| < draft-schaad-pkix-rfc2875-bis-07.txt | draft-schaad-pkix-rfc2875-bis-08.txt > | |||
|---|---|---|---|---|
| PKIX J. Schaad | PKIX J. Schaad | |||
| Internet-Draft Soaring Hawk Consulting | Internet-Draft Soaring Hawk Consulting | |||
| Obsoletes: 2875 (if approved) H. Prafullchandra | Obsoletes: 2875 (if approved) H. Prafullchandra | |||
| Intended status: Standards Track Hy-Trust | Intended status: Standards Track Hy-Trust | |||
| Expires: August 8, 2013 February 4, 2013 | Expires: September 28, 2013 March 27, 2013 | |||
| Diffie-Hellman Proof-of-Possession Algorithms | Diffie-Hellman Proof-of-Possession Algorithms | |||
| draft-schaad-pkix-rfc2875-bis-07 | draft-schaad-pkix-rfc2875-bis-08 | |||
| Abstract | Abstract | |||
| This document describes two methods for producing an integrity check | This document describes two methods for producing an integrity check | |||
| value from a Diffie-Hellman key pair and one method for producing an | value from a Diffie-Hellman key pair and one method for producing an | |||
| integrity check value from an Elliptic Curve key pair. This behavior | integrity check value from an Elliptic Curve key pair. This behavior | |||
| is needed for such operations as creating the signature of a PKCS #10 | is needed for such operations as creating the signature of a PKCS #10 | |||
| certification request. These algorithms are designed to provide a | certification request. These algorithms are designed to provide a | |||
| proof-of-possession of the private key and not to be a general | proof-of-possession of the private key and not to be a general | |||
| purpose signing algorithm. | purpose signing algorithm. | |||
| This document obsoletes RFC 2875. | This document obsoletes RFC 2875. | |||
| Status of this Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on August 8, 2013. | This Internet-Draft will expire on September 28, 2013. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2013 IETF Trust and the persons identified as the | Copyright (c) 2013 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| skipping to change at page 3, line 7 ¶ | skipping to change at page 2, line 24 ¶ | |||
| modifications of such material outside the IETF Standards Process. | modifications of such material outside the IETF Standards Process. | |||
| Without obtaining an adequate license from the person(s) controlling | Without obtaining an adequate license from the person(s) controlling | |||
| the copyright in such materials, this document may not be modified | the copyright in such materials, this document may not be modified | |||
| outside the IETF Standards Process, and derivative works of it may | outside the IETF Standards Process, and derivative works of it may | |||
| not be created outside the IETF Standards Process, except to format | not be created outside the IETF Standards Process, except to format | |||
| it for publication as an RFC or to translate it into languages other | it for publication as an RFC or to translate it into languages other | |||
| than English. | than English. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 4 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 1.1. Changes since RFC2875 . . . . . . . . . . . . . . . . . . 5 | 1.1. Changes since RFC2875 . . . . . . . . . . . . . . . . . . 4 | |||
| 1.2. Requirements Terminology . . . . . . . . . . . . . . . . . 5 | 1.2. Requirements Terminology . . . . . . . . . . . . . . . . 4 | |||
| 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 5 | 2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 3. Notation . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 | 3. Notation . . . . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 4. Static DH Proof-of-Possession Process . . . . . . . . . . . . 6 | 4. Static DH Proof-of-Possession Process . . . . . . . . . . . . 5 | |||
| 4.1. ASN.1 Encoding . . . . . . . . . . . . . . . . . . . . . . 8 | 4.1. ASN.1 Encoding . . . . . . . . . . . . . . . . . . . . . 7 | |||
| 5. Discrete Logarithm Signature . . . . . . . . . . . . . . . . . 11 | 5. Discrete Logarithm Signature . . . . . . . . . . . . . . . . 10 | |||
| 5.1. Expanding the Digest Value . . . . . . . . . . . . . . . . 12 | 5.1. Expanding the Digest Value . . . . . . . . . . . . . . . 11 | |||
| 5.2. Signature Computation Algorithm . . . . . . . . . . . . . 13 | 5.2. Signature Computation Algorithm . . . . . . . . . . . . . 12 | |||
| 5.3. Signature Verification Algorithm . . . . . . . . . . . . . 13 | 5.3. Signature Verification Algorithm . . . . . . . . . . . . 12 | |||
| 5.4. ASN.1 Encoding . . . . . . . . . . . . . . . . . . . . . . 14 | 5.4. ASN.1 Encoding . . . . . . . . . . . . . . . . . . . . . 13 | |||
| 6. Static ECDH Proof-of-Possession Process . . . . . . . . . . . 16 | 6. Static ECDH Proof-of-Possession Process . . . . . . . . . . . 15 | |||
| 6.1. ASN.1 Encoding . . . . . . . . . . . . . . . . . . . . . . 18 | 6.1. ASN.1 Encoding . . . . . . . . . . . . . . . . . . . . . 17 | |||
| 7. Security Considerations . . . . . . . . . . . . . . . . . . . 20 | 7. Security Considerations . . . . . . . . . . . . . . . . . . . 19 | |||
| 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 21 | 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 19 | |||
| 9. References . . . . . . . . . . . . . . . . . . . . . . . . . . 21 | 9. References . . . . . . . . . . . . . . . . . . . . . . . . . 19 | |||
| 9.1. Normative References . . . . . . . . . . . . . . . . . . . 21 | 9.1. Normative References . . . . . . . . . . . . . . . . . . 19 | |||
| 9.2. Informative References . . . . . . . . . . . . . . . . . . 22 | 9.2. Informative References . . . . . . . . . . . . . . . . . 20 | |||
| Appendix A. ASN.1 Modules . . . . . . . . . . . . . . . . . . . . 22 | Appendix A. ASN.1 Modules . . . . . . . . . . . . . . . . . . . 20 | |||
| A.1. 2008 ASN.1 Module . . . . . . . . . . . . . . . . . . . . 22 | A.1. 2008 ASN.1 Module . . . . . . . . . . . . . . . . . . . . 21 | |||
| A.2. 1988 ASN.1 Module . . . . . . . . . . . . . . . . . . . . 27 | A.2. 1988 ASN.1 Module . . . . . . . . . . . . . . . . . . . . 25 | |||
| Appendix B. Example of Static DH Proof-of-Possession . . . . . . 29 | Appendix B. Example of Static DH Proof-of-Possession . . . . . . 27 | |||
| Appendix C. Example of Discrete Log Signature . . . . . . . . . . 37 | Appendix C. Example of Discrete Log Signature . . . . . . . . . 35 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 42 | Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 40 | |||
| 1. Introduction | 1. Introduction | |||
| Among the responsibilities of a Certificate Authority in issuing | ||||
| Among the responsibilities of a Certificate Authority in issuing a | ||||
| certificates is a requirement that it verifies the identity for the | certificates is a requirement that it verifies the identity for the | |||
| entity to which it is issuing a certificate and that it verify that | entity to which it is issuing a certificate and that it verifies that | |||
| the private key for the public key to be placed in the certificate is | the private key for the public key to be placed in the certificate is | |||
| in the possession of that entity. The process of validating that the | in the possession of that entity. The process of validating that the | |||
| private key is held by the requester of the certificate is call | private key is held by the requester of the certificate is called | |||
| Proof-of-Possession(POP). Further details on why POP is important | Proof-of-Possession(POP). Further details on why POP is important | |||
| can be found in Appendix C of RFC 4211 [CRMF]. | can be found in Appendix C of RFC 4211 [CRMF]. | |||
| This document is designed to deal with the problem of how to support | This document is designed to deal with the problem of how to support | |||
| POP for encryption-only keys. PKCS #10 [RFC2986] and the Certificate | POP for encryption-only keys. PKCS #10 [RFC2986] and the Certificate | |||
| Request Message Format (CRMF) [CRMF] both define syntaxes for | Request Message Format (CRMF) [CRMF] both define syntaxes for | |||
| certification requests. However, while CRMF supports an alternative | certification requests. However, while CRMF supports an alternative | |||
| method to support POP for encryption-only keys, PKCS #10 does not. | method to support POP for encryption-only keys, PKCS #10 does not. | |||
| PKCS #10 assumes that the public key being requested for | PKCS #10 assumes that the public key being requested for | |||
| certification corresponds to an algorithm that is capable of | certification corresponds to an algorithm that is capable of | |||
| producing a POP by a signature operation. Diffie-Hellman (DH) and | producing a POP by a signature operation. Diffie-Hellman (DH) and | |||
| Elliptic Curve Diffie-Hellman (ECDH) are key agreement algorithms | Elliptic Curve Diffie-Hellman (ECDH) are key agreement algorithms | |||
| and, as such, cannot be directly used for signing or encryption. | and, as such, cannot be directly used for signing or encryption. | |||
| This document describes a set of three proof-of-possession | This document describes a set of three proof-of-possession | |||
| algorithms. Two methods use the the key agreement process (one for | algorithms. Two methods use the key agreement process (one for | |||
| Diffie-Hellman and one for Elliptic-Curve DH) to provide a shared | Diffie-Hellman and one for Elliptic-Curve DH) to provide a shared | |||
| secret as the basis of an integrity check value. For these methods, | secret as the basis of an integrity check value. For these methods, | |||
| the value is constructed for a specific recipient/verifier by using a | the value is constructed for a specific recipient/verifier by using a | |||
| public key of that verifier. The third method uses a modified | public key of that verifier. The third method uses a modified | |||
| signature algorithm (for Diffie-Hellman). This method allows for | signature algorithm (for Diffie-Hellman). This method allows for | |||
| arbitrary verifiers. | arbitrary verifiers. | |||
| It should be noted that we did not create an algorithm that parallels | It should be noted that we did not create an algorithm that parallels | |||
| ECDSA (Elliptical Curve Digital Signature Algorithm) as was done for | ECDSA (Elliptical Curve Digital Signature Algorithm) as was done for | |||
| DSA (Digital Signature Algorithm). When using ECDH, the common | DSA (Digital Signature Algorithm). When using ECDH, the common | |||
| skipping to change at page 6, line 14 ¶ | skipping to change at page 5, line 13 ¶ | |||
| second party to perform an algorithm to establish with some degree of | second party to perform an algorithm to establish with some degree of | |||
| assurance that the first party does possess and has the ability to | assurance that the first party does possess and has the ability to | |||
| use a private key. The reasoning behind doing POP can be found in | use a private key. The reasoning behind doing POP can be found in | |||
| Appendix C in [CRMF]. | Appendix C in [CRMF]. | |||
| 3. Notation | 3. Notation | |||
| This section describes mathematical notations, conventions and | This section describes mathematical notations, conventions and | |||
| symbols used throughout this document. | symbols used throughout this document. | |||
| a | b : Concatenation of a and b | a | b : Concatenation of a and b | |||
| a ^ b : a raised to the power of b | a ^ b : a raised to the power of b | |||
| a mod b : a modulo b | a mod b : a modulo b | |||
| a / b : a divided by b using integer division | a / b : a divided by b using integer division | |||
| a * b : a times b | a * b : a times b | |||
| depending on context multiplication may be within | depending on context multiplication may be within | |||
| an Elliptic Curve or normal multiplication | an Elliptic Curve or normal multiplication | |||
| KDF(a) : Key Derivation Function producing a value from a. | KDF(a) : Key Derivation Function producing a value from a. | |||
| MAC(a, b) : Message Authentication Code function where | MAC(a, b) : Message Authentication Code function where | |||
| a is the key and b is the text | a is the key and b is the text | |||
| LEFTMOST(a, b) : Return the b left most bits of a | LEFTMOST(a, b) : Return the b left most bits of a | |||
| FLOOR(a) : Return n where n is the largest integer such that | FLOOR(a) : Return n where n is the largest integer such that | |||
| n <= a | n <= a | |||
| Details on how to implement the HMAC version of a MAC function used | Details on how to implement the HMAC version of a MAC function used | |||
| in this document can be found in RFC 2104 [RFC2104], RFC 6234 | in this document can be found in RFC 2104 [RFC2104], RFC 6234 | |||
| [RFC6234] and RFC 4231 [RFC4231]. | [RFC6234] and RFC 4231 [RFC4231]. | |||
| 4. Static DH Proof-of-Possession Process | 4. Static DH Proof-of-Possession Process | |||
| The Static DH POP algorithm is set up to use a key derivation | The Static DH POP algorithm is set up to use a key derivation | |||
| function (KDF) and a message authentication code (MAC). This | function (KDF) and a message authentication code (MAC). This | |||
| algorithm requires that a common set of group parameters be used by | algorithm requires that a common set of group parameters be used by | |||
| skipping to change at page 7, line 22 ¶ | skipping to change at page 6, line 22 ¶ | |||
| parameters from step 1. | parameters from step 1. | |||
| For an entity E: | For an entity E: | |||
| Epriv = DH private value = y | Epriv = DH private value = y | |||
| Epub = DH public value = g^y mod p | Epub = DH public value = g^y mod p | |||
| 3. The POP computation process will then consist of: | 3. The POP computation process will then consist of: | |||
| a) The value to be signed (text) is obtained. (For a PKCS #10 | a) The value to be signed (text) is obtained. (For a PKCS #10 | |||
| object, the value is the DER encoded certificationRequestInfo | object, the value is the DER encoded | |||
| field represented as an octet string.) | certificationRequestInfo field represented as an octet | |||
| string.) | ||||
| b) A shared DH secret is computed, as follows, | b) A shared DH secret is computed, as follows, | |||
| shared secret = ZZ = g^(x*y) mod p | shared secret = ZZ = g^(x*y) mod p | |||
| [This is done by the entity E as Rpub^y and by the Recipient | [This is done by the entity E as Rpub^y and by the | |||
| as Epub^x, where Rpub is retrieved from the Recipient's DH | Recipient as Epub^x, where Rpub is retrieved from the | |||
| certificate (or is provided in the protocol) and Epub is | Recipient's DH certificate (or is provided in the protocol) | |||
| retrieved from the certification request.] | and Epub is retrieved from the certification request.] | |||
| c) A temporary key K is derived from the shared secret ZZ as | c) A temporary key K is derived from the shared secret ZZ as | |||
| follows: | follows: | |||
| K = KDF(LeadingInfo | ZZ | TrailingInfo) | K = KDF(LeadingInfo | ZZ | TrailingInfo) | |||
| LeadingInfo ::= Subject Distinguished Name from | LeadingInfo ::= Subject Distinguished Name from | |||
| recipient's certificate | recipient's certificate | |||
| TrailingInfo ::= Issuer Distinguished Name from | TrailingInfo ::= Issuer Distinguished Name from | |||
| recipient's certificate | recipient's certificate | |||
| d) Using the defined MAC function, compute MAC(K, text). | d) Using the defined MAC function, compute MAC(K, text). | |||
| The POP verification process requires the Recipient to carry out | The POP verification process requires the Recipient to carry out | |||
| steps (a) through (d) and then simply compare the result of step (d) | steps (a) through (d) and then simply compare the result of step (d) | |||
| with what it received as the signature component. If they match then | with what it received as the signature component. If they match then | |||
| the following can be concluded: | the following can be concluded: | |||
| a) The Entity possesses the private key corresponding to the public | a) The Entity possesses the private key corresponding to the public | |||
| key in the certification request because it needed the private | key in the certification request because it needed the private key | |||
| key to calculate the shared secret; and | to calculate the shared secret; and | |||
| b) Only the Recipient that the entity sent the request to could | b) Only the Recipient that the entity sent the request to could | |||
| actually verify the request because it would require its own | actually verify the request because it would require its own | |||
| private key to compute the same shared secret. In the case where | private key to compute the same shared secret. In the case where | |||
| the recipient is a Certification Authority, this protects the | the recipient is a Certification Authority, this protects the | |||
| Entity from rogue CAs. | Entity from rogue CAs. | |||
| 4.1. ASN.1 Encoding | 4.1. ASN.1 Encoding | |||
| The algorithm outlined above allows for the use of an arbitrary hash | The algorithm outlined above allows for the use of an arbitrary hash | |||
| function in computing the temporary key and the MAC algorithm. In | function in computing the temporary key and the MAC algorithm. In | |||
| this specification we define object identifiers for the SHA-1, SHA- | this specification we define object identifiers for the SHA-1, | |||
| 256, SHA-384 and SHA-512 hash values and use HMAC for the MAC | SHA-256, SHA-384 and SHA-512 hash values and use HMAC for the MAC | |||
| algorithm. The ASN.1 structures associated with the static Diffie- | algorithm. The ASN.1 structures associated with the static Diffie- | |||
| Hellman POP algorithm are: | Hellman POP algorithm are: | |||
| DhSigStatic ::= SEQUENCE { | DhSigStatic ::= SEQUENCE { | |||
| issuerAndSerial IssuerAndSerialNumber OPTIONAL, | issuerAndSerial IssuerAndSerialNumber OPTIONAL, | |||
| hashValue MessageDigest | hashValue MessageDigest | |||
| } | } | |||
| sa-dhPop-static-sha1-hmac-sha1 SIGNATURE-ALGORITHM ::= { | sa-dhPop-static-sha1-hmac-sha1 SIGNATURE-ALGORITHM ::= { | |||
| IDENTIFIER id-dhPop-static-sha1-hmac-sha1 | IDENTIFIER id-dhPop-static-sha1-hmac-sha1 | |||
| skipping to change at page 9, line 44 ¶ | skipping to change at page 8, line 44 ¶ | |||
| id-pkix id-alg(6) 18 | id-pkix id-alg(6) 18 | |||
| } | } | |||
| In the above ASN.1 the following items are defined: | In the above ASN.1 the following items are defined: | |||
| DhSigStatic | DhSigStatic | |||
| This ASN.1 type structure holds the information describing the | This ASN.1 type structure holds the information describing the | |||
| signature. The structure has the following fields: | signature. The structure has the following fields: | |||
| issuerAndSerial | issuerAndSerial | |||
| This field contains the issuer name and serial number of the | This field contains the issuer name and serial number of the | |||
| certificate from which the public key was obtained. The | certificate from which the public key was obtained. The | |||
| issuerAndSerial field is omitted if the public key did not come | issuerAndSerial field is omitted if the public key did not | |||
| from a certificate. | come from a certificate. | |||
| hashValue | hashValue | |||
| This field contains the result of the MAC operation in step 3d. | This field contains the result of the MAC operation in step | |||
| 3d. | ||||
| sa-dhPop-static-sha1-hmac-sha1 | sa-dhPop-static-sha1-hmac-sha1 | |||
| An ASN.1 SIGNATURE-ALGORITHM object which associates together the | An ASN.1 SIGNATURE-ALGORITHM object which associates together the | |||
| information describing a signature algorithm. The structure | information describing a signature algorithm. The structure | |||
| DhSigStatic represents the signature value and the parameters MUST | DhSigStatic represents the signature value and the parameters MUST | |||
| be absent. | be absent. | |||
| id-dhPop-static-sha1-hmac-sha1 | id-dhPop-static-sha1-hmac-sha1 | |||
| This OID identifies the Static DH POP algorithm that uses SHA-1 as | This OID identifies the Static DH POP algorithm that uses SHA-1 as | |||
| the KDF and HMAC-SHA1 as the MAC function. The new OID was | the KDF and HMAC-SHA1 as the MAC function. The new OID was | |||
| skipping to change at page 12, line 46 ¶ | skipping to change at page 11, line 45 ¶ | |||
| 2. If L == b then m = d. | 2. If L == b then m = d. | |||
| 3. If L > b then follow steps (a) through (d) below. | 3. If L > b then follow steps (a) through (d) below. | |||
| a) Set n = FLOOR(L / b) | a) Set n = FLOOR(L / b) | |||
| b) Set m = d, the initial computed digest value. | b) Set m = d, the initial computed digest value. | |||
| c) For i = 0 to n - 1 | c) For i = 0 to n - 1 | |||
| m = m | HASH(m) | m = m | HASH(m) | |||
| d) m = LEFTMOST(m, L-1) | d) m = LEFTMOST(m, L-1) | |||
| Thus the final result of the process meets the criteria that 0 <= m < | Thus the final result of the process meets the criteria that 0 <= m < | |||
| q. | q. | |||
| 5.2. Signature Computation Algorithm | 5.2. Signature Computation Algorithm | |||
| The signature algorithm produces the pair of values (r, s), which is | The signature algorithm produces the pair of values (r, s), which is | |||
| the signature. The signature is computed as follows: | the signature. The signature is computed as follows: | |||
| skipping to change at page 17, line 29 ¶ | skipping to change at page 16, line 27 ¶ | |||
| parameters from step 1. | parameters from step 1. | |||
| For an entity E: | For an entity E: | |||
| Epriv = Entity private value | Epriv = Entity private value | |||
| Epub = ECDH public point = Epriv * G | Epub = ECDH public point = Epriv * G | |||
| 3. The POP computation process will then consist of: | 3. The POP computation process will then consist of: | |||
| a) The value to be signed (text) is obtained. (For a PKCS #10 | a) The value to be signed (text) is obtained. (For a PKCS #10 | |||
| object, the value is the DER encoded certificationRequestInfo | object, the value is the DER encoded | |||
| field represented as an octet string.) | certificationRequestInfo field represented as an octet | |||
| string.) | ||||
| b) A shared ECDH secret is computed, as follows, | b) A shared ECDH secret is computed, as follows, | |||
| shared secret point (x, y) = Epriv * Rpub = Rpriv * Epub | shared secret point (x, y) = Epriv * Rpub = Rpriv * Epub | |||
| shared secret value ZZ is the x coordinate of the computed | shared secret value ZZ is the x coordinate of the computed | |||
| point | point | |||
| c) A temporary key K is derived from the shared secret ZZ as | c) A temporary key K is derived from the shared secret ZZ as | |||
| follows: | follows: | |||
| K = KDF(LeadingInfo | ZZ | TrailingInfo) | K = KDF(LeadingInfo | ZZ | TrailingInfo) | |||
| LeadingInfo ::= Subject Distinguished Name from certificate | LeadingInfo ::= Subject Distinguished Name from certificate | |||
| TrailingInfo ::= Issuer Distinguished Name from certificate | TrailingInfo ::= Issuer Distinguished Name from certificate | |||
| d) Compute MAC(K, text). | d) Compute MAC(K, text). | |||
| The POP verification process requires the Recipient to carry out | The POP verification process requires the Recipient to carry out | |||
| steps (a) through (d) and then simply compare the result of step (d) | steps (a) through (d) and then simply compare the result of step (d) | |||
| with what it received as the signature component. If they match then | with what it received as the signature component. If they match then | |||
| the following can be concluded: | the following can be concluded: | |||
| a) The Entity possesses the private key corresponding to the public | a) The Entity possesses the private key corresponding to the public | |||
| key in the certification request because it needed the private | key in the certification request because it needed the private key | |||
| key to calculate the shared secret; and | to calculate the shared secret; and | |||
| b) Only the Recipient that the entity sent the request to could | b) Only the Recipient that the entity sent the request to could | |||
| actually verify the request because it would require its own | actually verify the request because it would require its own | |||
| private key to compute the same shared secret. In the case where | private key to compute the same shared secret. In the case where | |||
| the recipient is a Certification Authority, this protects the | the recipient is a Certification Authority, this protects the | |||
| Entity from rogue CAs. | Entity from rogue CAs. | |||
| 6.1. ASN.1 Encoding | 6.1. ASN.1 Encoding | |||
| The algorithm outlined above allows for the use of an arbitrary hash | The algorithm outlined above allows for the use of an arbitrary hash | |||
| function in computing the temporary key and the MAC value. In this | function in computing the temporary key and the MAC value. In this | |||
| specification we defined object identifiers for the SHA-1 and SHA-256 | specification we defined object identifiers for the SHA-1 and SHA-256 | |||
| hash values. The ASN.1 structures associated with the static ECDH | hash values. The ASN.1 structures associated with the static ECDH | |||
| POP algorithm are: | POP algorithm are: | |||
| id-alg-ecdhPop-static-sha224-hmac-sha224 OBJECT IDENTIFIER ::= { | id-alg-ecdhPop-static-sha224-hmac-sha224 OBJECT IDENTIFIER ::= { | |||
| skipping to change at page 20, line 12 ¶ | skipping to change at page 18, line 27 ¶ | |||
| In the above ASN.1 the following items are defined: | In the above ASN.1 the following items are defined: | |||
| sa-ecdhPop-static-sha224-hmac-sha224 | sa-ecdhPop-static-sha224-hmac-sha224 | |||
| An ASN.1 SIGNATURE-ALGORITHM object that associates together the | An ASN.1 SIGNATURE-ALGORITHM object that associates together the | |||
| information describing this signature algorithm. The structure | information describing this signature algorithm. The structure | |||
| DhSigStatic represents the signature value and the parameters MUST | DhSigStatic represents the signature value and the parameters MUST | |||
| be absent. | be absent. | |||
| id-ecdhPop-static-sha224-hmac-sha224 | id-ecdhPop-static-sha224-hmac-sha224 | |||
| This OID identifies the Static ECDH POP algorithm that uses SHA- | This OID identifies the Static ECDH POP algorithm that uses | |||
| 224 as the KDF and HMAC-SHA224 as the MAC function. | SHA-224 as the KDF and HMAC-SHA224 as the MAC function. | |||
| sa-ecdhPop-static-sha256-hmac-sha256 | sa-ecdhPop-static-sha256-hmac-sha256 | |||
| An ASN.1 SIGNATURE-ALGORITHM object that associates together the | An ASN.1 SIGNATURE-ALGORITHM object that associates together the | |||
| information describing this signature algorithm. The structure | information describing this signature algorithm. The structure | |||
| DhSigStatic represents the signature value and the parameters MUST | DhSigStatic represents the signature value and the parameters MUST | |||
| be absent. | be absent. | |||
| id-ecdhPop-static-sha256-hmac-sha256 | id-ecdhPop-static-sha256-hmac-sha256 | |||
| This OID identifies the Static ECDH POP algorithm that uses SHA- | This OID identifies the Static ECDH POP algorithm that uses | |||
| 256 as the KDF and HMAC-SHA256 as the MAC function. | SHA-256 as the KDF and HMAC-SHA256 as the MAC function. | |||
| sa-ecdhPop-static-sha384-hmac-sha384 | sa-ecdhPop-static-sha384-hmac-sha384 | |||
| An ASN.1 SIGNATURE-ALGORITHM object that associates together the | An ASN.1 SIGNATURE-ALGORITHM object that associates together the | |||
| information describing this signature algorithm. The structure | information describing this signature algorithm. The structure | |||
| DhSigStatic represents the signature value and the parameters MUST | DhSigStatic represents the signature value and the parameters MUST | |||
| be absent. | be absent. | |||
| id-ecdhPop-static-sha384-hmac-sha384 | id-ecdhPop-static-sha384-hmac-sha384 | |||
| This OID identifies the Static ECDH POP algorithm that uses SHA- | This OID identifies the Static ECDH POP algorithm that uses | |||
| 384 as the KDF and HMAC-SHA384 as the MAC function. | SHA-384 as the KDF and HMAC-SHA384 as the MAC function. | |||
| sa-ecdhPop-static-sha512-hmac-sha512 | sa-ecdhPop-static-sha512-hmac-sha512 | |||
| An ASN.1 SIGNATURE-ALGORITHM object that associates together the | An ASN.1 SIGNATURE-ALGORITHM object that associates together the | |||
| information describing this signature algorithm. The structure | information describing this signature algorithm. The structure | |||
| DhSigStatic represents the signature value and the parameters MUST | DhSigStatic represents the signature value and the parameters MUST | |||
| be absent. | be absent. | |||
| id-ecdhPop-static-sha512-hmac-sha512 | id-ecdhPop-static-sha512-hmac-sha512 | |||
| This OID identifies the Static ECDH POP algorithm that uses SHA- | This OID identifies the Static ECDH POP algorithm that uses | |||
| 512 as the KDF and HMAC-SHA512 as the MAC function. | SHA-512 as the KDF and HMAC-SHA512 as the MAC function. | |||
| 7. Security Considerations | 7. Security Considerations | |||
| None of the algorithms defined in this document are meant for use in | None of the algorithms defined in this document are meant for use in | |||
| general pupose situations. These algorithms are designed and | general purpose situations. These algorithms are designed and | |||
| purposed solely for use in doing Proof-of-Possession with PKCS#10 and | purposed solely for use in doing Proof-of-Possession with PKCS#10 and | |||
| CRMF constructs. | CRMF constructs. | |||
| In the static DH POP and static ECDH POP algorithms, an appropriate | In the static DH POP and static ECDH POP algorithms, an appropriate | |||
| value can be produced by either party. Thus these algorithms only | value can be produced by either party. Thus these algorithms only | |||
| provides integrity and not origination service. The Discrete | provide integrity and not origination service. The Discrete | |||
| Logarithm algorithm provides both integrity checking and origination | Logarithm algorithm provides both integrity checking and origination | |||
| checking. | checking. | |||
| All the security in this system is provided by the secrecy of the | All the security in this system is provided by the secrecy of the | |||
| private keying material. If either sender or recipient private keys | private keying material. If either sender or recipient private keys | |||
| are disclosed, all messages sent or received using that key are | are disclosed, all messages sent or received using that key are | |||
| compromised. Similarly, loss of the private key results in an | compromised. Similarly, loss of the private key results in an | |||
| inability to read messages sent using that key. | inability to read messages sent using that key. | |||
| Selection of parameters can be of paramount importance. In the | Selection of parameters can be of paramount importance. In the | |||
| selection of parameters one must take into account the community/ | selection of parameters one must take into account the community/ | |||
| group of entities that one wishes to be able to communicate with. In | group of entities that one wishes to be able to communicate with. In | |||
| choosing a set of parameters one must also be sure to avoid small | choosing a set of parameters one must also be sure to avoid small | |||
| groups. [FIPS-186] Appendixes 2 and 3 contain information on the | groups. [FIPS-186] Appendixes 2 and 3 contain information on the | |||
| selection of parameters for DH. [RFC6090] Section 10 contains | selection of parameters for DH. [RFC6090] Section 10 contains | |||
| information on the selection of parameter for ECC. The practices | information on the selection of parameter for ECC. The practices | |||
| outlined in these document will lead to better selection of | outlined in these documents will lead to better selection of | |||
| parameters. | parameters. | |||
| 8. IANA Considerations | 8. IANA Considerations | |||
| This document contains no IANA considerations. | This document contains no IANA considerations. | |||
| 9. References | 9. References | |||
| 9.1. Normative References | 9.1. Normative References | |||
| [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- | [RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed- | |||
| Hashing for Message Authentication", RFC 2104, | Hashing for Message Authentication", RFC 2104, February | |||
| February 1997. | 1997. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, March 1997. | Requirement Levels", BCP 14, RFC 2119, March 1997. | |||
| [RFC2631] Rescorla, E., "Diffie-Hellman Key Agreement Method", | [RFC2631] Rescorla, E., "Diffie-Hellman Key Agreement Method", RFC | |||
| RFC 2631, June 1999. | 2631, June 1999. | |||
| [RFC2986] Nystrom, M. and B. Kaliski, "PKCS #10: Certification | [RFC2986] Nystrom, M. and B. Kaliski, "PKCS #10: Certification | |||
| Request Syntax Specification Version 1.7", RFC 2986, | Request Syntax Specification Version 1.7", RFC 2986, | |||
| November 2000. | November 2000. | |||
| [RFC4231] Nystrom, M., "Identifiers and Test Vectors for HMAC-SHA- | [RFC4231] Nystrom, M., "Identifiers and Test Vectors for HMAC- | |||
| 224, HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512", | SHA-224, HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512", | |||
| RFC 4231, December 2005. | RFC 4231, December 2005. | |||
| [RFC6234] Eastlake, D. and T. Hansen, "US Secure Hash Algorithms | [RFC6234] Eastlake, D. and T. Hansen, "US Secure Hash Algorithms | |||
| (SHA and SHA-based HMAC and HKDF)", RFC 6234, May 2011. | (SHA and SHA-based HMAC and HKDF)", RFC 6234, May 2011. | |||
| 9.2. Informative References | 9.2. Informative References | |||
| [CRMF] Schaad, J., "Internet X.509 Public Key Infrastructure | [CRMF] Schaad, J., "Internet X.509 Public Key Infrastructure | |||
| Certificate Request Message Format (CRMF)", RFC 4211, | Certificate Request Message Format (CRMF)", RFC 4211, | |||
| September 2005. | September 2005. | |||
| [FIPS-186] | [FIPS-186] | |||
| "Digital Signature Standard", Federal Information | , "Digital Signature Standard", Federal Information | |||
| Processing Standards Publication 186, May 1994. | Processing Standards Publication 186, May 1994. | |||
| [RFC2875] Prafullchandra, H. and J. Schaad, "Diffie-Hellman Proof- | [RFC2875] Prafullchandra, H. and J. Schaad, "Diffie-Hellman Proof- | |||
| of-Possession Algorithms", RFC 2875, July 2000. | of-Possession Algorithms", RFC 2875, July 2000. | |||
| [RFC3279] Bassham, L., Polk, W., and R. Housley, "Algorithms and | [RFC3279] Bassham, L., Polk, W., and R. Housley, "Algorithms and | |||
| Identifiers for the Internet X.509 Public Key | Identifiers for the Internet X.509 Public Key | |||
| Infrastructure Certificate and Certificate Revocation List | Infrastructure Certificate and Certificate Revocation List | |||
| (CRL) Profile", RFC 3279, April 2002. | (CRL) Profile", RFC 3279, April 2002. | |||
| skipping to change at page 29, line 19 ¶ | skipping to change at page 27, line 37 ¶ | |||
| Appendix B. Example of Static DH Proof-of-Possession | Appendix B. Example of Static DH Proof-of-Possession | |||
| The following example follows the steps described earlier in section | The following example follows the steps described earlier in section | |||
| 4. | 4. | |||
| Step 1: Establishing common Diffie-Hellman parameters. Assume the | Step 1: Establishing common Diffie-Hellman parameters. Assume the | |||
| parameters are as in the DER encoded certificate. The certificate | parameters are as in the DER encoded certificate. The certificate | |||
| contains a DH public key signed by a CA with a DSA signing key. | contains a DH public key signed by a CA with a DSA signing key. | |||
| 0 30 939: SEQUENCE { | 0 30 939: SEQUENCE { | |||
| 4 30 872: SEQUENCE { | 4 30 872: SEQUENCE { | |||
| 8 A0 3: [0] { | 8 A0 3: [0] { | |||
| 10 02 1: INTEGER 2 | 10 02 1: INTEGER 2 | |||
| : } | : } | |||
| 13 02 6: INTEGER | 13 02 6: INTEGER | |||
| : 00 DA 39 B6 E2 CB | : 00 DA 39 B6 E2 CB | |||
| 21 30 11: SEQUENCE { | 21 30 11: SEQUENCE { | |||
| 23 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) | 23 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) | |||
| 32 05 0: NULL | 32 05 0: NULL | |||
| : } | : } | |||
| 34 30 72: SEQUENCE { | 34 30 72: SEQUENCE { | |||
| 36 31 11: SET { | 36 31 11: SET { | |||
| 38 30 9: SEQUENCE { | 38 30 9: SEQUENCE { | |||
| 40 06 3: OBJECT IDENTIFIER countryName (2 5 4 6) | 40 06 3: OBJECT IDENTIFIER countryName (2 5 4 6) | |||
| 45 13 2: PrintableString 'US' | 45 13 2: PrintableString 'US' | |||
| : } | : } | |||
| : } | : } | |||
| 49 31 17: SET { | 49 31 17: SET { | |||
| 51 30 15: SEQUENCE { | 51 30 15: SEQUENCE { | |||
| 53 06 3: OBJECT IDENTIFIER organizationName (2 5 4 10) | 53 06 3: OBJECT IDENTIFIER organizationName (2 5 4 10) | |||
| 58 13 8: PrintableString 'XETI Inc' | 58 13 8: PrintableString 'XETI Inc' | |||
| : } | : } | |||
| : } | : } | |||
| 68 31 16: SET { | 68 31 16: SET { | |||
| 70 30 14: SEQUENCE { | 70 30 14: SEQUENCE { | |||
| 72 06 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 | 72 06 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 | |||
| 11) | 11) | |||
| 77 13 7: PrintableString 'Testing' | 77 13 7: PrintableString 'Testing' | |||
| : } | : } | |||
| : } | : } | |||
| 86 31 20: SET { | 86 31 20: SET { | |||
| 88 30 18: SEQUENCE { | 88 30 18: SEQUENCE { | |||
| 90 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) | 90 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) | |||
| 95 13 11: PrintableString 'Root DSA CA' | 95 13 11: PrintableString 'Root DSA CA' | |||
| : } | : } | |||
| : } | : } | |||
| : } | : } | |||
| 108 30 30: SEQUENCE { | 108 30 30: SEQUENCE { | |||
| 110 17 13: UTCTime '990914010557Z' | 110 17 13: UTCTime '990914010557Z' | |||
| 125 17 13: UTCTime '991113010557Z' | 125 17 13: UTCTime '991113010557Z' | |||
| : } | : } | |||
| 140 30 70: SEQUENCE { | 140 30 70: SEQUENCE { | |||
| 142 31 11: SET { | 142 31 11: SET { | |||
| 144 30 9: SEQUENCE { | 144 30 9: SEQUENCE { | |||
| 146 06 3: OBJECT IDENTIFIER countryName (2 5 4 6) | 146 06 3: OBJECT IDENTIFIER countryName (2 5 4 6) | |||
| 151 13 2: PrintableString 'US' | 151 13 2: PrintableString 'US' | |||
| : } | : } | |||
| : } | : } | |||
| 155 31 17: SET { | 155 31 17: SET { | |||
| 157 30 15: SEQUENCE { | 157 30 15: SEQUENCE { | |||
| 159 06 3: OBJECT IDENTIFIER organizationName (2 5 4 10) | 159 06 3: OBJECT IDENTIFIER organizationName (2 5 4 10) | |||
| 164 13 8: PrintableString 'XETI Inc' | 164 13 8: PrintableString 'XETI Inc' | |||
| : } | : } | |||
| : } | : } | |||
| 174 31 16: SET { | 174 31 16: SET { | |||
| 176 30 14: SEQUENCE { | 176 30 14: SEQUENCE { | |||
| 178 06 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 | 178 06 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 | |||
| 11) | 11) | |||
| 183 13 7: PrintableString 'Testing' | 183 13 7: PrintableString 'Testing' | |||
| : } | : } | |||
| : } | : } | |||
| 192 31 18: SET { | 192 31 18: SET { | |||
| 194 30 16: SEQUENCE { | 194 30 16: SEQUENCE { | |||
| 196 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) | 196 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) | |||
| 201 13 9: PrintableString 'DH TestCA' | 201 13 9: PrintableString 'DH TestCA' | |||
| : } | : } | |||
| : } | : } | |||
| : } | : } | |||
| 212 30 577: SEQUENCE { | 212 30 577: SEQUENCE { | |||
| 216 30 438: SEQUENCE { | 216 30 438: SEQUENCE { | |||
| 220 06 7: OBJECT IDENTIFIER dhPublicKey (1 2 840 10046 2 1) | 220 06 7: OBJECT IDENTIFIER dhPublicKey (1 2 840 10046 2 1) | |||
| 229 30 425: SEQUENCE { | 229 30 425: SEQUENCE { | |||
| 233 02 129: INTEGER | 233 02 129: INTEGER | |||
| : 00 94 84 E0 45 6C 7F 69 51 62 3E 56 80 7C 68 E7 | : 00 94 84 E0 45 6C 7F 69 51 62 3E 56 80 7C 68 E7 | |||
| : C5 A9 9E 9E 74 74 94 ED 90 8C 1D C4 E1 4A 14 82 | : C5 A9 9E 9E 74 74 94 ED 90 8C 1D C4 E1 4A 14 82 | |||
| : F5 D2 94 0C 19 E3 B9 10 BB 11 B9 E5 A5 FB 8E 21 | : F5 D2 94 0C 19 E3 B9 10 BB 11 B9 E5 A5 FB 8E 21 | |||
| : 51 63 02 86 AA 06 B8 21 36 B6 7F 36 DF D1 D6 68 | : 51 63 02 86 AA 06 B8 21 36 B6 7F 36 DF D1 D6 68 | |||
| : 5B 79 7C 1D 5A 14 75 1F 6A 93 75 93 CE BB 97 72 | : 5B 79 7C 1D 5A 14 75 1F 6A 93 75 93 CE BB 97 72 | |||
| : 8A F0 0F 23 9D 47 F6 D4 B3 C7 F0 F4 E6 F6 2B C2 | : 8A F0 0F 23 9D 47 F6 D4 B3 C7 F0 F4 E6 F6 2B C2 | |||
| : 32 E1 89 67 BE 7E 06 AE F8 D0 01 6B 8B 2A F5 02 | : 32 E1 89 67 BE 7E 06 AE F8 D0 01 6B 8B 2A F5 02 | |||
| : D7 B6 A8 63 94 83 B0 1B 31 7D 52 1A DE E5 03 85 | : D7 B6 A8 63 94 83 B0 1B 31 7D 52 1A DE E5 03 85 | |||
| : 27 | : 27 | |||
| 365 02 128: INTEGER | 365 02 128: INTEGER | |||
| : 26 A6 32 2C 5A 2B D4 33 2B 5C DC 06 87 53 3F 90 | : 26 A6 32 2C 5A 2B D4 33 2B 5C DC 06 87 53 3F 90 | |||
| : 06 61 50 38 3E D2 B9 7D 81 1C 12 10 C5 0C 53 D4 | : 06 61 50 38 3E D2 B9 7D 81 1C 12 10 C5 0C 53 D4 | |||
| : 64 D1 8E 30 07 08 8C DD 3F 0A 2F 2C D6 1B 7F 57 | : 64 D1 8E 30 07 08 8C DD 3F 0A 2F 2C D6 1B 7F 57 | |||
| : 86 D0 DA BB 6E 36 2A 18 E8 D3 BC 70 31 7A 48 B6 | : 86 D0 DA BB 6E 36 2A 18 E8 D3 BC 70 31 7A 48 B6 | |||
| : 4E 18 6E DD 1F 22 06 EB 3F EA D4 41 69 D9 9B DE | : 4E 18 6E DD 1F 22 06 EB 3F EA D4 41 69 D9 9B DE | |||
| : 47 95 7A 72 91 D2 09 7F 49 5C 3B 03 33 51 C8 F1 | : 47 95 7A 72 91 D2 09 7F 49 5C 3B 03 33 51 C8 F1 | |||
| : 39 9A FF 04 D5 6E 7E 94 3D 03 B8 F6 31 15 26 48 | : 39 9A FF 04 D5 6E 7E 94 3D 03 B8 F6 31 15 26 48 | |||
| : 95 A8 5C DE 47 88 B4 69 3A 00 A7 86 9E DA D1 CD | : 95 A8 5C DE 47 88 B4 69 3A 00 A7 86 9E DA D1 CD | |||
| 496 02 33: INTEGER | 496 02 33: INTEGER | |||
| : 00 E8 72 FA 96 F0 11 40 F5 F2 DC FD 3B 5D 78 94 | : 00 E8 72 FA 96 F0 11 40 F5 F2 DC FD 3B 5D 78 94 | |||
| : B1 85 01 E5 69 37 21 F7 25 B9 BA 71 4A FC 60 30 | : B1 85 01 E5 69 37 21 F7 25 B9 BA 71 4A FC 60 30 | |||
| : FB | : FB | |||
| 531 02 97: INTEGER | 531 02 97: INTEGER | |||
| : 00 A3 91 01 C0 A8 6E A4 4D A0 56 FC 6C FE 1F A7 | : 00 A3 91 01 C0 A8 6E A4 4D A0 56 FC 6C FE 1F A7 | |||
| : B0 CD 0F 94 87 0C 25 BE 97 76 8D EB E5 A4 09 5D | : B0 CD 0F 94 87 0C 25 BE 97 76 8D EB E5 A4 09 5D | |||
| : AB 83 CD 80 0B 35 67 7F 0C 8E A7 31 98 32 85 39 | : AB 83 CD 80 0B 35 67 7F 0C 8E A7 31 98 32 85 39 | |||
| : 40 9D 11 98 D8 DE B8 7F 86 9B AF 8D 67 3D B6 76 | : 40 9D 11 98 D8 DE B8 7F 86 9B AF 8D 67 3D B6 76 | |||
| : B4 61 2F 21 E1 4B 0E 68 FF 53 3E 87 DD D8 71 56 | : B4 61 2F 21 E1 4B 0E 68 FF 53 3E 87 DD D8 71 56 | |||
| : 68 47 DC F7 20 63 4B 3C 5F 78 71 83 E6 70 9E E2 | : 68 47 DC F7 20 63 4B 3C 5F 78 71 83 E6 70 9E E2 | |||
| : 92 | : 92 | |||
| 630 30 26: SEQUENCE { | 630 30 26: SEQUENCE { | |||
| 632 03 21: BIT STRING 0 unused bits | 632 03 21: BIT STRING 0 unused bits | |||
| : 1C D5 3A 0D 17 82 6D 0A 81 75 81 46 10 8E 3E DB | : 1C D5 3A 0D 17 82 6D 0A 81 75 81 46 10 8E 3E DB | |||
| : 09 E4 98 34 | : 09 E4 98 34 | |||
| 655 02 1: INTEGER 55 | 655 02 1: INTEGER 55 | |||
| : } | : } | |||
| : } | : } | |||
| : } | : } | |||
| 658 03 132: BIT STRING 0 unused bits | 658 03 132: BIT STRING 0 unused bits | |||
| : 02 81 80 5F CF 39 AD 62 CF 49 8E D1 CE 66 E2 B1 | : 02 81 80 5F CF 39 AD 62 CF 49 8E D1 CE 66 E2 B1 | |||
| : E6 A7 01 4D 05 C2 77 C8 92 52 42 A9 05 A4 DB E0 | : E6 A7 01 4D 05 C2 77 C8 92 52 42 A9 05 A4 DB E0 | |||
| : 46 79 50 A3 FC 99 3D 3D A6 9B A9 AD BC 62 1C 69 | : 46 79 50 A3 FC 99 3D 3D A6 9B A9 AD BC 62 1C 69 | |||
| : B7 11 A1 C0 2A F1 85 28 F7 68 FE D6 8F 31 56 22 | : B7 11 A1 C0 2A F1 85 28 F7 68 FE D6 8F 31 56 22 | |||
| : 4D 0A 11 6E 72 3A 02 AF 0E 27 AA F9 ED CE 05 EF | : 4D 0A 11 6E 72 3A 02 AF 0E 27 AA F9 ED CE 05 EF | |||
| : D8 59 92 C0 18 D7 69 6E BD 70 B6 21 D1 77 39 21 | : D8 59 92 C0 18 D7 69 6E BD 70 B6 21 D1 77 39 21 | |||
| : E1 AF 7A 3A CF 20 0A B4 2C 69 5F CF 79 67 20 31 | : E1 AF 7A 3A CF 20 0A B4 2C 69 5F CF 79 67 20 31 | |||
| : 4D F2 C6 ED 23 BF C4 BB 1E D1 71 40 2C 07 D6 F0 | : 4D F2 C6 ED 23 BF C4 BB 1E D1 71 40 2C 07 D6 F0 | |||
| : 8F C5 1A | : 8F C5 1A | |||
| : } | : } | |||
| 793 A3 85: [3] { | 793 A3 85: [3] { | |||
| 795 30 83: SEQUENCE { | 795 30 83: SEQUENCE { | |||
| 797 30 29: SEQUENCE { | 797 30 29: SEQUENCE { | |||
| 799 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) | 799 06 3: OBJECT IDENTIFIER subjectKeyIdentifier (2 5 29 14) | |||
| 804 04 22: OCTET STRING | 804 04 22: OCTET STRING | |||
| : 04 14 80 DF 59 88 BF EB 17 E1 AD 5E C6 40 A3 42 | : 04 14 80 DF 59 88 BF EB 17 E1 AD 5E C6 40 A3 42 | |||
| : E5 AC D3 B4 88 78 | : E5 AC D3 B4 88 78 | |||
| : } | : } | |||
| 828 30 34: SEQUENCE { | 828 30 34: SEQUENCE { | |||
| 830 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 | 830 06 3: OBJECT IDENTIFIER authorityKeyIdentifier (2 5 29 | |||
| 35) | 35) | |||
| 835 01 1: BOOLEAN TRUE | 835 01 1: BOOLEAN TRUE | |||
| 838 04 24: OCTET STRING | 838 04 24: OCTET STRING | |||
| : 30 16 80 14 6A 23 37 55 B9 FD 81 EA E8 4E D3 C9 | : 30 16 80 14 6A 23 37 55 B9 FD 81 EA E8 4E D3 C9 | |||
| : B7 09 E5 7B 06 E3 68 AA | : B7 09 E5 7B 06 E3 68 AA | |||
| : } | : } | |||
| 864 30 14: SEQUENCE { | 864 30 14: SEQUENCE { | |||
| 866 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) | 866 06 3: OBJECT IDENTIFIER keyUsage (2 5 29 15) | |||
| 871 01 1: BOOLEAN TRUE | 871 01 1: BOOLEAN TRUE | |||
| 874 04 4: OCTET STRING | 874 04 4: OCTET STRING | |||
| : 03 02 03 08 | : 03 02 03 08 | |||
| : } | : } | |||
| : } | : } | |||
| : } | : } | |||
| : } | : } | |||
| 880 30 11: SEQUENCE { | 880 30 11: SEQUENCE { | |||
| 882 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) | 882 06 7: OBJECT IDENTIFIER dsaWithSha1 (1 2 840 10040 4 3) | |||
| 891 05 0: NULL | 891 05 0: NULL | |||
| : } | : } | |||
| 893 03 48: BIT STRING 0 unused bits | 893 03 48: BIT STRING 0 unused bits | |||
| : 30 2D 02 14 7C 6D D2 CA 1E 32 D1 30 2E 29 66 BC | : 30 2D 02 14 7C 6D D2 CA 1E 32 D1 30 2E 29 66 BC | |||
| : 06 8B 60 C7 61 16 3B CA 02 15 00 8A 18 DD C1 83 | : 06 8B 60 C7 61 16 3B CA 02 15 00 8A 18 DD C1 83 | |||
| : 58 29 A2 8A 67 64 03 92 AB 02 CE 00 B5 94 6A | : 58 29 A2 8A 67 64 03 92 AB 02 CE 00 B5 94 6A | |||
| : } | : } | |||
| Step 2. End Entity/User generates a Diffie-Hellman key-pair using | Step 2. End Entity/User generates a Diffie-Hellman key-pair using | |||
| the parameters from the CA certificate. | the parameters from the CA certificate. | |||
| EE DH public key: | EE DH public key: | |||
| Y: 13 63 A1 85 04 8C 46 A8 88 EB F4 5E A8 93 74 AE | Y: 13 63 A1 85 04 8C 46 A8 88 EB F4 5E A8 93 74 AE | |||
| FD AE 9E 96 27 12 65 C4 4C 07 06 3E 18 FE 94 B8 | FD AE 9E 96 27 12 65 C4 4C 07 06 3E 18 FE 94 B8 | |||
| A8 79 48 BD 2E 34 B6 47 CA 04 30 A1 EC 33 FD 1A | A8 79 48 BD 2E 34 B6 47 CA 04 30 A1 EC 33 FD 1A | |||
| 0B 2D 9E 50 C9 78 0F AE 6A EC B5 6B 6A BE B2 5C | 0B 2D 9E 50 C9 78 0F AE 6A EC B5 6B 6A BE B2 5C | |||
| DA B2 9F 78 2C B9 77 E2 79 2B 25 BF 2E 0B 59 4A | DA B2 9F 78 2C B9 77 E2 79 2B 25 BF 2E 0B 59 4A | |||
| 93 4B F8 B3 EC 81 34 AE 97 47 52 E0 A8 29 98 EC | 93 4B F8 B3 EC 81 34 AE 97 47 52 E0 A8 29 98 EC | |||
| D1 B0 CA 2B 6F 7A 8B DB 4E 8D A5 15 7E 7E AF 33 | D1 B0 CA 2B 6F 7A 8B DB 4E 8D A5 15 7E 7E AF 33 | |||
| 62 09 9E 0F 11 44 8C C1 8D A2 11 9E 53 EF B2 E8 | 62 09 9E 0F 11 44 8C C1 8D A2 11 9E 53 EF B2 E8 | |||
| EE DH private key: | EE DH private key: | |||
| X: 32 CC BD B4 B7 7C 44 26 BB 3C 83 42 6E 7D 1B 00 | X: 32 CC BD B4 B7 7C 44 26 BB 3C 83 42 6E 7D 1B 00 | |||
| 86 35 09 71 07 A0 A4 76 B8 DB 5F EC 00 CE 6F C3 | 86 35 09 71 07 A0 A4 76 B8 DB 5F EC 00 CE 6F C3 | |||
| Step 3. Compute K and the signature. | Step 3. Compute the shared secret ZZ | |||
| 56 b6 01 39 42 8e 09 16 30 b0 31 4d 12 90 af 03 | ||||
| c7 92 65 c2 9c ba 88 bb 0a d5 94 02 ed 6f 54 cb | ||||
| 22 e5 94 b4 d6 60 72 bc f6 a5 2b 18 8d df 28 72 | ||||
| ac e0 41 dd 3b 03 2a 12 9e 5d bd 72 a0 1e fb 6b | ||||
| ee c5 b2 16 59 ee 12 00 3b c8 e0 cb c5 08 8e 2d | ||||
| 40 5f 2d 37 62 8c 4f bb 49 76 69 3c 9e fc 2c f7 | ||||
| f9 50 c1 b9 f7 01 32 4c 96 b9 c3 56 c0 2c 1b 77 | ||||
| 3f 2f 36 e8 22 c8 2e 07 76 d0 4f 7f aa d5 c0 59 | ||||
| Step 4. Compute K and the signature. | ||||
| LeadingInfo: DER encoded Subject/Requestor DN (as in the generated | LeadingInfo: DER encoded Subject/Requestor DN (as in the generated | |||
| Certificate Signing Request) | Certificate Signing Request) | |||
| 30 46 31 0B 30 09 06 03 55 04 06 13 02 55 53 31 | 30 46 31 0B 30 09 06 03 55 04 06 13 02 55 53 31 | |||
| 11 30 0F 06 03 55 04 0A 13 08 58 45 54 49 20 49 | 11 30 0F 06 03 55 04 0A 13 08 58 45 54 49 20 49 | |||
| 6E 63 31 10 30 0E 06 03 55 04 0B 13 07 54 65 73 | 6E 63 31 10 30 0E 06 03 55 04 0B 13 07 54 65 73 | |||
| 74 69 6E 67 31 12 30 10 06 03 55 04 03 13 09 44 | 74 69 6E 67 31 12 30 10 06 03 55 04 03 13 09 44 | |||
| 48 20 54 65 73 74 43 41 | 48 20 54 65 73 74 43 41 | |||
| TrailingInfo: DER encoded Issuer/Recipient DN (from the certificate | TrailingInfo: DER encoded Issuer/Recipient DN (from the certificate | |||
| described in step 1) | described in step 1) | |||
| 30 48 31 0B 30 09 06 03 55 04 06 13 02 55 53 31 | ||||
| 11 30 0F 06 03 55 04 0A 13 08 58 45 54 49 20 49 | ||||
| 6E 63 31 10 30 0E 06 03 55 04 0B 13 07 54 65 73 | ||||
| 74 69 6E 67 31 14 30 12 06 03 55 04 03 13 0B 52 | ||||
| 6F 6F 74 20 44 53 41 20 43 41 | ||||
| 30 48 31 0B 30 09 06 03 55 04 06 13 02 55 53 31 | K: | |||
| 11 30 0F 06 03 55 04 0A 13 08 58 45 54 49 20 49 | B1 91 D7 DB 4F C5 EF EF AC 9A C5 44 5A 6D 42 28 | |||
| 6E 63 31 10 30 0E 06 03 55 04 0B 13 07 54 65 73 | DC 70 7B DA | |||
| 74 69 6E 67 31 14 30 12 06 03 55 04 03 13 0B 52 | ||||
| 6F 6F 74 20 44 53 41 20 43 41 | ||||
| K: | ||||
| B1 91 D7 DB 4F C5 EF EF AC 9A C5 44 5A 6D 42 28 | ||||
| DC 70 7B DA | ||||
| TBS: the "text" for computing the SHA-1 HMAC. | TBS: the "text" for computing the SHA-1 HMAC. | |||
| 30 82 02 98 02 01 00 30 4E 31 0B 30 09 06 03 55 | 30 82 02 98 02 01 00 30 4E 31 0B 30 09 06 03 55 | |||
| 04 06 13 02 55 53 31 11 30 0F 06 03 55 04 0A 13 | 04 06 13 02 55 53 31 11 30 0F 06 03 55 04 0A 13 | |||
| 08 58 45 54 49 20 49 6E 63 31 10 30 0E 06 03 55 | 08 58 45 54 49 20 49 6E 63 31 10 30 0E 06 03 55 | |||
| 04 0B 13 07 54 65 73 74 69 6E 67 31 1A 30 18 06 | 04 0B 13 07 54 65 73 74 69 6E 67 31 1A 30 18 06 | |||
| 03 55 04 03 13 11 50 4B 49 58 20 45 78 61 6D 70 | 03 55 04 03 13 11 50 4B 49 58 20 45 78 61 6D 70 | |||
| 6C 65 20 55 73 65 72 30 82 02 41 30 82 01 B6 06 | 6C 65 20 55 73 65 72 30 82 02 41 30 82 01 B6 06 | |||
| 07 2A 86 48 CE 3E 02 01 30 82 01 A9 02 81 81 00 | 07 2A 86 48 CE 3E 02 01 30 82 01 A9 02 81 81 00 | |||
| 94 84 E0 45 6C 7F 69 51 62 3E 56 80 7C 68 E7 C5 | 94 84 E0 45 6C 7F 69 51 62 3E 56 80 7C 68 E7 C5 | |||
| A9 9E 9E 74 74 94 ED 90 8C 1D C4 E1 4A 14 82 F5 | A9 9E 9E 74 74 94 ED 90 8C 1D C4 E1 4A 14 82 F5 | |||
| D2 94 0C 19 E3 B9 10 BB 11 B9 E5 A5 FB 8E 21 51 | D2 94 0C 19 E3 B9 10 BB 11 B9 E5 A5 FB 8E 21 51 | |||
| 63 02 86 AA 06 B8 21 36 B6 7F 36 DF D1 D6 68 5B | 63 02 86 AA 06 B8 21 36 B6 7F 36 DF D1 D6 68 5B | |||
| 79 7C 1D 5A 14 75 1F 6A 93 75 93 CE BB 97 72 8A | 79 7C 1D 5A 14 75 1F 6A 93 75 93 CE BB 97 72 8A | |||
| F0 0F 23 9D 47 F6 D4 B3 C7 F0 F4 E6 F6 2B C2 32 | F0 0F 23 9D 47 F6 D4 B3 C7 F0 F4 E6 F6 2B C2 32 | |||
| E1 89 67 BE 7E 06 AE F8 D0 01 6B 8B 2A F5 02 D7 | E1 89 67 BE 7E 06 AE F8 D0 01 6B 8B 2A F5 02 D7 | |||
| B6 A8 63 94 83 B0 1B 31 7D 52 1A DE E5 03 85 27 | B6 A8 63 94 83 B0 1B 31 7D 52 1A DE E5 03 85 27 | |||
| 02 81 80 26 A6 32 2C 5A 2B D4 33 2B 5C DC 06 87 | 02 81 80 26 A6 32 2C 5A 2B D4 33 2B 5C DC 06 87 | |||
| 53 3F 90 06 61 50 38 3E D2 B9 7D 81 1C 12 10 C5 | 53 3F 90 06 61 50 38 3E D2 B9 7D 81 1C 12 10 C5 | |||
| 0C 53 D4 64 D1 8E 30 07 08 8C DD 3F 0A 2F 2C D6 | 0C 53 D4 64 D1 8E 30 07 08 8C DD 3F 0A 2F 2C D6 | |||
| 1B 7F 57 86 D0 DA BB 6E 36 2A 18 E8 D3 BC 70 31 | 1B 7F 57 86 D0 DA BB 6E 36 2A 18 E8 D3 BC 70 31 | |||
| 7A 48 B6 4E 18 6E DD 1F 22 06 EB 3F EA D4 41 69 | 7A 48 B6 4E 18 6E DD 1F 22 06 EB 3F EA D4 41 69 | |||
| D9 9B DE 47 95 7A 72 91 D2 09 7F 49 5C 3B 03 33 | D9 9B DE 47 95 7A 72 91 D2 09 7F 49 5C 3B 03 33 | |||
| 51 C8 F1 39 9A FF 04 D5 6E 7E 94 3D 03 B8 F6 31 | 51 C8 F1 39 9A FF 04 D5 6E 7E 94 3D 03 B8 F6 31 | |||
| 15 26 48 95 A8 5C DE 47 88 B4 69 3A 00 A7 86 9E | 15 26 48 95 A8 5C DE 47 88 B4 69 3A 00 A7 86 9E | |||
| DA D1 CD 02 21 00 E8 72 FA 96 F0 11 40 F5 F2 DC | DA D1 CD 02 21 00 E8 72 FA 96 F0 11 40 F5 F2 DC | |||
| FD 3B 5D 78 94 B1 85 01 E5 69 37 21 F7 25 B9 BA | FD 3B 5D 78 94 B1 85 01 E5 69 37 21 F7 25 B9 BA | |||
| 71 4A FC 60 30 FB 02 61 00 A3 91 01 C0 A8 6E A4 | 71 4A FC 60 30 FB 02 61 00 A3 91 01 C0 A8 6E A4 | |||
| 4D A0 56 FC 6C FE 1F A7 B0 CD 0F 94 87 0C 25 BE | 4D A0 56 FC 6C FE 1F A7 B0 CD 0F 94 87 0C 25 BE | |||
| 97 76 8D EB E5 A4 09 5D AB 83 CD 80 0B 35 67 7F | 97 76 8D EB E5 A4 09 5D AB 83 CD 80 0B 35 67 7F | |||
| 0C 8E A7 31 98 32 85 39 40 9D 11 98 D8 DE B8 7F | 0C 8E A7 31 98 32 85 39 40 9D 11 98 D8 DE B8 7F | |||
| 86 9B AF 8D 67 3D B6 76 B4 61 2F 21 E1 4B 0E 68 | 86 9B AF 8D 67 3D B6 76 B4 61 2F 21 E1 4B 0E 68 | |||
| FF 53 3E 87 DD D8 71 56 68 47 DC F7 20 63 4B 3C | FF 53 3E 87 DD D8 71 56 68 47 DC F7 20 63 4B 3C | |||
| 5F 78 71 83 E6 70 9E E2 92 30 1A 03 15 00 1C D5 | 5F 78 71 83 E6 70 9E E2 92 30 1A 03 15 00 1C D5 | |||
| 3A 0D 17 82 6D 0A 81 75 81 46 10 8E 3E DB 09 E4 | 3A 0D 17 82 6D 0A 81 75 81 46 10 8E 3E DB 09 E4 | |||
| 98 34 02 01 37 03 81 84 00 02 81 80 13 63 A1 85 | 98 34 02 01 37 03 81 84 00 02 81 80 13 63 A1 85 | |||
| 04 8C 46 A8 88 EB F4 5E A8 93 74 AE FD AE 9E 96 | 04 8C 46 A8 88 EB F4 5E A8 93 74 AE FD AE 9E 96 | |||
| 27 12 65 C4 4C 07 06 3E 18 FE 94 B8 A8 79 48 BD | 27 12 65 C4 4C 07 06 3E 18 FE 94 B8 A8 79 48 BD | |||
| 2E 34 B6 47 CA 04 30 A1 EC 33 FD 1A 0B 2D 9E 50 | 2E 34 B6 47 CA 04 30 A1 EC 33 FD 1A 0B 2D 9E 50 | |||
| C9 78 0F AE 6A EC B5 6B 6A BE B2 5C DA B2 9F 78 | C9 78 0F AE 6A EC B5 6B 6A BE B2 5C DA B2 9F 78 | |||
| 2C B9 77 E2 79 2B 25 BF 2E 0B 59 4A 93 4B F8 B3 | 2C B9 77 E2 79 2B 25 BF 2E 0B 59 4A 93 4B F8 B3 | |||
| EC 81 34 AE 97 47 52 E0 A8 29 98 EC D1 B0 CA 2B | EC 81 34 AE 97 47 52 E0 A8 29 98 EC D1 B0 CA 2B | |||
| 6F 7A 8B DB 4E 8D A5 15 7E 7E AF 33 62 09 9E 0F | 6F 7A 8B DB 4E 8D A5 15 7E 7E AF 33 62 09 9E 0F | |||
| 11 44 8C C1 8D A2 11 9E 53 EF B2 E8 | 11 44 8C C1 8D A2 11 9E 53 EF B2 E8 | |||
| Certification Request: | Certification Request: | |||
| 0 30 793: SEQUENCE { | 0 30 793: SEQUENCE { | |||
| 4 30 664: SEQUENCE { | 4 30 664: SEQUENCE { | |||
| 8 02 1: INTEGER 0 | 8 02 1: INTEGER 0 | |||
| 11 30 78: SEQUENCE { | ||||
| 11 30 78: SEQUENCE { | 13 31 11: SET { | |||
| 13 31 11: SET { | 15 30 9: SEQUENCE { | |||
| 15 30 9: SEQUENCE { | 17 06 3: OBJECT IDENTIFIER countryName (2 5 4 6) | |||
| 17 06 3: OBJECT IDENTIFIER countryName (2 5 4 6) | 22 13 2: PrintableString 'US' | |||
| 22 13 2: PrintableString 'US' | : } | |||
| : } | : } | |||
| : } | 26 31 17: SET { | |||
| 26 31 17: SET { | 28 30 15: SEQUENCE { | |||
| 28 30 15: SEQUENCE { | 30 06 3: OBJECT IDENTIFIER organizationName (2 5 4 10) | |||
| 30 06 3: OBJECT IDENTIFIER organizationName (2 5 4 10) | 35 13 8: PrintableString 'XETI Inc' | |||
| 35 13 8: PrintableString 'XETI Inc' | : } | |||
| : } | : } | |||
| : } | 45 31 16: SET { | |||
| 45 31 16: SET { | 47 30 14: SEQUENCE { | |||
| 47 30 14: SEQUENCE { | 49 06 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 | |||
| 49 06 3: OBJECT IDENTIFIER organizationalUnitName (2 5 4 | 11) | |||
| 11) | 54 13 7: PrintableString 'Testing' | |||
| 54 13 7: PrintableString 'Testing' | : } | |||
| : } | : } | |||
| : } | 63 31 26: SET { | |||
| 63 31 26: SET { | 65 30 24: SEQUENCE { | |||
| 65 30 24: SEQUENCE { | 67 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) | |||
| 67 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) | 72 13 17: PrintableString 'PKIX Example User' | |||
| 72 13 17: PrintableString 'PKIX Example User' | : } | |||
| : } | : } | |||
| : } | : } | |||
| : } | 91 30 577: SEQUENCE { | |||
| 91 30 577: SEQUENCE { | 95 30 438: SEQUENCE { | |||
| 95 30 438: SEQUENCE { | 99 06 7: OBJECT IDENTIFIER dhPublicKey (1 2 840 10046 2 1) | |||
| 99 06 7: OBJECT IDENTIFIER dhPublicKey (1 2 840 10046 2 1) | 108 30 425: SEQUENCE { | |||
| 108 30 425: SEQUENCE { | 112 02 129: INTEGER | |||
| 112 02 129: INTEGER | : 00 94 84 E0 45 6C 7F 69 51 62 3E 56 80 7C 68 E7 | |||
| : 00 94 84 E0 45 6C 7F 69 51 62 3E 56 80 7C 68 E7 | : C5 A9 9E 9E 74 74 94 ED 90 8C 1D C4 E1 4A 14 82 | |||
| : C5 A9 9E 9E 74 74 94 ED 90 8C 1D C4 E1 4A 14 82 | : F5 D2 94 0C 19 E3 B9 10 BB 11 B9 E5 A5 FB 8E 21 | |||
| : F5 D2 94 0C 19 E3 B9 10 BB 11 B9 E5 A5 FB 8E 21 | : 51 63 02 86 AA 06 B8 21 36 B6 7F 36 DF D1 D6 68 | |||
| : 51 63 02 86 AA 06 B8 21 36 B6 7F 36 DF D1 D6 68 | : 5B 79 7C 1D 5A 14 75 1F 6A 93 75 93 CE BB 97 72 | |||
| : 5B 79 7C 1D 5A 14 75 1F 6A 93 75 93 CE BB 97 72 | : 8A F0 0F 23 9D 47 F6 D4 B3 C7 F0 F4 E6 F6 2B C2 | |||
| : 8A F0 0F 23 9D 47 F6 D4 B3 C7 F0 F4 E6 F6 2B C2 | : 32 E1 89 67 BE 7E 06 AE F8 D0 01 6B 8B 2A F5 02 | |||
| : 32 E1 89 67 BE 7E 06 AE F8 D0 01 6B 8B 2A F5 02 | : D7 B6 A8 63 94 83 B0 1B 31 7D 52 1A DE E5 03 85 | |||
| : D7 B6 A8 63 94 83 B0 1B 31 7D 52 1A DE E5 03 85 | : 27 | |||
| : 27 | 244 02 128: INTEGER | |||
| 244 02 128: INTEGER | : 26 A6 32 2C 5A 2B D4 33 2B 5C DC 06 87 53 3F 90 | |||
| : 26 A6 32 2C 5A 2B D4 33 2B 5C DC 06 87 53 3F 90 | : 06 61 50 38 3E D2 B9 7D 81 1C 12 10 C5 0C 53 D4 | |||
| : 06 61 50 38 3E D2 B9 7D 81 1C 12 10 C5 0C 53 D4 | : 64 D1 8E 30 07 08 8C DD 3F 0A 2F 2C D6 1B 7F 57 | |||
| : 64 D1 8E 30 07 08 8C DD 3F 0A 2F 2C D6 1B 7F 57 | : 86 D0 DA BB 6E 36 2A 18 E8 D3 BC 70 31 7A 48 B6 | |||
| : 86 D0 DA BB 6E 36 2A 18 E8 D3 BC 70 31 7A 48 B6 | : 4E 18 6E DD 1F 22 06 EB 3F EA D4 41 69 D9 9B DE | |||
| : 4E 18 6E DD 1F 22 06 EB 3F EA D4 41 69 D9 9B DE | : 47 95 7A 72 91 D2 09 7F 49 5C 3B 03 33 51 C8 F1 | |||
| : 47 95 7A 72 91 D2 09 7F 49 5C 3B 03 33 51 C8 F1 | : 39 9A FF 04 D5 6E 7E 94 3D 03 B8 F6 31 15 26 48 | |||
| : 39 9A FF 04 D5 6E 7E 94 3D 03 B8 F6 31 15 26 48 | : 95 A8 5C DE 47 88 B4 69 3A 00 A7 86 9E DA D1 CD | |||
| : 95 A8 5C DE 47 88 B4 69 3A 00 A7 86 9E DA D1 CD | 375 02 33: INTEGER | |||
| 375 02 33: INTEGER | : 00 E8 72 FA 96 F0 11 40 F5 F2 DC FD 3B 5D 78 94 | |||
| : 00 E8 72 FA 96 F0 11 40 F5 F2 DC FD 3B 5D 78 94 | : B1 85 01 E5 69 37 21 F7 25 B9 BA 71 4A FC 60 30 | |||
| : B1 85 01 E5 69 37 21 F7 25 B9 BA 71 4A FC 60 30 | : FB | |||
| : FB | 410 02 97: INTEGER | |||
| 410 02 97: INTEGER | : 00 A3 91 01 C0 A8 6E A4 4D A0 56 FC 6C FE 1F A7 | |||
| : 00 A3 91 01 C0 A8 6E A4 4D A0 56 FC 6C FE 1F A7 | : B0 CD 0F 94 87 0C 25 BE 97 76 8D EB E5 A4 09 5D | |||
| : B0 CD 0F 94 87 0C 25 BE 97 76 8D EB E5 A4 09 5D | : AB 83 CD 80 0B 35 67 7F 0C 8E A7 31 98 32 85 39 | |||
| : AB 83 CD 80 0B 35 67 7F 0C 8E A7 31 98 32 85 39 | : 40 9D 11 98 D8 DE B8 7F 86 9B AF 8D 67 3D B6 76 | |||
| : 40 9D 11 98 D8 DE B8 7F 86 9B AF 8D 67 3D B6 76 | : B4 61 2F 21 E1 4B 0E 68 FF 53 3E 87 DD D8 71 56 | |||
| : B4 61 2F 21 E1 4B 0E 68 FF 53 3E 87 DD D8 71 56 | : 68 47 DC F7 20 63 4B 3C 5F 78 71 83 E6 70 9E E2 | |||
| : 68 47 DC F7 20 63 4B 3C 5F 78 71 83 E6 70 9E E2 | : 92 | |||
| : 92 | 509 30 26: SEQUENCE { | |||
| 509 30 26: SEQUENCE { | 511 03 21: BIT STRING 0 unused bits | |||
| 511 03 21: BIT STRING 0 unused bits | : 1C D5 3A 0D 17 82 6D 0A 81 75 81 46 10 8E 3E | |||
| : 1C D5 3A 0D 17 82 6D 0A 81 75 81 46 10 8E 3E | : DB 09 E4 98 34 | |||
| : DB 09 E4 98 34 | 534 02 1: INTEGER 55 | |||
| 534 02 1: INTEGER 55 | : } | |||
| : } | : } | |||
| : } | : } | |||
| : } | 537 03 132: BIT STRING 0 unused bits | |||
| 537 03 132: BIT STRING 0 unused bits | : 02 81 80 13 63 A1 85 04 8C 46 A8 88 EB F4 5E A8 | |||
| : 02 81 80 13 63 A1 85 04 8C 46 A8 88 EB F4 5E A8 | : 93 74 AE FD AE 9E 96 27 12 65 C4 4C 07 06 3E 18 | |||
| : 93 74 AE FD AE 9E 96 27 12 65 C4 4C 07 06 3E 18 | : FE 94 B8 A8 79 48 BD 2E 34 B6 47 CA 04 30 A1 EC | |||
| : FE 94 B8 A8 79 48 BD 2E 34 B6 47 CA 04 30 A1 EC | : 33 FD 1A 0B 2D 9E 50 C9 78 0F AE 6A EC B5 6B 6A | |||
| : 33 FD 1A 0B 2D 9E 50 C9 78 0F AE 6A EC B5 6B 6A | : BE B2 5C DA B2 9F 78 2C B9 77 E2 79 2B 25 BF 2E | |||
| : BE B2 5C DA B2 9F 78 2C B9 77 E2 79 2B 25 BF 2E | : 0B 59 4A 93 4B F8 B3 EC 81 34 AE 97 47 52 E0 A8 | |||
| : 0B 59 4A 93 4B F8 B3 EC 81 34 AE 97 47 52 E0 A8 | : 29 98 EC D1 B0 CA 2B 6F 7A 8B DB 4E 8D A5 15 7E | |||
| : 29 98 EC D1 B0 CA 2B 6F 7A 8B DB 4E 8D A5 15 7E | : 7E AF 33 62 09 9E 0F 11 44 8C C1 8D A2 11 9E 53 | |||
| : 7E AF 33 62 09 9E 0F 11 44 8C C1 8D A2 11 9E 53 | : EF B2 E8 | |||
| : EF B2 E8 | : } | |||
| : } | : } | |||
| : } | 672 30 12: SEQUENCE { | |||
| 672 30 12: SEQUENCE { | 674 06 8: OBJECT IDENTIFIER dh-sig-hmac-sha1 (1 3 6 1 5 5 7 6 3) | |||
| 674 06 8: OBJECT IDENTIFIER dh-sig-hmac-sha1 (1 3 6 1 5 5 7 6 3) | 684 05 0: NULL | |||
| 684 05 0: NULL | : } | |||
| : } | 686 03 109: BIT STRING 0 unused bits | |||
| 686 03 109: BIT STRING 0 unused bits | : 30 6A 30 52 30 48 31 0B 30 09 06 03 55 04 06 13 | |||
| : 30 6A 30 52 30 48 31 0B 30 09 06 03 55 04 06 13 | : 02 55 53 31 11 30 0F 06 03 55 04 0A 13 08 58 45 | |||
| : 02 55 53 31 11 30 0F 06 03 55 04 0A 13 08 58 45 | : 54 49 20 49 6E 63 31 10 30 0E 06 03 55 04 0B 13 | |||
| : 54 49 20 49 6E 63 31 10 30 0E 06 03 55 04 0B 13 | : 07 54 65 73 74 69 6E 67 31 14 30 12 06 03 55 04 | |||
| : 07 54 65 73 74 69 6E 67 31 14 30 12 06 03 55 04 | : 03 13 0B 52 6F 6F 74 20 44 53 41 20 43 41 02 06 | |||
| : 03 13 0B 52 6F 6F 74 20 44 53 41 20 43 41 02 06 | : 00 DA 39 B6 E2 CB 04 14 2D 05 77 FE 5E 8F 65 F5 | |||
| : 00 DA 39 B6 E2 CB 04 14 2D 05 77 FE 5E 8F 65 F5 | : AF AD C9 5C 9B 02 C0 A8 88 29 61 63 | |||
| : AF AD C9 5C 9B 02 C0 A8 88 29 61 63 | : } | |||
| : } | ||||
| Signature verification requires CA's private key, the CA certificate | Signature verification requires CA's private key, the CA certificate | |||
| and the generated Certification Request. | and the generated Certification Request. | |||
| CA DH private key: | CA DH private key: | |||
| x: 3E 5D AD FD E5 F4 6B 1B 61 5E 18 F9 0B 84 74 a7 | x: 3E 5D AD FD E5 F4 6B 1B 61 5E 18 F9 0B 84 74 a7 | |||
| 52 1E D6 92 BC 34 94 56 F3 0C BE DA 67 7A DD 7D | 52 1E D6 92 BC 34 94 56 F3 0C BE DA 67 7A DD 7D | |||
| Appendix C. Example of Discrete Log Signature | Appendix C. Example of Discrete Log Signature | |||
| Step 1. Generate a Diffie-Hellman Key with length of q being 256 | Step 1. Generate a Diffie-Hellman Key with length of q being 256 | |||
| bits. | bits. | |||
| p: | p: | |||
| 94 84 E0 45 6C 7F 69 51 62 3E 56 80 7C 68 E7 C5 | 94 84 E0 45 6C 7F 69 51 62 3E 56 80 7C 68 E7 C5 | |||
| A9 9E 9E 74 74 94 ED 90 8C 1D C4 E1 4A 14 82 F5 | A9 9E 9E 74 74 94 ED 90 8C 1D C4 E1 4A 14 82 F5 | |||
| D2 94 0C 19 E3 B9 10 BB 11 B9 E5 A5 FB 8E 21 51 | D2 94 0C 19 E3 B9 10 BB 11 B9 E5 A5 FB 8E 21 51 | |||
| skipping to change at page 38, line 26 ¶ | skipping to change at page 36, line 42 ¶ | |||
| C: | C: | |||
| 00000037 | 00000037 | |||
| x: | x: | |||
| 3E 5D AD FD E5 F4 6B 1B 61 5E 18 F9 0B 84 74 a7 | 3E 5D AD FD E5 F4 6B 1B 61 5E 18 F9 0B 84 74 a7 | |||
| 52 1E D6 92 BC 34 94 56 F3 0C BE DA 67 7A DD 7D | 52 1E D6 92 BC 34 94 56 F3 0C BE DA 67 7A DD 7D | |||
| Step 2. Form the value to be signed and hash with SHA1. The result | Step 2. Form the value to be signed and hash with SHA1. The result | |||
| of the hash for this example is: | of the hash for this example is: | |||
| 5f a2 69 b6 4b 22 91 22 6f 4c fe 68 ec 2b d1 c6 | 5f a2 69 b6 4b 22 91 22 6f 4c fe 68 ec 2b d1 c6 | |||
| d4 21 e5 2c | d4 21 e5 2c | |||
| Step 3. The hash value needs to be expanded since |q| = 256. This | Step 3. The hash value needs to be expanded since |q| = 256. This | |||
| is done by hashing the hash with SHA1 and appending it to the | is done by hashing the hash with SHA1 and appending it to the | |||
| original hash. The value after this step is: | original hash. The value after this step is: | |||
| 5f a2 69 b6 4b 22 91 22 6f 4c fe 68 ec 2b d1 c6 | 5f a2 69 b6 4b 22 91 22 6f 4c fe 68 ec 2b d1 c6 | |||
| d4 21 e5 2c 64 92 8b c9 5e 34 59 70 bd 62 40 ad | d4 21 e5 2c 64 92 8b c9 5e 34 59 70 bd 62 40 ad | |||
| 6f 26 3b f7 1c a3 b2 cb | 6f 26 3b f7 1c a3 b2 cb | |||
| Next the first 255 bits of this value are taken to be the resulting | Next the first 255 bits of this value are taken to be the resulting | |||
| "hash" value. Note in this case a shift of one bit right is done | "hash" value. Note in this case a shift of one bit right is done | |||
| since the result is to be treated as an integer: | since the result is to be treated as an integer: | |||
| 2f d1 34 db 25 91 48 91 37 a6 7f 34 76 15 e8 e3 | 2f d1 34 db 25 91 48 91 37 a6 7f 34 76 15 e8 e3 | |||
| 6a 10 f2 96 32 49 45 e4 af 1a 2c b8 5e b1 20 56 | 6a 10 f2 96 32 49 45 e4 af 1a 2c b8 5e b1 20 56 | |||
| Step 4. The signature value is computed. In this case you get the | Step 4. The signature value is computed. In this case you get the | |||
| values | values | |||
| r: | r: | |||
| A1 B5 B4 90 01 34 6B A0 31 6A 73 F5 7D F6 5C 14 | A1 B5 B4 90 01 34 6B A0 31 6A 73 F5 7D F6 5C 14 | |||
| 43 52 D2 10 BF 86 58 87 F7 BC 6E 5A 77 FF C3 4B | 43 52 D2 10 BF 86 58 87 F7 BC 6E 5A 77 FF C3 4B | |||
| s: | s: | |||
| 59 40 45 BC 6F 0D DC FF 9D 55 40 1E C4 9E 51 3D | 59 40 45 BC 6F 0D DC FF 9D 55 40 1E C4 9E 51 3D | |||
| 66 EF B2 FF 06 40 9A 39 68 75 81 F7 EC 9E BE A1 | 66 EF B2 FF 06 40 9A 39 68 75 81 F7 EC 9E BE A1 | |||
| The encoded signature value is then: | The encoded signature value is then: | |||
| skipping to change at page 40, line 21 ¶ | skipping to change at page 38, line 38 ¶ | |||
| c4 bb 1e d1 71 40 2c 07 d6 f0 8f c5 1a a0 00 30 | c4 bb 1e d1 71 40 2c 07 d6 f0 8f c5 1a a0 00 30 | |||
| 0c 06 08 2b 06 01 05 05 07 06 04 05 00 03 47 00 | 0c 06 08 2b 06 01 05 05 07 06 04 05 00 03 47 00 | |||
| 30 44 02 20 54 d9 43 8d 0f 9d 42 03 d6 09 aa a1 | 30 44 02 20 54 d9 43 8d 0f 9d 42 03 d6 09 aa a1 | |||
| 9a 3c 17 09 ae bd ee b3 d1 a0 00 db 7d 8c b8 e4 | 9a 3c 17 09 ae bd ee b3 d1 a0 00 db 7d 8c b8 e4 | |||
| 56 e6 57 7b 02 20 44 89 b1 04 f5 40 2b 5f e7 9c | 56 e6 57 7b 02 20 44 89 b1 04 f5 40 2b 5f e7 9c | |||
| f9 a4 97 50 0d ad c3 7a a4 2b b2 2d 5d 79 fb 38 | f9 a4 97 50 0d ad c3 7a a4 2b b2 2d 5d 79 fb 38 | |||
| 8a b4 df bb 88 bc | 8a b4 df bb 88 bc | |||
| Decoded Version of result: | Decoded Version of result: | |||
| 0 30 707: SEQUENCE { | 0 30 707: SEQUENCE { | |||
| 4 30 615: SEQUENCE { | 4 30 615: SEQUENCE { | |||
| 8 02 1: INTEGER 0 | 8 02 1: INTEGER 0 | |||
| 11 30 27: SEQUENCE { | 11 30 27: SEQUENCE { | |||
| 13 31 25: SET { | 13 31 25: SET { | |||
| 15 30 23: SEQUENCE { | 15 30 23: SEQUENCE { | |||
| 17 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) | 17 06 3: OBJECT IDENTIFIER commonName (2 5 4 3) | |||
| 22 13 16: PrintableString 'IETF PKIX SAMPLE' | 22 13 16: PrintableString 'IETF PKIX SAMPLE' | |||
| : } | : } | |||
| : } | : } | |||
| : } | : } | |||
| 40 30 577: SEQUENCE { | 40 30 577: SEQUENCE { | |||
| 44 30 438: SEQUENCE { | 44 30 438: SEQUENCE { | |||
| 48 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 | 48 06 7: OBJECT IDENTIFIER dhPublicNumber (1 2 840 10046 2 | |||
| 1) | 1) | |||
| 57 30 425: SEQUENCE { | 57 30 425: SEQUENCE { | |||
| 61 02 129: INTEGER | 61 02 129: INTEGER | |||
| : 00 94 84 E0 45 6C 7F 69 51 62 3E 56 80 7C 68 E7 | : 00 94 84 E0 45 6C 7F 69 51 62 3E 56 80 7C 68 E7 | |||
| : C5 A9 9E 9E 74 74 94 ED 90 8C 1D C4 E1 4A 14 82 | : C5 A9 9E 9E 74 74 94 ED 90 8C 1D C4 E1 4A 14 82 | |||
| : F5 D2 94 0C 19 E3 B9 10 BB 11 B9 E5 A5 FB 8E 21 | : F5 D2 94 0C 19 E3 B9 10 BB 11 B9 E5 A5 FB 8E 21 | |||
| : 51 63 02 86 AA 06 B8 21 36 B6 7F 36 DF D1 D6 68 | : 51 63 02 86 AA 06 B8 21 36 B6 7F 36 DF D1 D6 68 | |||
| : 5B 79 7C 1D 5A 14 75 1F 6A 93 75 93 CE BB 97 72 | : 5B 79 7C 1D 5A 14 75 1F 6A 93 75 93 CE BB 97 72 | |||
| : 8A F0 0F 23 9D 47 F6 D4 B3 C7 F0 F4 E6 F6 2B C2 | : 8A F0 0F 23 9D 47 F6 D4 B3 C7 F0 F4 E6 F6 2B C2 | |||
| : 32 E1 89 67 BE 7E 06 AE F8 D0 01 6B 8B 2A F5 02 | : 32 E1 89 67 BE 7E 06 AE F8 D0 01 6B 8B 2A F5 02 | |||
| : D7 B6 A8 63 94 83 B0 1B 31 7D 52 1A DE E5 03 85 | : D7 B6 A8 63 94 83 B0 1B 31 7D 52 1A DE E5 03 85 | |||
| : 27 | : 27 | |||
| 193 02 128: INTEGER | 193 02 128: INTEGER | |||
| : 26 A6 32 2C 5A 2B D4 33 2B 5C DC 06 87 53 3F 90 | : 26 A6 32 2C 5A 2B D4 33 2B 5C DC 06 87 53 3F 90 | |||
| : 06 61 50 38 3E D2 B9 7D 81 1C 12 10 C5 0C 53 D4 | : 06 61 50 38 3E D2 B9 7D 81 1C 12 10 C5 0C 53 D4 | |||
| : 64 D1 8E 30 07 08 8C DD 3F 0A 2F 2C D6 1B 7F 57 | : 64 D1 8E 30 07 08 8C DD 3F 0A 2F 2C D6 1B 7F 57 | |||
| : 86 D0 DA BB 6E 36 2A 18 E8 D3 BC 70 31 7A 48 B6 | : 86 D0 DA BB 6E 36 2A 18 E8 D3 BC 70 31 7A 48 B6 | |||
| : 4E 18 6E DD 1F 22 06 EB 3F EA D4 41 69 D9 9B DE | : 4E 18 6E DD 1F 22 06 EB 3F EA D4 41 69 D9 9B DE | |||
| : 47 95 7A 72 91 D2 09 7F 49 5C 3B 03 33 51 C8 F1 | : 47 95 7A 72 91 D2 09 7F 49 5C 3B 03 33 51 C8 F1 | |||
| : 39 9A FF 04 D5 6E 7E 94 3D 03 B8 F6 31 15 26 48 | : 39 9A FF 04 D5 6E 7E 94 3D 03 B8 F6 31 15 26 48 | |||
| : 95 A8 5C DE 47 88 B4 69 3A 00 A7 86 9E DA D1 CD | : 95 A8 5C DE 47 88 B4 69 3A 00 A7 86 9E DA D1 CD | |||
| 324 02 33: INTEGER | 324 02 33: INTEGER | |||
| : 00 E8 72 FA 96 F0 11 40 F5 F2 DC FD 3B 5D 78 94 | : 00 E8 72 FA 96 F0 11 40 F5 F2 DC FD 3B 5D 78 94 | |||
| : B1 85 01 E5 69 37 21 F7 25 B9 BA 71 4A FC 60 30 | : B1 85 01 E5 69 37 21 F7 25 B9 BA 71 4A FC 60 30 | |||
| : FB | : FB | |||
| 359 02 97: INTEGER | 359 02 97: INTEGER | |||
| : 00 A3 91 01 C0 A8 6E A4 4D A0 56 FC 6C FE 1F A7 | : 00 A3 91 01 C0 A8 6E A4 4D A0 56 FC 6C FE 1F A7 | |||
| : B0 CD 0F 94 87 0C 25 BE 97 76 8D EB E5 A4 09 5D | : B0 CD 0F 94 87 0C 25 BE 97 76 8D EB E5 A4 09 5D | |||
| : AB 83 CD 80 0B 35 67 7F 0C 8E A7 31 98 32 85 39 | : AB 83 CD 80 0B 35 67 7F 0C 8E A7 31 98 32 85 39 | |||
| : 40 9D 11 98 D8 DE B8 7F 86 9B AF 8D 67 3D B6 76 | : 40 9D 11 98 D8 DE B8 7F 86 9B AF 8D 67 3D B6 76 | |||
| : B4 61 2F 21 E1 4B 0E 68 FF 53 3E 87 DD D8 71 56 | : B4 61 2F 21 E1 4B 0E 68 FF 53 3E 87 DD D8 71 56 | |||
| : 68 47 DC F7 20 63 4B 3C 5F 78 71 83 E6 70 9E E2 | : 68 47 DC F7 20 63 4B 3C 5F 78 71 83 E6 70 9E E2 | |||
| : 92 | : 92 | |||
| 458 30 26: SEQUENCE { | 458 30 26: SEQUENCE { | |||
| 460 03 21: BIT STRING 0 unused bits | 460 03 21: BIT STRING 0 unused bits | |||
| : 1C D5 3A 0D 17 82 6D 0A 81 75 81 46 10 8E 3E DB | : 1C D5 3A 0D 17 82 6D 0A 81 75 81 46 10 8E 3E DB | |||
| : 09 E4 98 34 | : 09 E4 98 34 | |||
| 483 02 1: INTEGER 55 | 483 02 1: INTEGER 55 | |||
| : } | : } | |||
| : } | : } | |||
| : } | : } | |||
| 486 03 132: BIT STRING 0 unused bits | 486 03 132: BIT STRING 0 unused bits | |||
| : 02 81 80 5F CF 39 AD 62 CF 49 8E D1 CE 66 E2 B1 | : 02 81 80 5F CF 39 AD 62 CF 49 8E D1 CE 66 E2 B1 | |||
| : E6 A7 01 4D 05 C2 77 C8 92 52 42 A9 05 A4 DB E0 | : E6 A7 01 4D 05 C2 77 C8 92 52 42 A9 05 A4 DB E0 | |||
| : 46 79 50 A3 FC 99 3D 3D A6 9B A9 AD BC 62 1C 69 | : 46 79 50 A3 FC 99 3D 3D A6 9B A9 AD BC 62 1C 69 | |||
| : B7 11 A1 C0 2A F1 85 28 F7 68 FE D6 8F 31 56 22 | : B7 11 A1 C0 2A F1 85 28 F7 68 FE D6 8F 31 56 22 | |||
| : 4D 0A 11 6E 72 3A 02 AF 0E 27 AA F9 ED CE 05 EF | : 4D 0A 11 6E 72 3A 02 AF 0E 27 AA F9 ED CE 05 EF | |||
| : D8 59 92 C0 18 D7 69 6E BD 70 B6 21 D1 77 39 21 | : D8 59 92 C0 18 D7 69 6E BD 70 B6 21 D1 77 39 21 | |||
| : E1 AF 7A 3A CF 20 0A B4 2C 69 5F CF 79 67 20 31 | : E1 AF 7A 3A CF 20 0A B4 2C 69 5F CF 79 67 20 31 | |||
| : 4D F2 C6 ED 23 BF C4 BB 1E D1 71 40 2C 07 D6 F0 | : 4D F2 C6 ED 23 BF C4 BB 1E D1 71 40 2C 07 D6 F0 | |||
| : 8F C5 1A | : 8F C5 1A | |||
| : } | : } | |||
| 621 A0 0: [0] | 621 A0 0: [0] | |||
| : } | : } | |||
| 623 30 12: SEQUENCE { | 623 30 12: SEQUENCE { | |||
| 625 06 8: OBJECT IDENTIFIER '1 3 6 1 5 5 7 6 4' | 625 06 8: OBJECT IDENTIFIER '1 3 6 1 5 5 7 6 4' | |||
| 635 05 0: NULL | 635 05 0: NULL | |||
| : } | : } | |||
| 637 03 72: BIT STRING 0 unused bits | 637 03 72: BIT STRING 0 unused bits | |||
| : 30 45 02 21 00 A1 B5 B4 90 01 34 6B A0 31 6A 73 | : 30 45 02 21 00 A1 B5 B4 90 01 34 6B A0 31 6A 73 | |||
| : F5 7D F6 5C 14 43 52 D2 10 BF 86 58 87 F7 BC 6E | : F5 7D F6 5C 14 43 52 D2 10 BF 86 58 87 F7 BC 6E | |||
| : 5A 77 FF C3 4B 02 20 59 40 45 BC 6F 0D DC FF 9D | : 5A 77 FF C3 4B 02 20 59 40 45 BC 6F 0D DC FF 9D | |||
| : 55 40 1E C4 9E 51 3D 66 EF B2 FF 06 40 9A 39 68 | : 55 40 1E C4 9E 51 3D 66 EF B2 FF 06 40 9A 39 68 | |||
| : 75 81 F7 EC 9E BE A1 | : 75 81 F7 EC 9E BE A1 | |||
| : } | : } | |||
| Authors' Addresses | Authors' Addresses | |||
| Jim Schaad | Jim Schaad | |||
| Soaring Hawk Consulting | Soaring Hawk Consulting | |||
| Email: ietf@augustcellars.com | Email: ietf@augustcellars.com | |||
| Hemma Prafullchandra | Hemma Prafullchandra | |||
| Hy-Trust | Hy-Trust | |||
| End of changes. 58 change blocks. | ||||
| 518 lines changed or deleted | 530 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||