| < draft-ietf-keyprov-pskc-08.txt | draft-ietf-keyprov-pskc-09.txt > | |||
|---|---|---|---|---|
| keyprov P. Hoyer | keyprov P. Hoyer | |||
| Internet-Draft ActivIdentity | Internet-Draft ActivIdentity | |||
| Intended status: Standards Track M. Pei | Intended status: Standards Track M. Pei | |||
| Expires: February 3, 2011 VeriSign | Expires: February 3, 2011 VeriSign | |||
| S. Machani | S. Machani | |||
| Diversinet | Diversinet | |||
| August 2, 2010 | August 2, 2010 | |||
| Portable Symmetric Key Container (PSKC) | Portable Symmetric Key Container (PSKC) | |||
| draft-ietf-keyprov-pskc-08 | draft-ietf-keyprov-pskc-09 | |||
| Abstract | Abstract | |||
| This document specifies a symmetric key format for transport and | This document specifies a symmetric key format for transport and | |||
| provisioning of symmetric keys to different types of crypto modules. | provisioning of symmetric keys to different types of crypto modules. | |||
| For example, One Time Password (OTP) shared secrets or symmetric | For example, One Time Password (OTP) shared secrets or symmetric | |||
| cryptographic keys to strong authentication devices. A standard key | cryptographic keys to strong authentication devices. A standard key | |||
| transport format enables enterprises to deploy best-of-breed | transport format enables enterprises to deploy best-of-breed | |||
| solutions combining components from different vendors into the same | solutions combining components from different vendors into the same | |||
| infrastructure. | infrastructure. | |||
| skipping to change at page 16, line 8 ¶ | skipping to change at page 16, line 8 ¶ | |||
| elements MUST uniquely identify the device. For example, for | elements MUST uniquely identify the device. For example, for | |||
| hardware tokens the combination of <SerialNo> and <Manufacturer> | hardware tokens the combination of <SerialNo> and <Manufacturer> | |||
| elements uniquely identifies a device but the <SerialNo> element | elements uniquely identifies a device but the <SerialNo> element | |||
| alone is insufficient since two different token manufacturers might | alone is insufficient since two different token manufacturers might | |||
| issue devices with the same serial number (similar to the Issuer | issue devices with the same serial number (similar to the Issuer | |||
| Distinguished Name and serial number of a certificate). | Distinguished Name and serial number of a certificate). | |||
| The <DeviceInfo> element has the following child elements: | The <DeviceInfo> element has the following child elements: | |||
| <Manufacturer>: This element indicates the manufacturer of the | <Manufacturer>: This element indicates the manufacturer of the | |||
| device. Values for Manufacturer SHOULD be taken from either | device. Values for Manufacturer MUST be taken from either | |||
| [OATHMAN] prefixes (i.e., the left column) or they SHOULD be taken | [OATHMAN] prefixes (i.e., the left column) or from IANA Private | |||
| from IANA Private Enterprise Number Registry [IANAPENREG], using | Enterprise Number Registry [IANAPENREG], using the Organisation | |||
| the Organisation value. When the value is taken from [OATHMAN] | value. When the value is taken from [OATHMAN] "oath." MUST be | |||
| "oath." MUST be prepended to the value (e.g. "oath.<prefix value | prepended to the value (e.g. "oath.<prefix value from | |||
| from [OATHMAN]>"). When the value is taken from [IANAPENREG] | [OATHMAN]>"). When the value is taken from [IANAPENREG] "iana." | |||
| "iana." MUST be prepended to the value (e.g. "iana.<Organisation | MUST be prepended to the value (e.g. "iana.<Organisation value | |||
| value from [IANAPENREG]>"). | from [IANAPENREG]>"). | |||
| <SerialNo>: This element contains the serial number of the device. | <SerialNo>: This element contains the serial number of the device. | |||
| <Model>: This element describes the model of the device (e.g., one- | <Model>: This element describes the model of the device (e.g., one- | |||
| button-HOTP-token-V1). | button-HOTP-token-V1). | |||
| <IssueNo>: This element contains the issue number in case devices | <IssueNo>: This element contains the issue number in case devices | |||
| with the same serial number that are distinguished by different | with the same serial number that are distinguished by different | |||
| issue numbers. | issue numbers. | |||
| End of changes. 2 change blocks. | ||||
| 9 lines changed or deleted | 9 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||