< draft-ietf-lamps-8410-ku-clarifications-00.txt   draft-ietf-lamps-8410-ku-clarifications-01.txt >
LAMPS S. Turner LAMPS S. Turner
Internet-Draft sn3rd Internet-Draft sn3rd
Updates: 8410 (if approved) S. Josefsson Updates: 8410 (if approved) S. Josefsson
Intended status: Standards Track SJD AB Intended status: Standards Track SJD AB
Expires: 26 September 2022 D. McCarney Expires: 3 October 2022 D. McCarney
Square Inc. Square Inc.
T. Ito T. Ito
SECOM CO., LTD. SECOM CO., LTD.
25 March 2022 1 April 2022
Clarifications for Ed25519, Ed448, X25519, and X448 Algorithm Clarifications for Ed25519, Ed448, X25519, and X448 Algorithm
Identifiers Identifiers
draft-ietf-lamps-8410-ku-clarifications-00 draft-ietf-lamps-8410-ku-clarifications-01
Abstract Abstract
This document updates RFC 8410 to clarify existing and specify This document updates RFC 8410 to clarify existing and specify
missing semantics for key usage bits when used in certificates that missing semantics for key usage bits when used in certificates that
support the Ed25519, Ed448, X25519, and X448 Elliptic Curve support the Ed25519, Ed448, X25519, and X448 Elliptic Curve
Cryptography algorithms. Cryptography algorithms.
About This Document About This Document
skipping to change at page 2, line 4 skipping to change at page 2, line 4
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/. Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on 26 September 2022. This Internet-Draft will expire on 3 October 2022.
Copyright Notice Copyright Notice
Copyright (c) 2022 IETF Trust and the persons identified as the Copyright (c) 2022 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents (https://trustee.ietf.org/ Provisions Relating to IETF Documents (https://trustee.ietf.org/
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
skipping to change at page 3, line 38 skipping to change at page 3, line 38
and the following MUST NOT be present: and the following MUST NOT be present:
digitalSignature; digitalSignature;
nonRepudiation; nonRepudiation;
keyEncipherment; keyEncipherment;
dataEncipherment; dataEncipherment;
keyCertSign; and keyCertSign; and
cRLSign. cRLSign.
If the keyUsage extension is present in an end-entity certificate If the keyUsage extension is present in an end-entity or CRL issuer
that indicates id-Ed25519 or id-Ed448 in SubjectPublicKeyInfo, then certificate that indicates id-Ed25519 or id-Ed448 in
the keyUsage extension MUST contain one or both of the following: SubjectPublicKeyInfo, then the keyUsage extension MUST contain at
least one of the following:
nonRepudiation; and
digitalSignature;
the following MAY also be present:
nonRepudiation;
digitalSignature; and
cRLSign; cRLSign;
and the following MUST NOT be present: and the following MUST NOT be present:
keyEncipherment; keyEncipherment;
dataEncipherment; dataEncipherment;
keyAgreement; keyAgreement;
keyCertSign; keyCertSign;
encipherOnly; and encipherOnly; and
decipherOnly. decipherOnly.
skipping to change at page 5, line 28 skipping to change at page 5, line 28
DOI 10.17487/RFC8410, August 2018, DOI 10.17487/RFC8410, August 2018,
<https://www.rfc-editor.org/rfc/rfc8410>. <https://www.rfc-editor.org/rfc/rfc8410>.
6.2. Informative References 6.2. Informative References
[ERRATA] Liao, L., "Errata 5696", 17 April 2019, [ERRATA] Liao, L., "Errata 5696", 17 April 2019,
<https://www.rfc-editor.org/errata/eid5696>. <https://www.rfc-editor.org/errata/eid5696>.
Acknowledgments Acknowledgments
TODO acknowledge. We would like to thank Russ Housley, Mike Jenkins, and Corey Bonnell
for the comments.
Authors' Addresses Authors' Addresses
Sean Turner Sean Turner
sn3rd sn3rd
Email: sean@sn3rd.com Email: sean@sn3rd.com
Simon Josefsson Simon Josefsson
SJD AB SJD AB
Email: simon@josefsson.org Email: simon@josefsson.org
 End of changes. 7 change blocks. 
13 lines changed or deleted 12 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/