiver entities are identified by a Source Intermediary Recipient | receiver entities are identified by a Source Intermediary Recipient | |||
| (SIR) entity name. The syntax for the SIR entity name does not | (SIR) entity name. The syntax for the SIR entity name does not | |||
| impose any particular structure, and it accommodates straightforward | impose any particular structure, and it accommodates straightforward | |||
| registration of additional SIR entity name types. | registration of additional SIR entity name types. | |||
| The inclusion of the nameType object identifier ensures that two | The inclusion of the nameType object identifier ensures that two | |||
| identifiers of different types that happen to contain the same values | identifiers of different types that happen to contain the same values | |||
| are not interpreted as equivalent. Additional SIR entity name types | are not interpreted as equivalent. Additional SIR entity name types | |||
| are expected to be registered that represent different granularities. | are expected to be registered that represent different granularities. | |||
| For example, one SIR entity name type might represent the receiver | For example, one SIR entity name type might represent the receiver | |||
| organization, and at a finer granularity, another SIR entity name | organization, and at a finer granularity, another SIR entity name | |||
| type might identify a specific device, perhaps using a manufacturer | type might identify a specific device, perhaps using a manufacturer | |||
| identifier and serial number. The use of an object identifier avoids | identifier and serial number. The use of an object identifier avoids | |||
| the need for a central registry of SIR entity name types. | the need for a central registry of SIR entity name types. | |||
| The nameValue is an OCTET STRING, which allows the canonical form of | The nameValue is an OCTET STRING, which allows the canonical form of | |||
| any name to be carried. Two names of the same type are considered | any name to be carried. Two names of the same type are considered | |||
| equal if the octet strings are the same length and contain the same | equal if the octet strings are the same length and contain the same | |||
| string of octets. | string of octets. | |||
| skipping to change at page 10, line 25 ¶ | skipping to change at page 10, line 25 ¶ | |||
| missingContentHints (81), | missingContentHints (81), | |||
| invalidAttributeLocation (82), | invalidAttributeLocation (82), | |||
| badMessageDigest (83), | badMessageDigest (83), | |||
| badKeyPackage (84), | badKeyPackage (84), | |||
| badAttributes (85), | badAttributes (85), | |||
| attributeComparisonFailure (86), | attributeComparisonFailure (86), | |||
| unsupportedSymmetricKeyPackage (87), | unsupportedSymmetricKeyPackage (87), | |||
| unsupportedAsymmetricKeyPackage (88), | unsupportedAsymmetricKeyPackage (88), | |||
| constraintViolation (89), | constraintViolation (89), | |||
| ambiguousDefaultValue (90), | ambiguousDefaultValue (90), | |||
| noMatchingReceipientInfo (91), | noMatchingRecipientInfo (91), | |||
| unsupportedKeyWrapAlgorithm (92), | unsupportedKeyWrapAlgorithm (92), | |||
| badKeyTransRecipientInfo (93), | badKeyTransRecipientInfo (93), | |||
| other (127), | other (127), | |||
| ... -- Expect additional error codes -- } | ... -- Expect additional error codes -- } | |||
| The KeyPackageError fields are used as follows: | The KeyPackageError fields are used as follows: | |||
| o version identifies version of the key package error content | o version identifies version of the key package error content | |||
| structure. For this version of the specification, the default | structure. For this version of the specification, the default | |||
| value, v2, MUST be used. Note that v1 was defined in an earlier | value, v2, MUST be used. Note that v1 was defined in an earlier | |||
| version, but the use of v1 is deprecated. | version, but the use of v1 is deprecated. | |||
| o errorOf is OPTIONAL, and it provides the identifier of the keying | o errorOf is OPTIONAL, and it provides the identifier of the keying | |||
| material for which this error is being generated. This is | material for which this error is being generated. This is | |||
| omitted if the receiver or intermediary cannot parse the received | omitted if the receiver or intermediary cannot parse the received | |||
| data to determine the package identifier. Also, encryption may | data to determine the package identifier. Also, encryption may | |||
| prevent an intermediary from obtaining any of the identifiers. | prevent an intermediary from obtaining any of the identifiers. | |||
| Two alternatives for identifying the keying material are | Two alternatives for identifying the keying material are | |||
| possible; see KeyPkgIdentifer as described in Section 4. The | possible; see KeyPkgIdentifier as described in Section 4. The | |||
| value MUST exactly match the value of the key-package-identifier- | value MUST exactly match the value of the key-package-identifier- | |||
| and-receipt-request attribute in the received key package or | and-receipt-request attribute in the received key package or | |||
| collection. The key-package-identifier-and-receipt-request | collection. The key-package-identifier-and-receipt-request | |||
| attribute is described in Section 3. | attribute is described in Section 3. | |||
| o errorBy identifies the entity that received the key package. | o errorBy identifies the entity that received the key package. | |||
| The entity is named by an SIR entity name as specified in section | The entity is named by an SIR entity name as specified in section | |||
| 2. | 2. | |||
| o errorCode contains a code that indicates the reason for the | o errorCode contains a code that indicates the reason for the | |||
| skipping to change at page 11, line 27 ¶ | skipping to change at page 11, line 27 ¶ | |||
| * badContentInfo is used to indicate that the ContentInfo syntax | * badContentInfo is used to indicate that the ContentInfo syntax | |||
| is invalid or that the contentType carried within the | is invalid or that the contentType carried within the | |||
| ContentInfo is unknown or unsupported. | ContentInfo is unknown or unsupported. | |||
| * badSignedData is used to indicate that the SignedData syntax is | * badSignedData is used to indicate that the SignedData syntax is | |||
| invalid, the version is unknown or unsupported, or more than | invalid, the version is unknown or unsupported, or more than | |||
| one entry is present in digestAlgorithms. | one entry is present in digestAlgorithms. | |||
| * badEncapContent is used to indicate that the | * badEncapContent is used to indicate that the | |||
| EncapsulatedContentInfo syntax is invalid within a SignedData | EncapsulatedContentInfo syntax is invalid within a SignedData | |||
| or an AuthenticatedData or the EncryptedContentInfo syntax is | or an AuthenticatedData, or the EncryptedContentInfo syntax is | |||
| invalid within an AuthEnvelopedData. | invalid within an AuthEnvelopedData. | |||
| * badCertificate is used to indicate that the syntax for one or | * badCertificate is used to indicate that the syntax for one or | |||
| more certificates in CertificateSet or elsewhere is invalid or | more certificates in CertificateSet or elsewhere is invalid or | |||
| unsupported. | unsupported. | |||
| * badSignerInfo is used to indicate that the SignerInfo syntax is | * badSignerInfo is used to indicate that the SignerInfo syntax is | |||
| invalid, or the version is unknown or unsupported. | invalid, or the version is unknown or unsupported. | |||
| * badSignedAttrs is used to indicate that the signedAttrs syntax | * badSignedAttrs is used to indicate that the signedAttrs syntax | |||
| within SignerInfo is invalid. | within SignerInfo is invalid. | |||
| * badUnsignedAttrs is used to indicate that the unsignedAttrs | * badUnsignedAttrs is used to indicate that the unsignedAttrs | |||
| within SignerInfo contains one or more attributes. Since | within SignerInfo contains one or more attributes. Since | |||
| unrecognized attributes are ignored, this error code is used | unrecognized attributes are ignored, this error code is used | |||
| when the object identifier for the attribute is recognized, but | when the object identifier for the attribute is recognized, but | |||
| the value is malformed or internally inconsistent. | the value is malformed or internally inconsistent. In | |||
| addition, this error code can be used when policy prohibits an | ||||
| implementation from supporting unsigned attributes. | ||||
| * missingContent is used to indicate that the optional eContent | * missingContent is used to indicate that the optional eContent | |||
| is missing in EncapsulatedContentInfo, which is required when | is missing in EncapsulatedContentInfo, which is required when | |||
| including an asymmetric, a symmetric key package, and an | including an asymmetric key package, a symmetric key package, | |||
| encrypted key package. This error can be generated due to | and an encrypted key package. This error can be generated due | |||
| problems located in SignedData or AuthenticatedData. | to problems located in SignedData or AuthenticatedData. | |||
| Note that CMS EncapsulatedContentInfo eContent field is | Note that CMS EncapsulatedContentInfo eContent field is | |||
| optional [RFC5652]; however, [RFC5958], [RFC6031], and | optional [RFC5652]; however, [RFC5958], [RFC6031], and | |||
| [RFC6032] require that the eContent be present. | [RFC6032] require that the eContent be present. | |||
| * noTrustAnchor is used to indicate that the subjectKeyIdentifier | * noTrustAnchor is used to indicate that the subjectKeyIdentifier | |||
| does not identify the public key of a trust anchor or a | does not identify the public key of a trust anchor or a | |||
| certification path that terminates with an installed trust | certification path that terminates with an installed trust | |||
| anchor. | anchor. | |||
| * notAuthorized is used to indicate that the sid within | * notAuthorized is used to indicate that the sid within | |||
| SignerInfo leads to an installed trust anchor, but that trust | SignerInfo leads to an installed trust anchor, but that trust | |||
| anchor is not an authorized signer for the received content | anchor is not an authorized signer for the received content | |||
| type. | type. | |||
| * badDigestAlgorithm is used to indicate that the digestAlgorithm | * badDigestAlgorithm is used to indicate that the digestAlgorithm | |||
| in either SignerInfo, SignedData, or AuthenticatedData is | in either SignerInfo, SignedData, or AuthenticatedData is | |||
| unknown or unsupported. | unknown or unsupported. | |||
| * badSignatureAlgorithm is used to indicate that the | * badSignatureAlgorithm is used to indicate that the | |||
| signatureAlgorithm in SignerInfo is unknown or unsupported. | signatureAlgorithm in SignerInfo is unknown or unsupported. | |||
| skipping to change at page 14, line 12 ¶ | skipping to change at page 14, line 13 ¶ | |||
| syntax is invalid, or that the content type carried within the | syntax is invalid, or that the content type carried within the | |||
| contentType is unknown or unsupported. | contentType is unknown or unsupported. | |||
| * badEncryptAlgorithm indicates that the encryption algorithm | * badEncryptAlgorithm indicates that the encryption algorithm | |||
| identified by contentEncryptionAlgorithm in | identified by contentEncryptionAlgorithm in | |||
| EncryptedContentInfo is unknown or unsupported. This can | EncryptedContentInfo is unknown or unsupported. This can | |||
| result from EncryptedData, EnvelopedData, or AuthEnvelopedData. | result from EncryptedData, EnvelopedData, or AuthEnvelopedData. | |||
| * missingCiphertext indicates that the optional encryptedContent | * missingCiphertext indicates that the optional encryptedContent | |||
| is missing in EncryptedContentInfo, which is required when | is missing in EncryptedContentInfo, which is required when | |||
| including an asymmetric, a symmetric key package, and an | including an asymmetric key package, a symmetric key package, | |||
| encrypted key package. | and an encrypted key package. | |||
| * decryptFailure indicates that the encryptedContent in | * decryptFailure indicates that the encryptedContent in | |||
| EncryptedContentInfo did not decrypt properly. | EncryptedContentInfo did not decrypt properly. | |||
| * badMACAlgorithm indicates that the MAC algorithm identified by | * badMACAlgorithm indicates that the MAC algorithm identified by | |||
| MessageAuthenticationCodeAlgorithm in AuthenticatedData is | MessageAuthenticationCodeAlgorithm in AuthenticatedData is | |||
| unknown or unsupported. | unknown or unsupported. | |||
| * badAuthAttrs is used to indicate that the authAttrs syntax | * badAuthAttrs is used to indicate that the authAttrs syntax | |||
| within AuthenticatedData or AuthEnvelopedData is invalid. | within AuthenticatedData or AuthEnvelopedData is invalid. | |||
| skipping to change at page 14, line 42 ¶ | skipping to change at page 14, line 43 ¶ | |||
| used when the object identifier for the attribute is | used when the object identifier for the attribute is | |||
| recognized, but the value is malformed or internally | recognized, but the value is malformed or internally | |||
| inconsistent. | inconsistent. | |||
| * invalidMAC is used to indicate that the message authentication | * invalidMAC is used to indicate that the message authentication | |||
| code value within AuthenticatedData or AuthEnvelopedData did | code value within AuthenticatedData or AuthEnvelopedData did | |||
| not validate properly. | not validate properly. | |||
| * mismatchedDigestAlg is used to indicate that the digest | * mismatchedDigestAlg is used to indicate that the digest | |||
| algorithm in digestAlgorithms field within SignedData does not | algorithm in digestAlgorithms field within SignedData does not | |||
| match the digest algorithm used by the content signer. | match the digest algorithm used in the signature algorithm. | |||
| * missingCertificate indicates that a signature could not be | * missingCertificate indicates that a signature could not be | |||
| verified using a trust anchor or a certificate from the | verified using a trust anchor or a certificate from the | |||
| certificates field within SignedData. Similarly, this error | certificates field within SignedData. Similarly, this error | |||
| code can indicate that a needed certificate is missing when | code can indicate that a needed certificate is missing when | |||
| processing EnvelopedData, AuthEnvelopedData, or | processing EnvelopedData, AuthEnvelopedData, or | |||
| AuthenticatedData. | AuthenticatedData. | |||
| * tooManySigners indicates that a SignedData content contained | * tooManySigners indicates that a SignedData content contained | |||
| more than one SignerInfo for a content type that requires only | more than one SignerInfo for a content type that requires only | |||
| skipping to change at page 25, line 13 ¶ | skipping to change at page 25, line 13 ¶ | |||
| missingContentHints (81), | missingContentHints (81), | |||
| invalidAttributeLocation (82), | invalidAttributeLocation (82), | |||
| badMessageDigest (83), | badMessageDigest (83), | |||
| badKeyPackage (84), | badKeyPackage (84), | |||
| badAttributes (85), | badAttributes (85), | |||
| attributeComparisonFailure (86), | attributeComparisonFailure (86), | |||
| unsupportedSymmetricKeyPackage (87), | unsupportedSymmetricKeyPackage (87), | |||
| unsupportedAsymmetricKeyPackage (88), | unsupportedAsymmetricKeyPackage (88), | |||
| constraintViolation (89), | constraintViolation (89), | |||
| ambiguousDefaultValue (90), | ambiguousDefaultValue (90), | |||
| noMatchingReceipientInfo (91), | noMatchingRecipientInfo (91), | |||
| unsupportedKeyWrapAlgorithm (92), | unsupportedKeyWrapAlgorithm (92), | |||
| badKeyTransRecipientInfo (93), | badKeyTransRecipientInfo (93), | |||
| other (127), | other (127), | |||
| ... -- Expect additional error codes -- } | ... -- Expect additional error codes -- } | |||
| END | END | |||
| Author's Address | Author's Address | |||
| Russ Housley | Russ Housley | |||
| End of changes. 12 change blocks. | ||||
| 18 lines changed or deleted | 20 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||