| < draft-ietf-lamps-8410-ku-clarifications-00.txt | draft-ietf-lamps-8410-ku-clarifications-01.txt > | |||
|---|---|---|---|---|
| LAMPS S. Turner | LAMPS S. Turner | |||
| Internet-Draft sn3rd | Internet-Draft sn3rd | |||
| Updates: 8410 (if approved) S. Josefsson | Updates: 8410 (if approved) S. Josefsson | |||
| Intended status: Standards Track SJD AB | Intended status: Standards Track SJD AB | |||
| Expires: 26 September 2022 D. McCarney | Expires: 3 October 2022 D. McCarney | |||
| Square Inc. | Square Inc. | |||
| T. Ito | T. Ito | |||
| SECOM CO., LTD. | SECOM CO., LTD. | |||
| 25 March 2022 | 1 April 2022 | |||
| Clarifications for Ed25519, Ed448, X25519, and X448 Algorithm | Clarifications for Ed25519, Ed448, X25519, and X448 Algorithm | |||
| Identifiers | Identifiers | |||
| draft-ietf-lamps-8410-ku-clarifications-00 | draft-ietf-lamps-8410-ku-clarifications-01 | |||
| Abstract | Abstract | |||
| This document updates RFC 8410 to clarify existing and specify | This document updates RFC 8410 to clarify existing and specify | |||
| missing semantics for key usage bits when used in certificates that | missing semantics for key usage bits when used in certificates that | |||
| support the Ed25519, Ed448, X25519, and X448 Elliptic Curve | support the Ed25519, Ed448, X25519, and X448 Elliptic Curve | |||
| Cryptography algorithms. | Cryptography algorithms. | |||
| About This Document | About This Document | |||
| skipping to change at page 2, line 4 ¶ | skipping to change at page 2, line 4 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at https://datatracker.ietf.org/drafts/current/. | Drafts is at https://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on 26 September 2022. | This Internet-Draft will expire on 3 October 2022. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2022 IETF Trust and the persons identified as the | Copyright (c) 2022 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents (https://trustee.ietf.org/ | Provisions Relating to IETF Documents (https://trustee.ietf.org/ | |||
| license-info) in effect on the date of publication of this document. | license-info) in effect on the date of publication of this document. | |||
| Please review these documents carefully, as they describe your rights | Please review these documents carefully, as they describe your rights | |||
| skipping to change at page 3, line 38 ¶ | skipping to change at page 3, line 38 ¶ | |||
| and the following MUST NOT be present: | and the following MUST NOT be present: | |||
| digitalSignature; | digitalSignature; | |||
| nonRepudiation; | nonRepudiation; | |||
| keyEncipherment; | keyEncipherment; | |||
| dataEncipherment; | dataEncipherment; | |||
| keyCertSign; and | keyCertSign; and | |||
| cRLSign. | cRLSign. | |||
| If the keyUsage extension is present in an end-entity certificate | If the keyUsage extension is present in an end-entity or CRL issuer | |||
| that indicates id-Ed25519 or id-Ed448 in SubjectPublicKeyInfo, then | certificate that indicates id-Ed25519 or id-Ed448 in | |||
| the keyUsage extension MUST contain one or both of the following: | SubjectPublicKeyInfo, then the keyUsage extension MUST contain at | |||
| least one of the following: | ||||
| nonRepudiation; and | ||||
| digitalSignature; | ||||
| the following MAY also be present: | ||||
| nonRepudiation; | ||||
| digitalSignature; and | ||||
| cRLSign; | cRLSign; | |||
| and the following MUST NOT be present: | and the following MUST NOT be present: | |||
| keyEncipherment; | keyEncipherment; | |||
| dataEncipherment; | dataEncipherment; | |||
| keyAgreement; | keyAgreement; | |||
| keyCertSign; | keyCertSign; | |||
| encipherOnly; and | encipherOnly; and | |||
| decipherOnly. | decipherOnly. | |||
| skipping to change at page 5, line 28 ¶ | skipping to change at page 5, line 28 ¶ | |||
| DOI 10.17487/RFC8410, August 2018, | DOI 10.17487/RFC8410, August 2018, | |||
| <https://www.rfc-editor.org/rfc/rfc8410>. | <https://www.rfc-editor.org/rfc/rfc8410>. | |||
| 6.2. Informative References | 6.2. Informative References | |||
| [ERRATA] Liao, L., "Errata 5696", 17 April 2019, | [ERRATA] Liao, L., "Errata 5696", 17 April 2019, | |||
| <https://www.rfc-editor.org/errata/eid5696>. | <https://www.rfc-editor.org/errata/eid5696>. | |||
| Acknowledgments | Acknowledgments | |||
| TODO acknowledge. | We would like to thank Russ Housley, Mike Jenkins, and Corey Bonnell | |||
| for the comments. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Sean Turner | Sean Turner | |||
| sn3rd | sn3rd | |||
| Email: sean@sn3rd.com | Email: sean@sn3rd.com | |||
| Simon Josefsson | Simon Josefsson | |||
| SJD AB | SJD AB | |||
| Email: simon@josefsson.org | Email: simon@josefsson.org | |||
| End of changes. 7 change blocks. | ||||
| 13 lines changed or deleted | 12 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||