| < draft-turner-akf-algs-update-02.txt | draft-turner-akf-algs-update-03.txt > | |||
|---|---|---|---|---|
| Network Working Group S. Turner | Network Working Group S. Turner | |||
| Internet-Draft IECA | Internet-Draft IECA | |||
| Updates: 5959 (once approved) December 22, 2010 | Updates: 5959 (once approved) February 11, 2011 | |||
| Intended status: Standards Track | Intended status: Standards Track | |||
| Expires: June 22, 2011 | Expires: August 10, 2011 | |||
| Elliptic Curve Algorithms for Cryptographic Message Syntax (CMS) | Elliptic Curve Algorithms for Cryptographic Message Syntax (CMS) | |||
| Asymmetric Key Package Content Type | Asymmetric Key Package Content Type | |||
| draft-turner-akf-algs-update-02.txt | draft-turner-akf-algs-update-03.txt | |||
| Abstract | Abstract | |||
| This document describes conventions for using Elliptic Curve | This document describes conventions for using Elliptic Curve | |||
| cryptographic algorithms with SignedData and EnvelopedData to protect | cryptographic algorithms with SignedData and EnvelopedData to protect | |||
| the AsymmetricKeyPackage content type. Specifically, it includes | the AsymmetricKeyPackage content type. Specifically, it includes | |||
| conventions necessary to implement Elliptic Curve Diffie-Hellman | conventions necessary to implement Elliptic Curve Diffie-Hellman | |||
| (ECDH) with EnvelopedData and Elliptic Curve Digital Signature | (ECDH) with EnvelopedData and Elliptic Curve Digital Signature | |||
| Algorithm (ECDSA) with SignedData. This document extends RFC 5959. | Algorithm (ECDSA) with SignedData. This document extends RFC 5959. | |||
| skipping to change at page 1, line 37 ¶ | skipping to change at page 1, line 37 ¶ | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on June 22, 2010. | This Internet-Draft will expire on August 10, 2011. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2010 IETF Trust and the persons identified as the | Copyright (c) 2011 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| Internet-DraftEC Algorithms for CMS Asymmetric Key Packages 2011-02-11 | ||||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| Internet-DraftEC Algorithms for CMS Asymmetric Key Pacakges 2010-12-22 | ||||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| 1. Introduction | 1. Introduction | |||
| [RFC5959] describes conventions necessary to protect the | [RFC5959] describes conventions necessary to protect the | |||
| AsymmetricKeyPackage content type [RFC5958] with Cryptographic | AsymmetricKeyPackage content type [RFC5958] with Cryptographic | |||
| skipping to change at page 2, line 45 ¶ | skipping to change at page 2, line 49 ¶ | |||
| 2. AsymmetricKeyPackage | 2. AsymmetricKeyPackage | |||
| As noted in Asymmetric Key Packages [RFC5958], CMS can be used to | As noted in Asymmetric Key Packages [RFC5958], CMS can be used to | |||
| protect the AsymmetricKeyPackage. The following provides guidance | protect the AsymmetricKeyPackage. The following provides guidance | |||
| for SignedData [RFC5652] and EnvelopedData [RFC5652] when used with | for SignedData [RFC5652] and EnvelopedData [RFC5652] when used with | |||
| Elliptic Curve algorithms. | Elliptic Curve algorithms. | |||
| 2.1. SignedData | 2.1. SignedData | |||
| If an implementation supports SignedData, then it MAY support ECDSA | If an implementation supports SignedData, then it MAY support ECDSA | |||
| [I-D.mcgrew-fundamental-ecc]. | [RFC6090][RFC5753]. | |||
| 2.2. EnvelopedData | 2.2. EnvelopedData | |||
| When key agreement is used, standard (as opposed to co-factor) ECDH | When key agreement is used, standard (as opposed to co-factor) ECDH | |||
| [I-D.mcgrew-fundamental-ecc] MAY be supported. | [RFC6090][RFC5753] MAY be supported. | |||
| Internet-DraftEC Algorithms for CMS Asymmetric Key Pacakges 2010-12-22 | Internet-DraftEC Algorithms for CMS Asymmetric Key Packages 2011-02-11 | |||
| 3. Public Key Sizes | 3. Public Key Sizes | |||
| The easiest way to implement the SignedData and EnvelopedData is with | The easiest way to implement the SignedData and EnvelopedData is with | |||
| public key certificates [RFC5280][RFC5480]. If an implementation | public key certificates [RFC5280][RFC5480]. If an implementation | |||
| supports ECDSA or ECDH, then it MUST support keys on the P-256 curve. | supports ECDSA or ECDH, then it MUST support keys on the P-256 curve. | |||
| 4. Security Considerations | 4. Security Considerations | |||
| The security considerations from [RFC5280], [RFC5480], [RFC5652], | The security considerations from [RFC5280], [RFC5480], [RFC5652], | |||
| [RFC5753], [RFC5959], and [I-D.mcgrew-fundamental-ecc] apply. | [RFC5753], [RFC5959], and [RFC6090] apply. | |||
| 5. IANA Considerations | 5. IANA Considerations | |||
| None. Please remove this section prior to publication as an RFC. | None. Please remove this section prior to publication as an RFC. | |||
| 6. Normative References | 6. Normative References | |||
| 6.1. Normative References | 6.1. Normative References | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| skipping to change at page 3, line 51 ¶ | skipping to change at page 3, line 51 ¶ | |||
| [RFC5753] Turner, S., and D. Brown, "Use of Elliptic Curve | [RFC5753] Turner, S., and D. Brown, "Use of Elliptic Curve | |||
| Cryptography (ECC) Algorithms in Cryptographic Message | Cryptography (ECC) Algorithms in Cryptographic Message | |||
| Syntax (CMS)", RFC 5753, January 2010. | Syntax (CMS)", RFC 5753, January 2010. | |||
| [RFC5958] Turners, S., "Asymmetric Key Packages", RFC 5958, August | [RFC5958] Turners, S., "Asymmetric Key Packages", RFC 5958, August | |||
| 2010. | 2010. | |||
| [RFC5959] Turners, S., "Asymmetric Key Packages", RFC 5959, August | [RFC5959] Turners, S., "Asymmetric Key Packages", RFC 5959, August | |||
| 2010. | 2010. | |||
| [I-D.mcgrew-fundamental-ecc] McGrew, D., Igoe, E., and M. Salter, | [RFC6090] McGrew, D., Igoe, E., and M. Salter, "Fundamental Elliptic | |||
| "Fundamental Elliptic Curve Cryptography Algorithms", | Curve Cryptography Algorithms", RFC 6090, February 2011. | |||
| draft-mcgrew-fundamental-ecc-04.txt, work-in-progress. | ||||
| Internet-DraftEC Algorithms for CMS Asymmetric Key Pacakges 2010-12-22 | Internet-DraftEC Algorithms for CMS Asymmetric Key Packages 2011-02-11 | |||
| 6.2. Informative References | 6.2. Informative References | |||
| [RFC5083] Housley, R., "Cryptographic Message Syntax (CMS) | [RFC5083] Housley, R., "Cryptographic Message Syntax (CMS) | |||
| Authenticated-Enveloped-Data Content Type", RFC 5083, | Authenticated-Enveloped-Data Content Type", RFC 5083, | |||
| November 2007. | November 2007. | |||
| Authors' Addresses | Authors' Addresses | |||
| Sean Turner | Sean Turner | |||
| End of changes. 13 change blocks. | ||||
| 16 lines changed or deleted | 14 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||