| < draft-housley-contentcollection-04.txt | draft-housley-contentcollection-05.txt > | |||
|---|---|---|---|---|
| Network Working Group R. Housley | Network Working Group R. Housley | |||
| Internet Draft Vigil Security | Internet Draft Vigil Security | |||
| expires in six months November 2004 | expires in six months November 2004 | |||
| Protecting Multiple Contents with the | Protecting Multiple Contents with the | |||
| Cryptographic Message Syntax (CMS) | Cryptographic Message Syntax (CMS) | |||
| <draft-housley-contentcollection-04.txt> | <draft-housley-contentcollection-05.txt> | |||
| Status of this Memo | Status of this Memo | |||
| By submitting this Internet-Draft, I certify that any applicable | By submitting this Internet-Draft, I certify that any applicable | |||
| patent or other IPR claims of which I am aware have been disclosed, | patent or other IPR claims of which I am aware have been disclosed, | |||
| or will be disclosed, and any of which I become aware will be | or will be disclosed, and any of which I become aware will be | |||
| disclosed, in accordance with RFC 3668. | disclosed, in accordance with RFC 3668. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| skipping to change at page 2, line 35 ¶ | skipping to change at page 2, line 35 ¶ | |||
| In this document, the key words MUST, MUST NOT, REQUIRED, SHOULD, | In this document, the key words MUST, MUST NOT, REQUIRED, SHOULD, | |||
| SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL are to be interpreted as | SHOULD NOT, RECOMMENDED, MAY, and OPTIONAL are to be interpreted as | |||
| described in [STDWORDS]. | described in [STDWORDS]. | |||
| 1.2 Content Collection Example | 1.2 Content Collection Example | |||
| This section provides one simple example to motivate the need for the | This section provides one simple example to motivate the need for the | |||
| content collection content type. | content collection content type. | |||
| Consider an art collector that wants to sell one of his pieces, an | Consider an art collector who wants to sell one of his pieces, an | |||
| ancient Greek urn, called an amphora. The collector wants to compose | ancient Greek urn, called an amphora. The collector wants to compose | |||
| a digitally signed offer for sale. It includes three parts. The | a digitally signed offer for sale. It includes three parts. The | |||
| first part contains the owner's offer for sale, including the asking | first part contains the owner's offer for sale, including the asking | |||
| price. The second part contains a high-quality image of the amphora. | price. The second part contains a high-quality image of the amphora. | |||
| The final part contains an appraisal from a well-respected ceramics | The final part contains an appraisal from a well-respected ceramics | |||
| expert. The final part is digitally signed by the expert. Figure 1 | expert. The final part is digitally signed by the expert. Figure 1 | |||
| illustrates the structure, and the CMS SignedData content type is | illustrates the structure, and the CMS SignedData content type is | |||
| used for the two digital signatures. | used for the two digital signatures. | |||
| +---------------------------------------------------------+ | +---------------------------------------------------------+ | |||
| skipping to change at page 5, line 34 ¶ | skipping to change at page 5, line 34 ¶ | |||
| AuthenticatedData content types as specified in [CMS]. | AuthenticatedData content types as specified in [CMS]. | |||
| Implementations of this specification SHOULD also be prepared to | Implementations of this specification SHOULD also be prepared to | |||
| handle the object identifier for the CompressedData content type as | handle the object identifier for the CompressedData content type as | |||
| specified in [COMPRESS]. | specified in [COMPRESS]. | |||
| 3 Content With Attributes Content Type | 3 Content With Attributes Content Type | |||
| The content with attributes content type is used to transfer a single | The content with attributes content type is used to transfer a single | |||
| content, which is identified by a content type, and a collection of | content, which is identified by a content type, and a collection of | |||
| attributes associated with that content. The syntax accommodates an | attributes associated with that content. The syntax accommodates an | |||
| arbitrary number of attributes; however, there must be at least on | arbitrary number of attributes; however, there must be at least one | |||
| attribute. | attribute. | |||
| The following object identifier names the content with attributes | The following object identifier names the content with attributes | |||
| content type: | content type: | |||
| id-ct-contentWithAttrs OBJECT IDENTIFIER ::= { | id-ct-contentWithAttrs OBJECT IDENTIFIER ::= { | |||
| iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) | iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) | |||
| pkcs9(9) smime(16) ct(1) 20 } | pkcs9(9) smime(16) ct(1) 20 } | |||
| The content with attributes content has the following syntax: | The content with attributes content has the following syntax: | |||
| skipping to change at page 6, line 37 ¶ | skipping to change at page 6, line 37 ¶ | |||
| 4.2 Informative References | 4.2 Informative References | |||
| MIME Freed, N., and N. Borenstein. Multipurpose Internet Mail | MIME Freed, N., and N. Borenstein. Multipurpose Internet Mail | |||
| Extensions (MIME) Part One: Format of Internet Message | Extensions (MIME) Part One: Format of Internet Message | |||
| Bodies. RFC 2045, November 1996. | Bodies. RFC 2045, November 1996. | |||
| X501 CCITT. Recommendation X.501: The Directory -- Models. | X501 CCITT. Recommendation X.501: The Directory -- Models. | |||
| 1988. | 1988. | |||
| 4 Security Considerations | 5 Security Considerations | |||
| This specification does not introduce any new security considerations | The content collection content type is used to transfer one or more | |||
| beyond those already discussed in [CMS]. | contents, each identified by a content type. The syntax accommodates | |||
| contents with varying levels of protection. For example, a content | ||||
| collection could include CMS protection content types as well as | ||||
| unprotected content types. A content collection is expected to be | ||||
| encapsulated in one or more CMS protecting content types, but this is | ||||
| not required by this specification. As a result, implementations | ||||
| MUST be prepared to handle multiple levels of encapsulation. | ||||
| 5 IANA Considerations | The security considerations discussed in [CMS] are relevant when CMS | |||
| is used to protect more than one content by making use of the content | ||||
| collection content type or content with attributes content type. | ||||
| 6 IANA Considerations | ||||
| No IANA actions are needed. | No IANA actions are needed. | |||
| 6 IPR Considerations | 7 IPR Considerations | |||
| The IETF takes no position regarding the validity or scope of any | The IETF takes no position regarding the validity or scope of any | |||
| Intellectual Property Rights or other rights that might be claimed to | Intellectual Property Rights or other rights that might be claimed to | |||
| pertain to the implementation or use of the technology described in | pertain to the implementation or use of the technology described in | |||
| this document or the extent to which any license under such rights | this document or the extent to which any license under such rights | |||
| might or might not be available; nor does it represent that it has | might or might not be available; nor does it represent that it has | |||
| made any independent effort to identify any such rights. Information | made any independent effort to identify any such rights. Information | |||
| on the procedures with respect to rights in RFC documents can be | on the procedures with respect to rights in RFC documents can be | |||
| found in BCP 78 and BCP 79. | found in BCP 78 and BCP 79. | |||
| skipping to change at page 7, line 29 ¶ | skipping to change at page 7, line 33 ¶ | |||
| such proprietary rights by implementers or users of this | such proprietary rights by implementers or users of this | |||
| specification can be obtained from the IETF on-line IPR repository at | specification can be obtained from the IETF on-line IPR repository at | |||
| http://www.ietf.org/ipr. | http://www.ietf.org/ipr. | |||
| The IETF invites any interested party to bring to its attention any | The IETF invites any interested party to bring to its attention any | |||
| copyrights, patents or patent applications, or other proprietary | copyrights, patents or patent applications, or other proprietary | |||
| rights that may cover technology that may be required to implement | rights that may cover technology that may be required to implement | |||
| this standard. Please address the information to the IETF at ietf- | this standard. Please address the information to the IETF at ietf- | |||
| ipr@ietf.org. | ipr@ietf.org. | |||
| 7 Author's Address | 8 Author's Address | |||
| Russell Housley | Russell Housley | |||
| Vigil Security, LLC | Vigil Security, LLC | |||
| 918 Spring Knoll Drive | 918 Spring Knoll Drive | |||
| Herndon, VA 20170 | Herndon, VA 20170 | |||
| USA | USA | |||
| housley@vigilsec.com | housley@vigilsec.com | |||
| Appendix A: ASN.1 Module | Appendix A: ASN.1 Module | |||
| End of changes. 9 change blocks. | ||||
| 10 lines changed or deleted | 19 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||