| < draft-wconner-blake2sigs-00.txt | draft-wconner-blake2sigs-01.txt > | |||
|---|---|---|---|---|
| Network Working Group W. Conner | Network Working Group W. Conner | |||
| Internet-Draft A. Langley | Internet-Draft A. Langley | |||
| Intended status: Informational R. Sleevi | Intended status: Informational R. Sleevi | |||
| Expires: October 16, 2017 Google | Expires: December 16, 2017 Google | |||
| A. Popov | A. Popov | |||
| Microsoft | Microsoft | |||
| April 14, 2017 | June 14, 2017 | |||
| BLAKE2 Algorithms and Identifiers for use in the Internet X.509 Public | BLAKE2 Algorithms and Identifiers for use in the Internet X.509 Public | |||
| Key Infrastructure Certificate and Certificate Revocation List (CRL) | Key Infrastructure Certificate and Certificate Revocation List (CRL) | |||
| Profile | Profile | |||
| draft-wconner-blake2sigs-00 | draft-wconner-blake2sigs-01 | |||
| Abstract | Abstract | |||
| This document describes the conventions for using the BLAKE2b-512 | This document describes the conventions for using the BLAKE2b-512 | |||
| hash function with each of the following signature algorithms: RSA | hash function with each of the following algorithms: RSA Encryption | |||
| Public-Key Cryptography Standards #1 version 1.5 (RSA PKCS#1 v1.5), | Scheme - Optimal Asymmetric Encryption Padding (RSAES-OAEP), RSA | |||
| RSA Probabilistic Signature Scheme (RSASSA-PSS), RSA Encryption | Probabilistic Signature Scheme (RSASSA-PSS), RSA Public-Key | |||
| Scheme - Optimal Asymmetric Encryption Padding (RSAES-OAEP), Elliptic | Cryptography Standards #1 version 1.5 (RSASSA PKCS#1 v1.5), Digital | |||
| Curve Digital Signature Algorithm (ECDSA), and Edwards-curve Digital | Signature Algorithm (DSA), Elliptic Curve Digital Signature Algorithm | |||
| Signature Algorithm (EdDSA). This specification applies to the | (ECDSA), and Edwards-curve Digital Signature Algorithm (EdDSA). This | |||
| Internet X.509 Public Key Infrastructure (PKI) when digital | specification applies to the Internet X.509 Public Key Infrastructure | |||
| signatures are used to sign certificates and certificate revocation | (PKI) when digital signatures are used to sign certificates and | |||
| lists (CRLs). This document also specifies the object identifiers | certificate revocation lists (CRLs). This document also specifies | |||
| (OIDs) for the combinations of the BLAKE2b-512 hash function with the | the object identifiers for the combinations of the BLAKE2b-512 hash | |||
| aforementioned signature algorithms. | function with the aforementioned algorithms. | |||
| Status of This Memo | Status of This Memo | |||
| This Internet-Draft is submitted in full conformance with the | This Internet-Draft is submitted in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF). Note that other groups may also distribute | Task Force (IETF). Note that other groups may also distribute | |||
| working documents as Internet-Drafts. The list of current Internet- | working documents as Internet-Drafts. The list of current Internet- | |||
| Drafts is at http://datatracker.ietf.org/drafts/current/. | Drafts is at http://datatracker.ietf.org/drafts/current/. | |||
| Internet-Drafts are draft documents valid for a maximum of six months | Internet-Drafts are draft documents valid for a maximum of six months | |||
| and may be updated, replaced, or obsoleted by other documents at any | and may be updated, replaced, or obsoleted by other documents at any | |||
| time. It is inappropriate to use Internet-Drafts as reference | time. It is inappropriate to use Internet-Drafts as reference | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| This Internet-Draft will expire on October 16, 2017. | This Internet-Draft will expire on December 16, 2017. | |||
| Copyright Notice | Copyright Notice | |||
| Copyright (c) 2017 IETF Trust and the persons identified as the | Copyright (c) 2017 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 | |||
| 2. Algorithm Support . . . . . . . . . . . . . . . . . . . . . . 3 | 2. Algorithm Support . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 2.1. RSA PKCS#1 v1.5 . . . . . . . . . . . . . . . . . . . . . 3 | 2.1. BLAKE2b-512 One-Way Hash Function . . . . . . . . . . . . 3 | |||
| 2.2. RSASSA-PSS . . . . . . . . . . . . . . . . . . . . . . . 3 | 2.2. BLAKE2b-512 Mask Generation Function . . . . . . . . . . 3 | |||
| 2.3. RSAES-OAEP . . . . . . . . . . . . . . . . . . . . . . . 3 | 2.3. RSAES-OAEP with BLAKE2b-512 . . . . . . . . . . . . . . . 4 | |||
| 2.4. ECDSA . . . . . . . . . . . . . . . . . . . . . . . . . . 4 | 2.4. RSASSA-PSS with BLAKE2b-512 . . . . . . . . . . . . . . . 5 | |||
| 2.5. EdDSA . . . . . . . . . . . . . . . . . . . . . . . . . . 4 | 2.5. RSASSA PKCS#1 v1.5 with BLAKE2b-512 . . . . . . . . . . . 5 | |||
| 3. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 4 | 2.6. DSA with BLAKE2b-512 . . . . . . . . . . . . . . . . . . 6 | |||
| 4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 4 | 2.7. ECDSA with BLAKE2b-512 . . . . . . . . . . . . . . . . . 6 | |||
| 5. Normative References . . . . . . . . . . . . . . . . . . . . 4 | 2.8. EdDSA with BLAKE2b-512 . . . . . . . . . . . . . . . . . 6 | |||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 5 | 3. Security Considerations . . . . . . . . . . . . . . . . . . . 6 | |||
| 4. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 7 | ||||
| 5. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 7 | ||||
| 6. Normative References . . . . . . . . . . . . . . . . . . . . 7 | ||||
| Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 8 | ||||
| 1. Introduction | 1. Introduction | |||
| The SHA-2 family of hash functions is currently the only secure and | The SHA-2 family of hash functions is currently the only secure and | |||
| widely supported option for digital signatures in the PKIX ecosystem. | widely supported option for digital signatures in the PKIX ecosystem | |||
| While there is no reason to be seriously concerned about the security | [FIPS-180-4]. While there is no reason to be seriously concerned | |||
| of SHA-2, which is still acceptable according to NIST SP 800-131A | about the security of SHA-2, which is still acceptable according to | |||
| rev. 1 [SP-800-131A], numerous previous hash functions have | NIST SP 800-131A rev. 1 [SP-800-131A], numerous previous hash | |||
| eventually suffered from collision attacks and needed to be replaced. | functions have eventually suffered from collision attacks and needed | |||
| Since it takes a very long time to establish support for new | to be replaced. Since it takes a very long time to establish support | |||
| primitives in the PKIX ecosystem, it seems prudent to have an | for new primitives in the PKIX ecosystem, it seems prudent to have an | |||
| alternative prepared. | alternative prepared. | |||
| This document specifies object identifiers (OIDs) to identify the | This document specifies object identifiers to identify the | |||
| combination of BLAKE2b-512 [BLAKE2] with each of RSA PKCS#1 v1.5, | combination of the BLAKE2b-512 [BLAKE2] hash function with each of | |||
| RSASSA-PSS, RSAES-OAEP, ECDSA, and EdDSA. | RSAES-OAEP, RSASSA-PSS, RSASSA PKCS#1 v1.5, DSA, ECDSA, and EdDSA. | |||
| The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", | |||
| "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this | |||
| document are to be interpreted as described in [RFC2119]. | document are to be interpreted as described in [RFC2119]. | |||
| 2. Algorithm Support | 2. Algorithm Support | |||
| This section describes the signature algorithms and corresponding | This section describes the algorithms and corresponding object | |||
| OIDs, which may be used in conjunction with the BLAKE2b-512 hash | identifiers, which may be used in conjunction with the BLAKE2b-512 | |||
| function. The OIDs will be assigned under the following OID arc, | hash function. | |||
| which is based on the OID tree from [RFC7693]. | ||||
| sigAlgs OBJECT IDENTIFIER ::= { | 2.1. BLAKE2b-512 One-Way Hash Function | |||
| iso(1) identified-organization(3) dod(6) internet(1) | ||||
| private(4) enterprise(1) kudelski(1722) cryptography(12) 4 | ||||
| } | ||||
| 2.1. RSA PKCS#1 v1.5 | [BLAKE2] specifies the BLAKE2 family of hash functions, including the | |||
| BLAKE2b-512 hash function. The BLAKE2b-512 hash function is | ||||
| optimized for 64-bit platforms and produces 64-byte message digests. | ||||
| The object identifier for the BLAKE2b-512 hash algorithm is specified | ||||
| in [RFC7693] and included below for reference. | ||||
| [RFC2313] specifies the RSA PKCS #1 v1.5 signature algorithm. This | id-blake2b512 OBJECT IDENTIFIER ::= { | |||
| section specifies a single OID to identify the combination of | iso(1) identified-organization(3) dod(6) internet(1) | |||
| BLAKE2b-512 with RSA PKCS#1 v1.5. | private(4) enterprise(1) kudelski(1722) cryptography(12) | |||
| hashAlgs(2) blake2b(1) 16 | ||||
| } | ||||
| id-rsaEncryption-with-blake2b512 OBJECT IDENTIFIER ::= TBD | The object identifiers for the encryption and signature algorithms | |||
| that use the BLAKE2b-512 hash function will appear under the | ||||
| following arcs derived from [RFC7693]. | ||||
| 2.2. RSASSA-PSS | encAlgs OBJECT IDENTIFIER ::= { | |||
| iso(1) identified-organization(3) dod(6) internet(1) | ||||
| private(4) enterprise(1) kudelski(1722) cryptography(12) 4 | ||||
| } | ||||
| [RFC4055] specifies the RSASSA-PSS signature algorithm. This section | sigAlgs OBJECT IDENTIFIER ::= { | |||
| specifies a single OID to identify the combination of BLAKE2b-512 | iso(1) identified-organization(3) dod(6) internet(1) | |||
| with RSASSA-PSS. | private(4) enterprise(1) kudelski(1722) cryptography(12) 5 | |||
| } | ||||
| id-RSASSA-PSS-with-blake2b512 OBJECT IDENTIFIER ::= TBD | 2.2. BLAKE2b-512 Mask Generation Function | |||
| 2.3. RSAES-OAEP | [RFC4055] specifies the object identifier for the mask generation | |||
| function MGF1, which is included below for reference. | ||||
| [RFC4055] specifies the RSAES-OAEP signature algorithm. This section | id-mgf1 OBJECT IDENTIFIER ::= { | |||
| specifies a single OID to identify the combination of BLAKE2b-512 | iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) | |||
| with RSAES-OAEP. | pkcs-1(1) 8 | |||
| } | ||||
| id-RSAEP-OAEP-with-blake2b512 OBJECT IDENTIFIER ::= TBD | The algorithm identifiers for the BLAKE2b-512 hash function and the | |||
| mask generation function MGF1 that uses the BLAKE2b-512 hash function | ||||
| are the following. | ||||
| 2.4. ECDSA | blake2b512Identifier AlgorithmIdentifier ::= { | |||
| id-blake2b512, NULL | ||||
| } | ||||
| mgf1Blake2b512Identifier AlgorithmIdentifier ::= { | ||||
| id-mgf1, blake2b512Identifier | ||||
| } | ||||
| 2.3. RSAES-OAEP with BLAKE2b-512 | ||||
| [RFC4055] specifies the RSAES-OAEP algorithm and parameters. The | ||||
| sequence for the parameters is included below for reference. | ||||
| RSAES-OAEP-params ::= SEQUENCE { | ||||
| hashFunc [0] AlgorithmIdentifier | ||||
| DEFAULT sha1Identifier, | ||||
| maskGenFunc [1] AlgorithmIdentifier | ||||
| DEFAULT mgf1SHA1Identifier, | ||||
| pSourceFunc [2] AlgorithmIdentifier | ||||
| DEFAULT pSpecifiedEmptyIdentifier | ||||
| } | ||||
| This section specifies a single object identifier to identify the | ||||
| combination of RSAES-OAEP with BLAKE2b-512. | ||||
| id-RSAEP-OAEP-with-blake2b512 OBJECT IDENTIFIER ::= { engAlgs 1 } | ||||
| Using id-RSAEP-OAEP-with-blake2b512 requires the following RSAES-OAEP | ||||
| parameters. | ||||
| RSAES-OAEP-blake2b512-params RSAES-OAEP-params ::= { | ||||
| hashFunc blake2b512Identifier, | ||||
| maskGenFunc mgf1Blake2b512Identifier, | ||||
| pSourceFunc pSpecifiedEmptyIdentifier | ||||
| } | ||||
| 2.4. RSASSA-PSS with BLAKE2b-512 | ||||
| [RFC4055] specifies the RSASSA-PSS algorithm and parameters. The | ||||
| sequence for the parameters is included below for reference. | ||||
| RSASSA-PSS-params ::= SEQUENCE { | ||||
| hashAlgorithm [0] HashAlgorithm | ||||
| DEFAULT sha1Identifier, | ||||
| maskGenAlgorithm [1] MaskGenAlgorithm | ||||
| DEFAULT mgf1SHA1Identifier, | ||||
| saltLength [2] INTEGER DEFAULT 20, | ||||
| trailerField [3] INTEGER DEFAULT 1 | ||||
| } | ||||
| This section specifies a single object identifier to identify the | ||||
| combination of RSASSA-PSS with BLAKE2b-512. | ||||
| id-RSASSA-PSS-with-blake2b512 OBJECT IDENTIFIER ::= { sigAlgs 1 } | ||||
| Using id-RSASSA-PSS-with-blake2b512 requires the following RSASSA-PSS | ||||
| parameters. | ||||
| RSASSA-PSS-blake2b512-params RSASSA-PSS-params ::= { | ||||
| hashAlgorithm blake2b512Identifier, | ||||
| maskGenAlgorithm mgf1Blake2b512Identifier, | ||||
| saltLength 20, | ||||
| trailerField 1 | ||||
| } | ||||
| 2.5. RSASSA PKCS#1 v1.5 with BLAKE2b-512 | ||||
| [RFC2313] specifies the RSASSA PKCS #1 v1.5 signature algorithm. | ||||
| This section specifies a single object identifier to identify the | ||||
| combination of RSASSA PKCS#1 v1.5 with BLAKE2b-512. | ||||
| id-rsassa-pkcs1-v1_5-with-blake2b512 OBJECT IDENTIFIER | ||||
| ::= { sigAlgs 2 } | ||||
| 2.6. DSA with BLAKE2b-512 | ||||
| NIST FIPS PUB 186-4 [FIPS-186-4] specifies the DSA signature | ||||
| algorithm. This section specifies a single object identifier to | ||||
| identify the combination of DSA with BLAKE2b-512. | ||||
| id-dsa-with-blake2b512 OBJECT IDENTIFIER ::= { sigAlgs 3 } | ||||
| 2.7. ECDSA with BLAKE2b-512 | ||||
| NIST FIPS PUB 186-4 [FIPS-186-4] specifies the ECDSA signature | NIST FIPS PUB 186-4 [FIPS-186-4] specifies the ECDSA signature | |||
| algorithm. This section specifies a single OID to identify the | algorithm. [RFC5758] specifies identifiers for using the SHA-2 | |||
| combination of BLAKE2b-512 with ECDSA. | family of hash functions with ECDSA. This section specifies a single | |||
| object identifier to identify the combination of ECDSA with BLAKE2b- | ||||
| 512. | ||||
| id-ecdsa-with-blake2b512 OBJECT IDENTIFIER ::= TBD | id-ecdsa-with-blake2b512 OBJECT IDENTIFIER ::= { sigAlgs 4 } | |||
| 2.5. EdDSA | 2.8. EdDSA with BLAKE2b-512 | |||
| [RFC8032] specifies the EdDSA signature algorithm. This section | [RFC8032] specifies the EdDSA algorithm. This section specifies a | |||
| specifies two OIDs to identify the combination of BLAKE2b-512 with | single object identifier to identify the combination of EdDSA with | |||
| the edwards25519 and edwards448 curves. | the edwards448 curve and BLAKE2b-512 hash function. | |||
| id-Ed25519-with-blake2b512 OBJECT IDENTIFIER ::= TBD | id-Ed448-with-blake2b512 OBJECT IDENTIFIER ::= { sigAlgs 5 } | |||
| id-Ed448-with-blake2b512 OBJECT IDENTIFIER ::= TBD | 3. Security Considerations | |||
| 3. IANA Considerations | For BLAKE2-specific security considerations, Section 4 of [BLAKE2] | |||
| includes a brief security analysis of the BLAKE2 hash algorithm. The | ||||
| BLAKE hash algorithm, which was the predecessor of BLAKE2, was | ||||
| analyzed as part of the SHA-3 competition [BLAKE]. The BLAKE2 hash | ||||
| algorithm builds on BLAKE with some tweaks. | ||||
| None | For general PKIX Certificate and CRL Profile security considerations, | |||
| Section 8 of [RFC5280] provides a good overview. | ||||
| 4. Acknowledgements | 4. IANA Considerations | |||
| Although the algorithm identifiers are currently specified under the | ||||
| object identifier arc specified in [RFC7693], the authors would not | ||||
| oppose the assignment of these algorithms to object identifiers in a | ||||
| more suitable location under the IANA object identifier space in | ||||
| future drafts. | ||||
| 5. Acknowledgements | ||||
| The authors would like to thank the [BLAKE2] designers for answering | The authors would like to thank the [BLAKE2] designers for answering | |||
| our questions about BLAKE2 and allowing us to use their object | our questions about BLAKE2 and allowing us to use their object | |||
| identifier space. In particular, our email exchanges with Jean- | identifier space. In particular, our email exchanges with Jean- | |||
| Philippe Aumasson were very helpful. | Philippe Aumasson were very helpful. | |||
| 5. Normative References | The authors would also like to thank the participants of the LAMPS | |||
| working group who provided valuable feedback. | ||||
| 6. Normative References | ||||
| [BLAKE] Aumasson, J., Henzen, L., Meier, W., and R. Phan, "SHA-3 | ||||
| proposal BLAKE", December 2010, <https://131002.net/blake/ | ||||
| blake.pdf>. | ||||
| [BLAKE2] Aumasson, J., Neves, S., Wilcox-O'Hearn, Z., and C. | [BLAKE2] Aumasson, J., Neves, S., Wilcox-O'Hearn, Z., and C. | |||
| Winnerlein, "BLAKE2: simpler, smaller, fast as MD5", | Winnerlein, "BLAKE2: simpler, smaller, fast as MD5", | |||
| January 2013, <https://blake2.net/blake2_20130129.pdf>. | January 2013, <https://blake2.net/blake2_20130129.pdf>. | |||
| [FIPS-180-4] | ||||
| National Institute of Standards and Technology, "Secure | ||||
| Hash Standard (SHS)", FIPS PUB 180-4, August 2015, | ||||
| <https://dx.doi.org/10.6028/NIST.FIPS.180-4.pdf>. | ||||
| [FIPS-186-4] | [FIPS-186-4] | |||
| National Institute of Standards and Technology, "Digital | National Institute of Standards and Technology, "Digital | |||
| Signature Standard (DSS)", FIPS PUB 186-4, July 2013, | Signature Standard (DSS)", FIPS PUB 186-4, July 2013, | |||
| <https://dx.doi.org/10.6028/NIST.FIPS.186-4>. | <https://dx.doi.org/10.6028/NIST.FIPS.186-4>. | |||
| [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate | |||
| Requirement Levels", BCP 14, RFC 2119, | Requirement Levels", BCP 14, RFC 2119, | |||
| DOI 10.17487/RFC2119, March 1997, | DOI 10.17487/RFC2119, March 1997, | |||
| <http://www.rfc-editor.org/info/rfc2119>. | <http://www.rfc-editor.org/info/rfc2119>. | |||
| skipping to change at page 5, line 21 ¶ | skipping to change at page 8, line 12 ¶ | |||
| RFC 2313, DOI 10.17487/RFC2313, March 1998, | RFC 2313, DOI 10.17487/RFC2313, March 1998, | |||
| <http://www.rfc-editor.org/info/rfc2313>. | <http://www.rfc-editor.org/info/rfc2313>. | |||
| [RFC4055] Schaad, J., Kaliski, B., and R. Housley, "Additional | [RFC4055] Schaad, J., Kaliski, B., and R. Housley, "Additional | |||
| Algorithms and Identifiers for RSA Cryptography for use in | Algorithms and Identifiers for RSA Cryptography for use in | |||
| the Internet X.509 Public Key Infrastructure Certificate | the Internet X.509 Public Key Infrastructure Certificate | |||
| and Certificate Revocation List (CRL) Profile", RFC 4055, | and Certificate Revocation List (CRL) Profile", RFC 4055, | |||
| DOI 10.17487/RFC4055, June 2005, | DOI 10.17487/RFC4055, June 2005, | |||
| <http://www.rfc-editor.org/info/rfc4055>. | <http://www.rfc-editor.org/info/rfc4055>. | |||
| [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | ||||
| Housley, R., and W. Polk, "Internet X.509 Public Key | ||||
| Infrastructure Certificate and Certificate Revocation List | ||||
| (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008, | ||||
| <http://www.rfc-editor.org/info/rfc5280>. | ||||
| [RFC5758] Dang, Q., Santesson, S., Moriarty, K., Brown, D., and T. | ||||
| Polk, "Internet X.509 Public Key Infrastructure: | ||||
| Additional Algorithms and Identifiers for DSA and ECDSA", | ||||
| RFC 5758, DOI 10.17487/RFC5758, January 2010, | ||||
| <http://www.rfc-editor.org/info/rfc5758>. | ||||
| [RFC7693] Saarinen, M-J., Ed. and J-P. Aumasson, "The BLAKE2 | [RFC7693] Saarinen, M-J., Ed. and J-P. Aumasson, "The BLAKE2 | |||
| Cryptographic Hash and Message Authentication Code (MAC)", | Cryptographic Hash and Message Authentication Code (MAC)", | |||
| RFC 7693, DOI 10.17487/RFC7693, November 2015, | RFC 7693, DOI 10.17487/RFC7693, November 2015, | |||
| <http://www.rfc-editor.org/info/rfc7693>. | <http://www.rfc-editor.org/info/rfc7693>. | |||
| [RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital | [RFC8032] Josefsson, S. and I. Liusvaara, "Edwards-Curve Digital | |||
| Signature Algorithm (EdDSA)", RFC 8032, | Signature Algorithm (EdDSA)", RFC 8032, | |||
| DOI 10.17487/RFC8032, January 2017, | DOI 10.17487/RFC8032, January 2017, | |||
| <http://www.rfc-editor.org/info/rfc8032>. | <http://www.rfc-editor.org/info/rfc8032>. | |||
| End of changes. 32 change blocks. | ||||
| 71 lines changed or deleted | 208 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||