| < draft-ietf-pkix-certimage-10.txt | draft-ietf-pkix-certimage-11.txt > | |||
|---|---|---|---|---|
| INTERNET-DRAFT Stefan Santesson (3xA Security) | INTERNET-DRAFT Stefan Santesson (3xA Security) | |||
| Intended Status: Proposed Standard Russ Housley (Vigil Security) | Intended Status: Proposed Standard Russ Housley (Vigil Security) | |||
| Updates: 3709 (once approved) Siddharth Bajaj (VeriSign) | Updates: 3709 (once approved) Siddharth Bajaj (VeriSign) | |||
| Expires: January 27, 2011 Leonard Rosenthol (Adobe) | Expires: August 19, 2011 Leonard Rosenthol (Adobe) | |||
| July 26, 2010 | February 15, 2011 | |||
| Internet X.509 Public Key Infrastructure - Certificate Image | Internet X.509 Public Key Infrastructure - Certificate Image | |||
| <draft-ietf-pkix-certimage-10> | <draft-ietf-pkix-certimage-11> | |||
| Status of this Memo | Status of this Memo | |||
| This Internet-Draft is submitted to IETF in full conformance with the | This Internet-Draft is submitted to IETF in full conformance with the | |||
| provisions of BCP 78 and BCP 79. | provisions of BCP 78 and BCP 79. | |||
| Internet-Drafts are working documents of the Internet Engineering | Internet-Drafts are working documents of the Internet Engineering | |||
| Task Force (IETF), its areas, and its working groups. Note that | Task Force (IETF), its areas, and its working groups. Note that | |||
| other groups may also distribute working documents as Internet- | other groups may also distribute working documents as Internet- | |||
| Drafts. | Drafts. | |||
| skipping to change at page 1, line 35 ¶ | skipping to change at page 1, line 35 ¶ | |||
| material or to cite them other than as "work in progress." | material or to cite them other than as "work in progress." | |||
| The list of current Internet-Drafts can be accessed at | The list of current Internet-Drafts can be accessed at | |||
| http://www.ietf.org/1id-abstracts.html | http://www.ietf.org/1id-abstracts.html | |||
| The list of Internet-Draft Shadow Directories can be accessed at | The list of Internet-Draft Shadow Directories can be accessed at | |||
| http://www.ietf.org/shadow.html | http://www.ietf.org/shadow.html | |||
| Copyright and License Notice | Copyright and License Notice | |||
| Copyright (c) 2010 IETF Trust and the persons identified as the | Copyright (c) 2011 IETF Trust and the persons identified as the | |||
| document authors. All rights reserved. | document authors. All rights reserved. | |||
| This document is subject to BCP 78 and the IETF Trust's Legal | This document is subject to BCP 78 and the IETF Trust's Legal | |||
| Provisions Relating to IETF Documents | Provisions Relating to IETF Documents | |||
| (http://trustee.ietf.org/license-info) in effect on the date of | (http://trustee.ietf.org/license-info) in effect on the date of | |||
| publication of this document. Please review these documents | publication of this document. Please review these documents | |||
| carefully, as they describe your rights and restrictions with respect | carefully, as they describe your rights and restrictions with respect | |||
| to this document. Code Components extracted from this document must | to this document. Code Components extracted from this document must | |||
| include Simplified BSD License text as described in Section 4.e of | include Simplified BSD License text as described in Section 4.e of | |||
| the Trust Legal Provisions and are provided without warranty as | the Trust Legal Provisions and are provided without warranty as | |||
| described in the Simplified BSD License. | described in the Simplified BSD License. | |||
| Abstract | Abstract | |||
| This document specifies a method to bind a visual representation of a | This document specifies a method to bind a visual representation of a | |||
| certificate in the form of a certificate image to a [RFC5280] public | certificate in the form of a certificate image to a public key | |||
| key certificate by defining a new otherLogos image type according to | certificate as defined in RFC 5280 [RFC5280] by defining a new | |||
| [RFC3709]. | otherLogos image type according to RFC 3709 [RFC3709]. | |||
| Table of Contents | Table of Contents | |||
| 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 3 | 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . 3 | |||
| 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . 4 | 1.2. Terminology . . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 2. Certificate Image . . . . . . . . . . . . . . . . . . . . . . . 4 | 2. Certificate Image . . . . . . . . . . . . . . . . . . . . . . . 4 | |||
| 3. LogotypeImageInfo . . . . . . . . . . . . . . . . . . . . . . . 5 | 3. LogotypeImageInfo . . . . . . . . . . . . . . . . . . . . . . . 5 | |||
| 4. Embedded images . . . . . . . . . . . . . . . . . . . . . . . . 6 | 4. Embedded images . . . . . . . . . . . . . . . . . . . . . . . . 6 | |||
| 5. Certificate Image Formats . . . . . . . . . . . . . . . . . . . 7 | 5. Certificate Image Formats . . . . . . . . . . . . . . . . . . . 7 | |||
| 5.1. PDF . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 | 5.1. PDF . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7 | |||
| skipping to change at page 5, line 23 ¶ | skipping to change at page 5, line 23 ¶ | |||
| is included here for convenience: | is included here for convenience: | |||
| LogotypeImageInfo ::= SEQUENCE { | LogotypeImageInfo ::= SEQUENCE { | |||
| type [0] LogotypeImageType DEFAULT color, | type [0] LogotypeImageType DEFAULT color, | |||
| fileSize INTEGER, -- In octets | fileSize INTEGER, -- In octets | |||
| xSize INTEGER, -- Horizontal size in pixels | xSize INTEGER, -- Horizontal size in pixels | |||
| ySize INTEGER, -- Vertical size in pixels | ySize INTEGER, -- Vertical size in pixels | |||
| resolution LogotypeImageResolution OPTIONAL, | resolution LogotypeImageResolution OPTIONAL, | |||
| language [4] IA5String OPTIONAL } -- RFC 3066 Language Tag | language [4] IA5String OPTIONAL } -- RFC 3066 Language Tag | |||
| Note: The referenced RFC 3066 in the structure above (from RFC 3709) | ||||
| is obsolete and is currently replaced by RFC 5646 [RFC5646]. | ||||
| The language tag may carry information about the the language | ||||
| used to express any textual elements within the image as well | ||||
| as any audio information associated with the image. | ||||
| When the optional LogotypeImageInfo is included with a certificate | When the optional LogotypeImageInfo is included with a certificate | |||
| image, the parameters shall be used with the following semantics and | image, the parameters shall be used with the following semantics and | |||
| restrictions. | restrictions. | |||
| xSize and ySize represents recommended display size for the image. | xSize and ySize represents recommended display size for the image. | |||
| When a value of 0 (zero) is present, no recommended display size | When a value of 0 (zero) is present, no recommended display size | |||
| specified. When non-zero values are present and these values differ | specified. When non-zero values are present and these values differ | |||
| from corresponding size values in the referenced image file, then the | from corresponding size values in the referenced image file, then the | |||
| referenced image SHOULD be scaled to fit within the size parameters | referenced image SHOULD be scaled to fit within the size parameters | |||
| of LogotypeImageInfo, while keeping x and y ratio intact. | of LogotypeImageInfo, while keeping x and y ratio intact. | |||
| skipping to change at page 8, line 12 ¶ | skipping to change at page 8, line 12 ¶ | |||
| over the SVGZ file is calculated over the decompressed SVG content | over the SVGZ file is calculated over the decompressed SVG content | |||
| with canonicalized EOL characters (<LF>) as specified above. | with canonicalized EOL characters (<LF>) as specified above. | |||
| The following MIME media type, defined in Appendix M of [SVGT], MUST | The following MIME media type, defined in Appendix M of [SVGT], MUST | |||
| be included as mediaType in LogotypeDetails for all SVG and SVGZ | be included as mediaType in LogotypeDetails for all SVG and SVGZ | |||
| images: | images: | |||
| image/svg+xml | image/svg+xml | |||
| When the SVG image is embedded using the "data" URL scheme as defined | When the SVG image is embedded using the "data" URL scheme as defined | |||
| in section 5, SVG image data SHOULD be provided in SVGZ (GZIP | in section 4, SVG image data MUST be provided in SVGZ (GZIP | |||
| compressed) form and MAY be provided in uncompressed SVG form. | compressed) form (i.e. it MUST NOT be provided in uncompressed SVG | |||
| Compliant implementations that process embedded SVG images MUST be | form). | |||
| able to handle both compressed and uncompressed image data. | ||||
| Compliant implementations of this specification SHOULD be able to | Compliant implementations of this specification SHOULD be able to | |||
| process SVG images that are formatted according to this section. | process SVG images that are formatted according to this section. | |||
| 5.3. PNG | 5.3. PNG | |||
| If a certificate image is provided as a bit mapped image, the PNG | If a certificate image is provided as a bit mapped image, the PNG | |||
| [ISO15948] format SHOULD be used. | [ISO15948] format SHOULD be used. | |||
| PNG images are identified by the following mediaType in | PNG images are identified by the following mediaType in | |||
| skipping to change at page 10, line 39 ¶ | skipping to change at page 10, line 39 ¶ | |||
| [RFC3709] S. Santesson, R. Housley, T. Freeman, "Internet X.509 | [RFC3709] S. Santesson, R. Housley, T. Freeman, "Internet X.509 | |||
| Public Key Infrastructure Logotypes in X.509 | Public Key Infrastructure Logotypes in X.509 | |||
| Certificates", RFC 3709, February 2004 | Certificates", RFC 3709, February 2004 | |||
| [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | [RFC5280] Cooper, D., Santesson, S., Farrell, S., Boeyen, S., | |||
| Housley, R., and W. Polk, "Internet X.509 Public Key | Housley, R., and W. Polk, "Internet X.509 Public Key | |||
| Infrastructure Certificate and Certificate Revocation List | Infrastructure Certificate and Certificate Revocation List | |||
| (CRL) Profile", RFC 5280, May 2008 | (CRL) Profile", RFC 5280, May 2008 | |||
| [RFC5646] A. Phillips, M. Davis, "Tags for Identifying Languages", | ||||
| RFC 5646, September 2009 | ||||
| [ISO15948] ISO/IEC 15948:2004, "Information technology - Computer | [ISO15948] ISO/IEC 15948:2004, "Information technology - Computer | |||
| graphics and image processing -- Portable Network Graphics | graphics and image processing -- Portable Network Graphics | |||
| (PNG): Functional specification", 2004 | (PNG): Functional specification", 2004 | |||
| [ISO19005] ISO 19005-1:2005, "Document Management - Electronic | [ISO19005] ISO 19005-1:2005, "Document Management - Electronic | |||
| document file format for long term preservation - Part 1: | document file format for long term preservation - Part 1: | |||
| Use of PDF 1.4 (PDF/A-1)", 2005 | Use of PDF 1.4 (PDF/A-1)", 2005 | |||
| [ISO32000] ISO 32000-1:2008, "Document management - Portable document | [ISO32000] ISO 32000-1:2008, "Document management - Portable document | |||
| format" -- Part 1: PDF 1.7, April 2008 | format" -- Part 1: PDF 1.7, April 2008 | |||
| End of changes. 7 change blocks. | ||||
| 11 lines changed or deleted | 19 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/ | ||||