| < draft-ietf-smime-new-asn1-06.txt | draft-ietf-smime-new-asn1-07.txt > | |||
|---|---|---|---|---|
| Network Working Group P. Hoffman | Network Working Group P. Hoffman | |||
| Internet-Draft VPN Consortium | Internet-Draft VPN Consortium | |||
| Intended status: Informational J. Schaad | Intended status: Informational J. Schaad | |||
| Expires: February 14, 2010 Soaring Hawk Consulting | Expires: February 14, 2010 Soaring Hawk Consulting | |||
| August 13, 2009 | August 13, 2009 | |||
| New ASN.1 Modules for CMS and S/MIME | New ASN.1 Modules for CMS and S/MIME | |||
| draft-ietf-smime-new-asn1-06.txt | draft-ietf-smime-new-asn1-07.txt | |||
| Status of this Memo | Status of this Memo | |||
| This Internet-Draft is submitted to IETF in full conformance with the | This Internet-Draft is submitted to IETF in full conformance with the | |||
| provisions of BCP 78 and BCP 79. This document may contain material | provisions of BCP 78 and BCP 79. This document may contain material | |||
| from IETF Documents or IETF Contributions published or made publicly | from IETF Documents or IETF Contributions published or made publicly | |||
| available before November 10, 2008. The person(s) controlling the | available before November 10, 2008. The person(s) controlling the | |||
| copyright in some of this material may not have granted the IETF | copyright in some of this material may not have granted the IETF | |||
| Trust the right to allow modifications of such material outside the | Trust the right to allow modifications of such material outside the | |||
| IETF Standards Process. Without obtaining an adequate license from | IETF Standards Process. Without obtaining an adequate license from | |||
| skipping to change at page 2, line 46 ¶ | skipping to change at page 2, line 46 ¶ | |||
| 14. Normative References . . . . . . . . . . . . . . . . . . . . . 58 | 14. Normative References . . . . . . . . . . . . . . . . . . . . . 58 | |||
| Appendix A. Change History . . . . . . . . . . . . . . . . . . . 59 | Appendix A. Change History . . . . . . . . . . . . . . . . . . . 59 | |||
| A.1. Changes between draft-hoffman-cms-new-asn1-00 and | A.1. Changes between draft-hoffman-cms-new-asn1-00 and | |||
| draft-ietf-smime-new-asn1-00 . . . . . . . . . . . . . . . 59 | draft-ietf-smime-new-asn1-00 . . . . . . . . . . . . . . . 59 | |||
| A.2. Changes between draft-ietf-smime-new-asn1-00 and -01 . . . 60 | A.2. Changes between draft-ietf-smime-new-asn1-00 and -01 . . . 60 | |||
| A.3. Changes between draft-ietf-smime-new-asn1-01 and -02 . . . 60 | A.3. Changes between draft-ietf-smime-new-asn1-01 and -02 . . . 60 | |||
| A.4. Changes between draft-ietf-smime-new-asn1-02 and -03 . . . 60 | A.4. Changes between draft-ietf-smime-new-asn1-02 and -03 . . . 60 | |||
| A.5. Changes between draft-ietf-smime-new-asn1-03 and -04 . . . 60 | A.5. Changes between draft-ietf-smime-new-asn1-03 and -04 . . . 60 | |||
| A.6. Changes between draft-ietf-smime-new-asn1-04 and -05 . . . 60 | A.6. Changes between draft-ietf-smime-new-asn1-04 and -05 . . . 60 | |||
| A.7. Changes between draft-ietf-smime-new-asn1-05 and -06 . . . 60 | A.7. Changes between draft-ietf-smime-new-asn1-05 and -06 . . . 60 | |||
| A.8. Changes between draft-ietf-smime-new-asn1-06 and -07 . . . 60 | ||||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 61 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 61 | |||
| 1. Introduction | 1. Introduction | |||
| Some developers would like the IETF to use the latest version of | Some developers would like the IETF to use the latest version of | |||
| ASN.1 in its standards. Most of the RFCs that relate to security | ASN.1 in its standards. Most of the RFCs that relate to security | |||
| protocols still use ASN.1 from the 1988 standard, which has been | protocols still use ASN.1 from the 1988 standard, which has been | |||
| deprecated. This is particularly true for the standards that relate | deprecated. This is particularly true for the standards that relate | |||
| to PKIX, CMS, and S/MIME. | to PKIX, CMS, and S/MIME. | |||
| skipping to change at page 6, line 34 ¶ | skipping to change at page 6, line 34 ¶ | |||
| -- signature algorithm | -- signature algorithm | |||
| -- &PublicKeySet - the set of public key algorithms for this | -- &PublicKeySet - the set of public key algorithms for this | |||
| -- signature algorithm | -- signature algorithm | |||
| -- &smimeCaps - contains the object describing how the S/MIME | -- &smimeCaps - contains the object describing how the S/MIME | |||
| -- capabilities are presented. | -- capabilities are presented. | |||
| -- | -- | |||
| -- Example: | -- Example: | |||
| -- sig-RSA-PSS SIGNATURE-ALGORITHM ::= { | -- sig-RSA-PSS SIGNATURE-ALGORITHM ::= { | |||
| -- IDENTIFIER id-RSASSA-PSS | -- IDENTIFIER id-RSASSA-PSS | |||
| -- PARAMS TYPE RSASSA-PSS-params ARE required | -- PARAMS TYPE RSASSA-PSS-params ARE required | |||
| -- HASHES {sha1 | md5, ... } | -- HASHES { mda-sha1 | mda-md5, ... } | |||
| -- PUBLIC-KEYS { pk-rsa | pk-rsa-pss } | -- PUBLIC-KEYS { pk-rsa | pk-rsa-pss } | |||
| -- } | -- } | |||
| SIGNATURE-ALGORITHM ::= CLASS { | SIGNATURE-ALGORITHM ::= CLASS { | |||
| &id OBJECT IDENTIFIER UNIQUE, | &id OBJECT IDENTIFIER UNIQUE, | |||
| &Value OPTIONAL, | &Value OPTIONAL, | |||
| &Params OPTIONAL, | &Params OPTIONAL, | |||
| ¶mPresence ParamOptions DEFAULT absent, | ¶mPresence ParamOptions DEFAULT absent, | |||
| &HashSet DIGEST-ALGORITHM OPTIONAL, | &HashSet DIGEST-ALGORITHM OPTIONAL, | |||
| &PublicKeySet PUBLIC-KEY OPTIONAL, | &PublicKeySet PUBLIC-KEY OPTIONAL, | |||
| skipping to change at page 13, line 35 ¶ | skipping to change at page 13, line 35 ¶ | |||
| -- cap-RC2CBC SMIME-CAPS ::= { | -- cap-RC2CBC SMIME-CAPS ::= { | |||
| -- TYPE INTEGER ( 40 | 128 ) IDENTIFIED BY rc2-cbc } | -- TYPE INTEGER ( 40 | 128 ) IDENTIFIED BY rc2-cbc } | |||
| -- | -- | |||
| -- where 40 and 128 represent the RC2 key length in number of bits. | -- where 40 and 128 represent the RC2 key length in number of bits. | |||
| -- | -- | |||
| -- Another example where information needs to be shown is for | -- Another example where information needs to be shown is for | |||
| -- RSA-OAEP where only specific hash functions or mask generation | -- RSA-OAEP where only specific hash functions or mask generation | |||
| -- functions are supported, but the saltLength is specified by the | -- functions are supported, but the saltLength is specified by the | |||
| -- sender and not the recipient. In this case one can either | -- sender and not the recipient. In this case one can either | |||
| -- generate a number of capability items, | -- generate a number of capability items, | |||
| -- or a new S/MIME capability type could be generated where | -- or a new S/MIME capability type could be generated where | |||
| -- multiple hash functions could be specified. | -- multiple hash functions could be specified. | |||
| -- | -- | |||
| -- | -- | |||
| -- SMIME-CAP | -- SMIME-CAP | |||
| -- | -- | |||
| -- This class is used to associate the type describing capabilities | -- This class is used to associate the type describing capabilities | |||
| -- with the object identifier. | -- with the object identifier. | |||
| -- | -- | |||
| SMIME-CAPS ::= CLASS { | SMIME-CAPS ::= CLASS { | |||
| skipping to change at page 60, line 47 ¶ | skipping to change at page 60, line 47 ¶ | |||
| Changed the status of the document. | Changed the status of the document. | |||
| A.6. Changes between draft-ietf-smime-new-asn1-04 and -05 | A.6. Changes between draft-ietf-smime-new-asn1-04 and -05 | |||
| Removed the "Issues" section from section 1, which should have been | Removed the "Issues" section from section 1, which should have been | |||
| done in the last draft. | done in the last draft. | |||
| A.7. Changes between draft-ietf-smime-new-asn1-05 and -06 | A.7. Changes between draft-ietf-smime-new-asn1-05 and -06 | |||
| Minor nits to keep the nits checker happy. | ||||
| A.8. Changes between draft-ietf-smime-new-asn1-06 and -07 | ||||
| In the AlgorithmInformation module, there was an error in a | In the AlgorithmInformation module, there was an error in a | |||
| commented-out example. Changed "-- HASHES {sha1 | md5, ... }" to "-- | commented-out example. Changed "-- HASHES {sha1 | md5, ... }" to "-- | |||
| HASHES { mda-sha1 | mda-md5, ... }". | HASHES { mda-sha1 | mda-md5, ... }". | |||
| Minor nits to keep the nits checker happy. | ||||
| Authors' Addresses | Authors' Addresses | |||
| Paul Hoffman | Paul Hoffman | |||
| VPN Consortium | VPN Consortium | |||
| 127 Segre Place | 127 Segre Place | |||
| Santa Cruz, CA 95060 | Santa Cruz, CA 95060 | |||
| US | US | |||
| Phone: 1-831-426-9827 | Phone: 1-831-426-9827 | |||
| Email: paul.hoffman@vpnc.org | Email: paul.hoffman@vpnc.org | |||
| End of changes. 6 change blocks. | ||||
| 5 lines changed or deleted | 8 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||