idnits 2.17.1 draft-hallambaker-algorithm-identifiers-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 15. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 326. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 337. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 344. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 350. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (November 1, 2007) is 6011 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Missing Reference: 'SHA256' is mentioned on line 94, but not defined == Missing Reference: 'SHA512' is mentioned on line 97, but not defined == Unused Reference: '800-67' is defined on line 254, but no explicit reference was found in the text == Unused Reference: 'CSOR' is defined on line 257, but no explicit reference was found in the text == Unused Reference: 'FIPS 197' is defined on line 259, but no explicit reference was found in the text == Unused Reference: 'RFC2104' is defined on line 262, but no explicit reference was found in the text == Unused Reference: 'RFC2119' is defined on line 265, but no explicit reference was found in the text == Unused Reference: 'RFC2437' is defined on line 268, but no explicit reference was found in the text == Unused Reference: 'RFC2560' is defined on line 271, but no explicit reference was found in the text == Unused Reference: 'RFC2631' is defined on line 275, but no explicit reference was found in the text == Unused Reference: 'RFC4034' is defined on line 277, but no explicit reference was found in the text == Unused Reference: 'RFC4509' is defined on line 279, but no explicit reference was found in the text == Unused Reference: 'RFC4868' is defined on line 281, but no explicit reference was found in the text == Unused Reference: 'XML-C14' is defined on line 290, but no explicit reference was found in the text == Unused Reference: 'XML-XC14' is defined on line 292, but no explicit reference was found in the text ** Obsolete normative reference: RFC 2437 (Obsoleted by RFC 3447) ** Obsolete normative reference: RFC 2560 (Obsoleted by RFC 6960) Summary: 3 errors (**), 0 flaws (~~), 16 warnings (==), 7 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 2 Internet Engineering Task Force P. Hallam-Baker 3 Internet-Draft VeriSign Inc 4 Intended status: Informational November 1, 2007 5 Expires: May 4, 2008 7 Cryptographic Algorithm Identifiers 8 draft-hallambaker-algorithm-identifiers-00 10 Status of this Memo 12 By submitting this Internet-Draft, each author represents that any 13 applicable patent or other IPR claims of which he or she is aware 14 have been or will be disclosed, and any of which he or she becomes 15 aware will be disclosed, in accordance with Section 6 of BCP 79. 17 Internet-Drafts are working documents of the Internet Engineering 18 Task Force (IETF), its areas, and its working groups. Note that 19 other groups may also distribute working documents as Internet- 20 Drafts. 22 Internet-Drafts are draft documents valid for a maximum of six months 23 and may be updated, replaced, or obsoleted by other documents at any 24 time. It is inappropriate to use Internet-Drafts as reference 25 material or to cite them other than as "work in progress." 27 The list of current Internet-Drafts can be accessed at 28 http://www.ietf.org/ietf/1id-abstracts.txt. 30 The list of Internet-Draft Shadow Directories can be accessed at 31 http://www.ietf.org/shadow.html. 33 This Internet-Draft will expire on May 4, 2008. 35 Copyright Notice 37 Copyright (C) The IETF Trust (2007). 39 Abstract 41 Preferred identifiers for cryptographic algorithms currently in use 42 in Internet standards. 44 Table of Contents 46 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 47 2. Unkeyed Algorithms . . . . . . . . . . . . . . . . . . . . . . 3 48 2.1. Digest Algorithms . . . . . . . . . . . . . . . . . . . . . 3 49 2.1.1. SHA2 . . . . . . . . . . . . . . . . . . . . . . . . . 3 50 2.1.2. RIPEMD-160 . . . . . . . . . . . . . . . . . . . . . . 3 51 3. Symmetric Algorithms . . . . . . . . . . . . . . . . . . . . . 3 52 3.1. Encryption Algorithms . . . . . . . . . . . . . . . . . . . 3 53 3.1.1. Block Ciphers . . . . . . . . . . . . . . . . . . . . . 3 54 3.1.1.1. Triple Data Encryption Algorithm . . . . . . . . . 3 55 3.1.1.2. Advanced Encryption Standard . . . . . . . . . . . 4 56 3.1.2. Stream Ciphers . . . . . . . . . . . . . . . . . . . . 4 57 3.1.2.1. RC4 . . . . . . . . . . . . . . . . . . . . . . . . 4 58 3.2. Message Authentication Codes . . . . . . . . . . . . . . . 4 59 3.2.1. HMAC . . . . . . . . . . . . . . . . . . . . . . . . . 4 60 3.3. One Time Password . . . . . . . . . . . . . . . . . . . . . 5 61 3.4. Combination Modes . . . . . . . . . . . . . . . . . . . . . 5 62 4. Asymmetric Algorithms . . . . . . . . . . . . . . . . . . . . . 5 63 4.1. Key Agreement . . . . . . . . . . . . . . . . . . . . . . . 5 64 4.1.1. Diffie-Hellman . . . . . . . . . . . . . . . . . . . . 5 65 4.1.2. RSA . . . . . . . . . . . . . . . . . . . . . . . . . . 5 66 4.2. Signature . . . . . . . . . . . . . . . . . . . . . . . . . 5 67 4.2.1. RSA . . . . . . . . . . . . . . . . . . . . . . . . . . 5 68 4.3. Encryption . . . . . . . . . . . . . . . . . . . . . . . . 6 69 4.3.1. RSA . . . . . . . . . . . . . . . . . . . . . . . . . . 6 70 5. XML Tranformation . . . . . . . . . . . . . . . . . . . . . . . 6 71 5.1. Canonicalization . . . . . . . . . . . . . . . . . . . . . 6 72 6. Encoding . . . . . . . . . . . . . . . . . . . . . . . . . . . 6 73 6.1. Binary . . . . . . . . . . . . . . . . . . . . . . . . . . 6 74 6.1.1. Base 64 . . . . . . . . . . . . . . . . . . . . . . . . 6 75 7. Security Considerations . . . . . . . . . . . . . . . . . . . . 6 76 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 6 77 9. Normative References . . . . . . . . . . . . . . . . . . . . . 6 78 Author's Address . . . . . . . . . . . . . . . . . . . . . . . . . 7 79 Intellectual Property and Copyright Statements . . . . . . . . . . 9 81 1. Introduction 83 2. Unkeyed Algorithms 85 2.1. Digest Algorithms 87 2.1.1. SHA2 89 Standards Document: FIPS??? 91 [Identifiers defined in xmldsig-core: XML-Signature Syntax and 92 Processing] 94 Identifier: [SHA256] [length =256] [uri 95 =http://www.w3.org/2001/04/xmlenc#sha256] 97 Identifier: [SHA512] [length =512] [uri 98 =http://www.w3.org/2001/04/xmlenc#sha512] 100 [Identifiers defined in : ] 102 Identifier: [DNSSEC Code=2] [length =256] 104 2.1.2. RIPEMD-160 106 [Identifiers defined in xmldsig-core: XML-Signature Syntax and 107 Processing] 109 Identifier: [uri =http://www.w3.org/2001/04/xmlenc#ripemd160] 111 3. Symmetric Algorithms 113 3.1. Encryption Algorithms 115 3.1.1. Block Ciphers 117 3.1.1.1. Triple Data Encryption Algorithm 119 Alias: Triple DES 121 Standards Document: 800-67 123 Standards Document: X9.52 125 [Identifiers defined in xmlenc-core: XML Encryption Syntax and 126 Processing] 127 Identifier: [Mode =cbc] [uri 128 =http://www.w3.org/2001/04/xmlenc#tripledes-cbc] 130 Identifier: [Mode =kw] [uri 131 =http://www.w3.org/2001/04/xmlenc#kw-tripledes] 133 3.1.1.2. Advanced Encryption Standard 135 Standards Document: FIPS 197 137 [Identifiers defined in xmlenc-core: XML Encryption Syntax and 138 Processing] 140 Identifier: [length =128] [Mode =cbc] [uri 141 =http://www.w3.org/2001/04/xmlenc#aes128-cbc] 143 Identifier: [length =192] [Mode =cbc] [uri 144 =http://www.w3.org/2001/04/xmlenc#aes192-cbc] 146 Identifier: [length =256] [Mode =cbc] [uri 147 =http://www.w3.org/2001/04/xmlenc#aes256-cbc] 149 Identifier: [length =128] [Mode =kw] [uri 150 =http://www.w3.org/2001/04/xmlenc#kw-aes128] 152 Identifier: [length =192] [Mode =kw] [uri 153 =http://www.w3.org/2001/04/xmlenc#kw-aes192] 155 Identifier: [length =256] [Mode =kw] [uri 156 =http://www.w3.org/2001/04/xmlenc#kw-aes256] 158 3.1.2. Stream Ciphers 160 3.1.2.1. RC4 162 3.2. Message Authentication Codes 164 3.2.1. HMAC 166 Standards Document: RFC2104 168 [Identifiers defined in xmldsig-core: XML-Signature Syntax and 169 Processing] 171 Identifier: [Mode =SHA1] [uri 172 =http://www.w3.org/2000/09/xmldsig#hmac-sha1] 174 3.3. One Time Password 176 No algorithms registered yet. 178 3.4. Combination Modes 180 No algorithms registered yet. 182 4. Asymmetric Algorithms 184 4.1. Key Agreement 186 4.1.1. Diffie-Hellman 188 Standards Document: RFC2631 190 Standards Document: X9.42 192 [Identifiers defined in xmlenc-core: XML Encryption Syntax and 193 Processing] 195 Identifier: [uri =http://www.w3.org/2001/04/xmlenc#dh] 197 4.1.2. RSA 199 Standards Document: RFC2437 201 4.2. Signature 203 4.2.1. RSA 205 Standards Document: RFC2437 207 [Identifiers defined in xmldsig-core: XML-Signature Syntax and 208 Processing] 210 Identifier: [Mode =SHA1] [uri 211 =http://www.w3.org/2000/09/xmldsig#rsa-sha1] 213 [Identifiers defined in : ] 215 Identifier: [DNSSEC Code=5] [Mode =sha1] 217 Identifier: [DNSSEC Code=1] [Mode =md5] 219 4.3. Encryption 221 4.3.1. RSA 223 Standards Document: RFC2437 225 5. XML Tranformation 227 5.1. Canonicalization 229 No algorithms registered yet. 231 6. Encoding 233 6.1. Binary 235 6.1.1. Base 64 237 Standards Document: Base64 239 [Identifiers defined in xmldsig-core: XML-Signature Syntax and 240 Processing] 242 Identifier: [uri =http://www.w3.org/2000/09/xmldsig#base64] 244 7. Security Considerations 246 TBS 248 8. IANA Considerations 250 TBS 252 9. Normative References 254 [800-67] "Recommendation for the Triple Data Encryption Algorithm 255 (TDEA) Block Cipher", May 2004. 257 [CSOR] "Cryptographic Algorithm Object Registration". 259 [FIPS 197] 260 "Advanced Encryption Standard (AES)", November 2001. 262 [RFC2104] "HMAC: Keyed-Hashing for Message Authentication", 263 February 1997. 265 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 266 Requirement Levels", BCP 14, RFC 2119, March 1997. 268 [RFC2437] "PKCS #1: RSA Cryptography Specifications Version 2.0", 269 October 1998. 271 [RFC2560] Myers, M., Ankney, R., Malpani, A., Galperin, S., and C. 272 Adams, "X.509 Internet Public Key Infrastructure Online 273 Certificate Status Protocol - OCSP", RFC 2560, June 1999. 275 [RFC2631] "Diffie-Hellman Key Agreement Method", June 1999. 277 [RFC4034] "". 279 [RFC4509] "". 281 [RFC4868] "Using HMAC-SHA-256, HMAC-SHA-384, and HMAC-SHA-512 with 282 IPsec". 284 [X9.42] "Agreement of Symmetric Keys Using Discrete Logarithm 285 Cryptography". 287 [X9.52] "Triple Data Encryption Algorithm Modes of Operation", 288 1998. 290 [XML-C14] "XML Canonicalization". 292 [XML-XC14] 293 "Exclusive XML Canonicalization". 295 [xmldsig-core] 296 "XML-Signature Syntax and Processing", February 2002. 298 [xmlenc-core] 299 "XML Encryption Syntax and Processing". 301 [xpath] "XML Path Language (XPath) Version 1.0", November 1999. 303 [xslt] "XSL Transformations (XSLT) Version 1.0", November 16. 305 Author's Address 307 Phillip Hallam-Baker 308 VeriSign Inc 310 Email: pbaker@verisign.com 312 Full Copyright Statement 314 Copyright (C) The IETF Trust (2007). 316 This document is subject to the rights, licenses and restrictions 317 contained in BCP 78, and except as set forth therein, the authors 318 retain all their rights. 320 This document and the information contained herein are provided on an 321 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 322 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 323 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 324 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 325 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 326 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 328 Intellectual Property 330 The IETF takes no position regarding the validity or scope of any 331 Intellectual Property Rights or other rights that might be claimed to 332 pertain to the implementation or use of the technology described in 333 this document or the extent to which any license under such rights 334 might or might not be available; nor does it represent that it has 335 made any independent effort to identify any such rights. Information 336 on the procedures with respect to rights in RFC documents can be 337 found in BCP 78 and BCP 79. 339 Copies of IPR disclosures made to the IETF Secretariat and any 340 assurances of licenses to be made available, or the result of an 341 attempt made to obtain a general license or permission for the use of 342 such proprietary rights by implementers or users of this 343 specification can be obtained from the IETF on-line IPR repository at 344 http://www.ietf.org/ipr. 346 The IETF invites any interested party to bring to its attention any 347 copyrights, patents or patent applications, or other proprietary 348 rights that may cover technology that may be required to implement 349 this standard. Please address the information to the IETF at 350 ietf-ipr@ietf.org. 352 Acknowledgment 354 Funding for the RFC Editor function is provided by the IETF 355 Administrative Support Activity (IASA).