idnits 2.17.1 draft-ietf-pkix-ecc-nist-recommended-curves-00.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** Looks like you're using RFC 2026 boilerplate. This must be updated to follow RFC 3978/3979, as updated by RFC 4748. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- ** The document seems to lack a 1id_guidelines paragraph about Internet-Drafts being working documents. ** The document seems to lack a 1id_guidelines paragraph about 6 months document validity -- however, there's a paragraph with a matching beginning. Boilerplate error? ** The document seems to lack a 1id_guidelines paragraph about the list of current Internet-Drafts. ** The document seems to lack a 1id_guidelines paragraph about the list of Shadow Directories -- however, there's a paragraph with a matching beginning. Boilerplate error? == No 'Intended status' indicated for this document; assuming Proposed Standard Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- ** The document seems to lack an IANA Considerations section. (See Section 2.2 of https://www.ietf.org/id-info/checklist for how to handle the case when there are no actions for IANA.) ** The document seems to lack separate sections for Informative/Normative References. All references will be assumed normative when checking for downward references. ** There is 1 instance of lines with control characters in the document. ** The abstract seems to contain references ([PKIX]), which it shouldn't. Please replace those with straight textual mentions of the documents in question. Miscellaneous warnings: ---------------------------------------------------------------------------- -- The first octets (the first characters of the first line) of this draft are 'PK', which can make Internet Explorer erroneously think that it is a zip file. It is recommended that you change this, for instance by inserting a blank line before the line starting with 'PK'. -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (June 3, 2002) is 7998 days in the past. Is this intentional? Checking references for intended status: Proposed Standard ---------------------------------------------------------------------------- (See RFCs 3967 and 4897 for information about using normative references to lower-maturity documents in RFCs) == Missing Reference: 'PKIX' is mentioned on line 36, but not defined == Missing Reference: 'RFC 2119' is mentioned on line 53, but not defined == Missing Reference: 'SEC 2' is mentioned on line 89, but not defined == Unused Reference: 'SEC2' is defined on line 164, but no explicit reference was found in the text -- Possible downref: Non-RFC (?) normative reference: ref. 'FIPS 186-2' -- Possible downref: Non-RFC (?) normative reference: ref. 'SEC2' Summary: 9 errors (**), 0 flaws (~~), 5 warnings (==), 5 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 PKIX Working Group Daniel R. L. Brown, 2 INTERNET-DRAFT Certicom Corp. 3 Expires December 3, 2001 June 3, 2002 5 NIST Recommended EC Domain Parameters For PKIX 6 8 Status of this Memo 10 This document is an Internet-Draft and is in full conformance with 11 all provisions of Section 10 of RFC2026. Internet-Drafts are working 12 documents of the Internet Engineering Task Force (IETF), its areas, 13 and its working groups. Note that other groups may also distribute 14 working documents as Internet-Drafts. 16 Internet-Drafts are draft documents valid for a maximum of six months 17 and may be updated, replaced, or made obsolete by other documents at 18 any time. It is inappropriate to use Internet-Drafts as reference 19 material or to cite them other than as work in progress. 21 The list of current Internet-Drafts may be found at 22 http://www.ietf.org/ietf/1id-abstracts.txt 24 The list of Internet-Draft Shadow Directories may be found at 25 http://www.ietf.org/shadow.html. 27 Abstract 29 This document gives the object identifiers for the elliptic curve 30 domain pararmeters that the National Institute of Standards and 31 Techology recommends in its publication "Digital Signature 32 Standard" (Federal Infomration Processing Standards 186-2). These 33 elliptic curve domain prameters are defined to align PKIX with 34 other ECC implementations and standards. It should be noted that 35 this document is not self-contained. It uses the notations and 36 definitions of [PKIX]. 38 Table of Contents 40 1. Introduction ............................................... 2 41 2. OIDs for NIST Recommnded EC Domain Paramters ............... 3 42 3. Security Considerations .................................... 3 43 4. Intellectual Property Rights ............................... 3 44 5. Acknowledgments ............................................ 4 45 6. References ................................................. 4 46 7. Authors' Addresses ......................................... 5 48 1. Introduction 50 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 51 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 52 document are to be interpreted as described in [RFC 2119]. 54 This document specifies algorithm identifiers and ASN.1 [X.660] 55 encoding formats for digital signatures and subject public keys 56 used in the Internet X.509 Public Key Infrastructure (PKI). This 57 specification supplements [RFC 3279], "Algorithms and Identifiers 58 for the Internet X.509 Public Key Infrastructure Certificate and 59 Certificate Revocation List (CRL) Profile " Implementations of this 60 specification MUST also conform to RFC 3279. 62 This specification describes the object identifiers used when 63 identifying elliptic curve domain parameters for elliptic curve 64 public keys. In particular it describes some object identifiers in 65 [ANSI X9.63] "American National Standard for Financial Services 66 X9.63-2001: Public Key Cryptography for the Financial Services 67 Industry: Key Agreement and Key Transport Using Elliptic Curve 68 Cryptography". These object identifiers are the named curves of 69 [ANSI X9.63] and are convenient way to identify certain elliptic 70 domain parameters. These curves and their object identifiers are 71 also given in [SEC 2] "Recommended Elliptic Curve Domain 72 Parameters". 74 NIST also recommends these named curves in [FIPS 186-2] "Digital 75 Signature Standard (DSS)". 77 The fifteen NIST recommended elliptic curve domain parameters have 78 the object identifiers named 80 secp192r1, sect163k1, sect163r2, 81 secp224r1, sect233k1, sect233r1, 82 secp256r1, sect283k1, sect283r1, 83 secp384r1, sect409k1, sect409r1, 84 secp521r1, sect571k1, sect571r1. 86 The values of these object identifiers are given in [ANSI X9.63], 87 [SEC 2] and Section 2 of this specification. The descriptions of 88 these elliptic curve domain parameters are given in [ANSI X9.63] 89 and [SEC 2]. 91 2. OIDs for NIST Recommnded EC Domain Paramters 93 The object identifiers for NIST recommended curves extend the 94 object identifiers anxi-x9-62 and elliptiCurve whose values are 96 ansi-x9-62 OBJECT IDENTIFER ::= { 97 iso(1) member-body(2) us(840) 10045 98 } 100 ellipticCurve OBJECT IDENTIFIER ::= { 101 iso(1) identified-organization(3) certicom(132) curve(0) 102 } 104 The values of the object identifiers for the fifteen NIST 105 recommended curves are 107 secp192r1 OBJECT IDENTIFIER ::= { ansi-x9-62 curves(3) prime(1) 1 } 108 sect163k1 OBJECT IDENTIFIER ::= { ellipticCurve 1 } 109 sect163r2 OBJECT IDENTIFIER ::= { ellipticCurve 15 } 110 secp224r1 OBJECT IDENTIFIER ::= { ellipticCurve 33 } 111 sect233k1 OBJECT IDENTIFIER ::= { ellipticCurve 26 } 112 sect233r1 OBJECT IDENTIFIER ::= { ellipticCurve 27 } 113 secp256r1 OBJECT IDENTIFIER ::= { ansi-x9-62 curves(3) prime(1) 7 } 114 sect283k1 OBJECT IDENTIFIER ::= { ellipticCurve 16 } 115 sect283r1 OBJECT IDENTIFIER ::= { ellipticCurve 17 } 116 secp384r1 OBJECT IDENTIFIER ::= { ellipticCurve 34 } 117 sect409k1 OBJECT IDENTIFIER ::= { ellipticCurve 36 } 118 sect409r1 OBJECT IDENTIFIER ::= { ellipticCurve 37 } 119 secp521r1 OBJECT IDENTIFIER ::= { ellipticCurve 35 } 120 sect571k1 OBJECT IDENTIFIER ::= { ellipticCurve 38 } 121 sect571r1 OBJECT IDENTIFIER ::= { ellipticCurve 39 } 123 3. Security Considerations 125 To be added later. 127 4. Intellectual Property Rights 129 The IETF has been notified of intellectual property rights claimed 130 in regard to the specification contained in this document. For more 131 information, consult the online list of claimed rights 132 (http://www.ietf.org/ipr.html). 134 The IETF takes no position regarding the validity or scope of any 135 intellectual property or other rights that might be claimed to 136 pertain to the implementation or use of the technology described in 137 this document or the extent to which any license under such rights 138 might or might not be available; neither does it represent that it 139 has made any effort to identify any such rights. Information on the 140 IETF's procedures with respect to rights in standards-track and 141 standards-related documentation can be found in BCP-11. Copies of 142 claims of rights made available for publication and any assurances 143 of licenses to be made available, or the result of an attempt made 144 to obtain a general license or permission for the use of such 145 proprietary rights by implementors or users of this specification 146 can be obtained from the IETF Secretariat. 148 5. Acknowledgments 150 To be added later. 152 6. References 154 [FIPS 186-2] U.S. Department of Commerce/National Institute of 155 Standards and Technology. Digital Signature Standard (DSS), FIPS 156 PUB 186-2, January 2000. 157 (http://csrc.nist.gov/fips/fips186-2.pdf) 159 [RFC 3279] W. Polk, R. Housley and L. Bassham. Algorithms and 160 Identifiers for the Internet X.509 Public Key Infrastructure 161 Certificate and Certificate Revocation List (CRL) Profile, April 162 2002. 164 [SEC2] Standards for Efficient Cryptography Group. SEC 2 - 165 Recommended Elliptic Curve Domain Parameters. Working Draft 166 Ver. 0.6., 1999. (http://www.secg.org) 168 [X9.63] American National Standard for Financial Services. ANSI 169 X9.63-2001, Public Key Cryptography for the Financial Services 170 Industry: Key Agreement and Key Transport using Elliptic Curve 171 Cryptography. November 2001. 173 7. Authors' Addresses 175 Authors: 177 Daniel R. L. Brown 178 Certicom Corp. 179 dbrown@certicom.com