idnits 2.17.1 draft-ietf-smime-rfc3278-update-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 16. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 1126. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 1137. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 1144. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 1150. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year (Using the creation date from RFC3278, updated by this document, for RFC5378 checks: 1999-10-26) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (April 22, 2008) is 5847 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Missing Reference: 'SEC1' is mentioned on line 574, but not defined == Missing Reference: 'SEC2' is mentioned on line 387, but not defined == Missing Reference: 'FIPS-180' is mentioned on line 557, but not defined == Missing Reference: 'FIPS' is mentioned on line 574, but not defined == Missing Reference: 'FIPS-186-2' is mentioned on line 574, but not defined -- Looks like a reference, but probably isn't: '0' on line 952 -- Looks like a reference, but probably isn't: '2' on line 953 ** Obsolete normative reference: RFC 3278 (Obsoleted by RFC 5753) Summary: 2 errors (**), 0 flaws (~~), 6 warnings (==), 9 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 S/MIME WG Sean Turner, IECA 2 Internet Draft Daniel Brown, Certicom 3 Intended Status: Informational April 22, 2008 4 Updates: 3278 (once approved) 5 Expires: October 22, 2008 7 Update to Use of Elliptic Curve Cryptography (ECC) Algorithms 8 in Cryptographic Message Syntax (CMS) 9 draft-ietf-smime-rfc3278-update-02.txt 11 Status of this Memo 13 By submitting this Internet-Draft, each author represents that any 14 applicable patent or other IPR claims of which he or she is aware 15 have been or will be disclosed, and any of which he or she becomes 16 aware will be disclosed, in accordance with Section 6 of BCP 79. 18 Internet-Drafts are working documents of the Internet Engineering 19 Task Force (IETF), its areas, and its working groups. Note that 20 other groups may also distribute working documents as Internet- 21 Drafts. 23 Internet-Drafts are draft documents valid for a maximum of six months 24 and may be updated, replaced, or obsoleted by other documents at any 25 time. It is inappropriate to use Internet-Drafts as reference 26 material or to cite them other than as "work in progress." 28 The list of current Internet-Drafts can be accessed at 29 http://www.ietf.org/ietf/1id-abstracts.txt 31 The list of Internet-Draft Shadow Directories can be accessed at 32 http://www.ietf.org/shadow.html 34 This Internet-Draft will expire on October 22, 2008. 36 Copyright Notice 38 Copyright (C) The IETF Trust (2008). 40 Abstract 42 RFC 3278 describes how to use Elliptic Curve Cryptography (ECC) 43 public-key algorithms in the Cryptographic Message Syntax (CMS). 44 This document updates RFC 3278 to add support for the SHA2 family of 45 hash algorithms. 47 Conventions used in this document 49 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 50 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 51 document are to be interpreted as described in [MUST]. 53 Discussion 55 This draft is being discussed on the 'ietf-smime' mailing list. To 56 subscribe, send a message to ietf-smime-request@imc.org with the 57 single word subscribe in the body of the message. There is a Web site 58 for the mailing list at . 60 Table of Contents 62 1. Introduction...................................................2 63 2. Updates to Paragraph 2.1.1.....................................3 64 3. Updates to Paragraph 3.1.1.....................................4 65 4. Updates to Paragraph 3.2.1.....................................4 66 5. Updates to Paragraph 5.........................................5 67 6. Updates to Paragraph 7.........................................5 68 7. Updates to Paragraph 8.1.......................................9 69 8. Updates to Paragraph 9........................................12 70 9. Changes to Security Considerations............................13 71 10. Add Annex A: ASN.1 Module....................................14 72 11. Security Considerations......................................24 73 12. IANA Considerations..........................................24 74 13. References...................................................25 75 13.1. Normative References....................................25 76 13.2. Informative References..................................25 78 1. Introduction 80 RFC 3278 describes how to use Elliptic Curve Cryptography (ECC) 81 public-key algorithms in the Cryptographic Message Syntax (CMS). 82 This document updates RFC 3278 to add support for the SHA2 family of 83 hash algorithms. 85 The following summarizes the changes: 87 - Paragraph 2.1.1 limited the digest algorithm to SHA-1. This 88 document expands the allowed algorithms to SHA-224, SHA-256, SHA- 89 384, and SHA-512. 91 - Paragraph 3.1.1 used SHA1 in the KDF with ECDH std and cofactor 92 methods. This document expands the options to the allowed 93 algorithms to SHA-224, SHA-256, SHA-384, and SHA-512. 95 - Paragraph 3.1.2 used SHA1 in the KDF with ECMQV. This document 96 expands the options to the allowed algorithms to SHA-224, SHA- 97 256, SHA-384, and SHA-512. 99 - Paragraph 5 was update to include requirements for hash algorithms 100 and recommendations for matching curves and hash algorithms. It 101 also was expanded to indicate which ECDH and ECMQV variants are 102 required. 104 - Paragraph 7 was update to include S/MIME capabilities for ECDSA 105 with SHA-224, SHA-256, SHA-384, and SHA-512. It was also updated 106 to include S/MIME capabilities for ECDH and ECMQV using SHA2 107 algorithms as the KDF. 109 - Paragraph 8.1 listed the algorithm identifiers for SHA-1 and SHA-1 110 with ECDSA. This document adds algorithms for SHA-224, SHA-256, 111 SHA-384, and SHA-512 and SHA-224, SHA-256, SHA-384, and SHA-512 112 with ECDSA. This document also updates the list of algorithm 113 identifiers for ECDH std, ECDH cofactor, and ECMQV with SHA2 114 algorithms as the KDF. 116 - Paragraph 9 references need to be updated. 118 - Added ASN.1 module. 120 - Security considerations paragraph referring to definitions of SHA- 121 224, SHA-256, SHA-384, and SHA-512 needs to be deleted. 123 2. Updates to Paragraph 2.1.1 125 Old: 127 digestAlgorithm MUST contain the algorithm identifier sha-1 (see 128 Section 8.1) which identifies the SHA-1 hash algorithm. 130 signatureAlgorithm contains the algorithm identifier ecdsa-with- 131 SHA1 (see Section 8.1) which identifies the ECDSA signature 132 algorithm. 134 New: 136 digestAlgorithm MUST contain the algorithm identifier of the hash 137 algorithm (see Section 8.1) which MUST be one of the following: 138 id-sha1 identifies the SHA-1 hash algorithm, id-sha224 identifies 139 the SHA-224 hash algorithm, id-sha256 identifies the SHA-256 hash 140 algorithm, id-sha384 identifies the SHA-384 algorithm, and id- 141 sha512 identifies the SHA-512 algorithm. 143 signatureAlgorithm contains the signature algorithm identifier 144 (see Section 8.1): ecdsa-with-SHA1, ecdsa-with-SHA224, ecdsa- 145 with-SHA256, ecdsa-with-SHA384, or ecdsa-with-SHA512. 147 3. Updates to Paragraph 3.1.1 149 Old: 151 keyEncryptionAlgorithm MUST contain the dhSinglePass-stdDH-sha1kdf- 152 scheme object identifier (see Section 8.1) if standard ECDH 153 primitive is used, or the dhSinglePass-cofactorDH-sha1kdf-scheme 154 object identifier (see Section 8.1) if the cofactor ECDH primitive 155 is used. The parameters field contains KeyWrapAlgorithm. The 156 KeyWrapAlgorithm is the algorithm identifier that indicates the 157 symmetric encryption algorithm used to encrypt the content- 158 encryption key (CEK) with the key-encryption key (KEK). 160 New: 162 keyEncryptionAlgorithm MUST contain the key encryption algorithm 163 object identifier (see Section 8.1). The parameters field contains 164 KeyWrapAlgorithm. The KeyWrapAlgorithm is the algorithm identifier 165 that indicates the symmetric encryption algorithm used to encrypt 166 the content-encryption key (CEK) with the key-encryption key (KEK). 167 Algorithm requirements are found in paragraph 5. 169 4. Updates to Paragraph 3.2.1 171 Old: 173 keyEncryptionAlgorithm MUST be the mqvSinglePass-sha1kdf-scheme 174 algorithm identifier (see Section 8.1), with the parameters field 175 KeyWrapAlgorithm. The KeyWrapAlgorithm indicates the symmetric 176 encryption algorithm used to encrypt the CEK with the KEK generated 177 using the 1-Pass ECMQV algorithm. 179 New: 181 keyEncryptionAlgorithm MUST be the key encryption algorithm 182 identifier (see Section 8.1), with the parameters field 183 KeyWrapAlgorithm. The KeyWrapAlgorithm indicates the symmetric 184 encryption algorithm used to encrypt the CEK with the KEK generated 185 using the 1-Pass ECMQV algorithm. Algorithm requirements are found 186 in paragraph 5. 188 5. Updates to Paragraph 5 190 Add the following to the end of the section: 192 Implementations of this specification MUST implement the SHA-256 193 hash algorithm. The SHA-1, SHA-224, SHA-384, SHA-512 hash 194 algorithms MAY be supported. 196 When ECDSA, ECDH, or ECMQV is used, it is RECOMMENDED that the P- 197 256 curve be used with SHA-256, the P-384 curve be used with SHA- 198 384, and the P-521 curve be used with SHA-512. 200 Implementations of this specification that support EnvelopedData 201 with ephemeral-static ECDH standard primitive MUST support the 202 dhSinglePass-stdDH-sha256kdf-scheme algorithm. They MUST also 203 support the id-aes128-wrap algorithm. 205 Implementations of this specification that support EnvelopedData 206 with ephemeral-static ECDH cofactor primitive MUST support the 207 dhSinglePass-cofactorDH-sha256kdf-scheme algorithm. They MUST 208 also support the id-aes128-wrap algorithm. 210 Implementations of this specification that support EnvelopedData 211 with ECMQV MUST support the mqvSinglePass-sha256kdf-scheme 212 algorithm. They MUST also support the id-aes128-wrap algorithm. 214 Implementations of this specification that support 215 AuthenticatedData with ECMQV MUSt support the 216 mqvSinglePass-sha256kdf-scheme algorithm. They MUST also support 217 the id-aes128-wrap algorithm. 219 6. Updates to Paragraph 7 221 Old: 223 The SMIMECapability value to indicate support for the ECDSA 224 signature algorithm is the SEQUENCE with the capabilityID field 225 containing the object identifier ecdsa-with-SHA1 with NULL 226 parameters. The DER encoding is: 228 30 0b 06 07 2a 86 48 ce 3d 04 01 05 00 230 New: 232 The SMIMECapability value to indicate support for the ECDSA 233 signature algorithm is the SEQUENCE with the capabilityID field 234 containing the object identifiers ecdsa-with-SHA* object 235 identifiers (where * is 1, 224, 256, 384, or 512) all with NULL 236 parameters. The DER encodings are: 238 ecdsa-with-SHA1: 30 0b 06 07 2a 86 48 ce 3d 04 01 05 00 240 ecdsa-with-SHA224: 30 0c 06 08 2a 86 48 ce 3d 04 03 01 05 00 242 ecdsa-with-SHA256: 30 0c 06 08 2a 86 48 ce 3d 04 03 02 05 00 244 ecdsa-with-SHA384: 30 0c 06 08 2a 86 48 ce 3d 04 03 03 05 00 246 ecdsa-with-SHA512: 30 0c 06 08 2a 86 48 ce 3d 04 03 04 05 00 248 Old: 250 The SMIMECapability capabilityID object identifiers for the 251 supported key agreement algorithms in this document are 252 dhSinglePass-stdDH-sha1kdf-scheme, dhSinglePass-cofactorDH- 253 sha1kdf-scheme, and mqvSinglePass-sha1kdf-scheme. For each of 254 these SMIMECapability SEQUENCEs, the parameters field is present 255 and indicates the supported key-encryption algorithm with the 256 KeyWrapAlgorithm algorithm identifier. The DER encodings that 257 indicate capability of the three key agreement algorithms with 258 CMS Triple-DES key wrap are: 260 30 1c 06 09 2b 81 05 10 86 48 3f 00 02 30 0f 06 261 0b 2a 86 48 86 f7 0d 01 09 10 03 06 05 00 263 for ephemeral-static ECDH, 265 30 1c 06 09 2b 81 05 10 86 48 3f 00 03 30 0f 06 266 0b 2a 86 48 86 f7 0d 01 09 10 03 06 05 00 268 for ephemeral-static ECDH with cofactor method, and 270 30 1c 06 09 2b 81 05 10 86 48 3f 00 10 30 0f 06 271 0b 2a 86 48 86 f7 0d 01 09 10 03 06 05 00 273 for ECMQV. 275 New: 277 The SMIMECapability value to indicate support for the ECDH 278 standard key agreement algorithm is the SEQUENCE with the 279 capabilityID field containing the object identifier 280 dhSingPass-stdDH-sha*kdf-scheme (where * is 1, 224, 256, 384, or 281 512) with the parameters present. The parameters indicate the 282 supported key-encryption algorithm with the KeyWrapAlgorithm 283 algorithm identifier. The DER encodings that indicate some 284 capabilities are as follows (KA is key agreement, KDF is key 285 derivation function, and Wrap is key wrap algorithm) and NOTE 286 this is not a complete list: 288 KA=ECDH standard KDF=SHA1 Wrap=3DES 290 30 1c 291 06 09 2b 81 05 10 86 48 3f 00 02 292 30 0f 293 06 0b 2a 86 48 86 f7 0d 01 09 10 03 06 294 05 00 296 KA=ECDH standard KDF=SHA256 Wrap=AES128 298 30 1a 299 06 09 2b 81 05 10 86 48 3f 00 TBD 300 30 0f 301 06 09 60 83 48 01 65 03 04 01 05 302 05 00 304 KA=ECDH standard KDF=SHA256 Wrap=AES256 306 30 1a 307 06 09 2b 81 05 10 86 48 3f 00 TBD 308 30 0f 309 06 09 60 83 48 01 65 03 04 01 2D 310 05 00 312 The SMIMECapability value to indicate support for the ECDH 313 cofactor key agreement algorithm is the SEQUENCE with the 314 capabilityID field containing the object identifier 315 dhSingPass-cofactorDH-sha*kdf-scheme (where * is 1, 224, 256, 316 384, or 512) with the parameters present. The parameters indicate 317 the supported key-encryption algorithm with the KeyWrapAlgorithm 318 algorithm identifier. The DER encodings that indicate some 319 capabilities are as follows (KA is key agreement, KDF is key 320 derivation function, and Wrap is key wrap algorithm) and NOTE 321 this is not a complete list: 323 KA=ECDH cofactor KDF=SHA256 Wrap=3DES 325 30 1c 326 06 09 2b 81 05 10 86 48 3f 00 03 327 30 0f 328 06 0b 2a 86 48 86 f7 0d 01 09 10 03 06 329 05 00 331 KA=ECDH cofactor KDF=SHA256 Wrap=AES128 333 30 1a 334 06 09 2b 81 05 10 86 48 3f 00 TBD 335 30 0f 336 06 09 60 83 48 01 65 03 04 01 05 337 05 00 339 KA=ECDH cofactor KDF=SHA256 Wrap=AES256 341 30 1a 342 06 09 2b 81 05 10 86 48 3f 00 TBD 343 30 0f 344 06 09 60 83 48 01 65 03 04 01 2D 345 05 00 347 The SMIMECapability value to indicate support for the 1-Pass 348 ECMWV key agreement algorithm is the SEQUENCE with the 349 capabilityID field containing the object identifier 350 mqvSinglePass-sha*kdf-scheme (where * is 1, 224, 256, 384, or 351 512) with the parameters present. The parameters indicate the 352 supported key-encryption algorithm with the KeyWrapAlgorithm 353 algorithm identifier. The DER encodings that indicate some 354 capabilities are as follows (KA is key agreement, KDF is key 355 derivation function, and Wrap is key wrap algorithm) and NOTE 356 this is not a complete list: 358 KA=ECMQV 1-Pass KDF=SHA256 Wrap=3DES 360 30 1c 361 06 09 2b 81 05 10 86 48 3f 00 10 362 30 0f 363 06 0b 2a 86 48 86 f7 0d 01 09 10 03 06 364 05 00 366 KA=ECMQV 1-Pass KDF=SHA256 Wrap=AES128 368 30 1a 369 06 09 2b 81 05 10 86 48 3f 00 TBD 370 30 0f 371 06 09 60 83 48 01 65 03 04 01 05 372 05 00 374 KA=ECMQV 1-Pass KDF=SHA256 Wrap=AES256 376 30 1a 377 06 09 2b 81 05 10 86 48 3f 00 TBD 378 30 0f 379 06 09 60 83 48 01 65 03 04 01 2D 380 05 00 382 7. Updates to Paragraph 8.1 384 Old: 386 The algorithm identifiers used in this document are taken from 387 [X9.62], [SEC1] and [SEC2]. 389 The following object identifier indicates the hash algorithm used 390 in this document: 392 sha-1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) 393 oiw(14) secsig(3) algorithm(2) 26 } 395 New: 397 The algorithm identifiers used in this document are taken from 398 [SMIME-SHA2] 400 The following object identifier indicates the hash algorithm used 401 in this document: 403 id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified- 404 organization(3) oiw(14) secsig(3) algorithm(2) 26 } 406 id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) 407 country(16) us(840) organization(1) gov(101) csor(3) 408 nistalgorithm(4) hashalgs(2) 4 } 410 id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) 411 country(16) us(840) organization(1) gov(101) csor(3) 412 nistalgorithm(4) hashalgs(2) 1 } 413 id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) 414 country(16) us(840) organization(1) gov(101) csor(3) 415 nistalgorithm(4) hashalgs(2) 2 } 417 id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) 418 country(16) us(840) organization(1) gov(101) csor(3) 419 nistalgorithm(4) hashalgs(2) 3 } 421 Old: 423 The following object identifier indicates the digital signature 424 algorithm used in this document: 426 ecdsa-with-SHA1 OBJECT IDENTIFIER ::= { ansi-x9-62 427 signatures(4) 1 } 429 When the object identifier ecdsa-with-SHA1 is used within an 430 algorithm identifier, the associated parameters field contains 431 NULL. 433 New: 435 The following object identifier indicates the digital signature 436 algorithm used in this document: 438 ecdsa-with-SHA1 OBJECT IDENTIFIER ::= { ansi-x9-62 439 signatures(4) 1 } 441 ecdsa-with-SHA224 OBJECT IDENTIFIER ::= { ansi-x9-62 442 signatures(4) ecdsa-with-SHA2(3) 1 } 444 ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { ansi-x9-62 445 signatures(4) ecdsa-with-SHA2(3) 2 } 447 ecdsa-with-SHA384 OBJECT IDENTIFIER ::= { ansi-x9-62 448 signatures(4) ecdsa-with-SHA2(3) 3 } 450 ecdsa-with-SHA512 OBJECT IDENTIFIER ::= { ansi-x9-62 451 signatures(4) ecdsa-with-SHA2(3) 4 } 453 When the object identifiers ecdsa-with-SHA1, ecdsa-with-SHA224, 454 ecdsa-with-SHA256, ecdsa-with-SHA384, or ecdsa-with-SHA512 is 455 used within an algorithm identifier, the associated parameters 456 field contains NULL. 458 Old: 460 The following object identifiers indicate the key agreement 461 algorithms used in this document: 463 dhSinglePass-stdDH-sha1kdf-scheme OBJECT IDENTIFIER ::= { 464 x9-63-scheme 2} 466 dhSinglePass-cofactorDH-sha1kdf-scheme OBJECT IDENTIFIER ::= { 467 x9-63-scheme 3} 469 mqvSinglePass-sha1kdf-scheme OBJECT IDENTIFIER ::= { 470 x9-63-scheme 16} 472 where 474 x9-63-scheme OBJECT IDENTIFIER ::= { iso(1) 475 identified-organization(3) tc68(133) country(16) x9(840) 476 x9-63(63) schemes(0) } 478 When the object identifiers are used here within an algorithm 479 identifier, the associated parameters field contains the CMS 480 KeyWrapAlgorithm algorithm identifier. 482 New: 484 The following object identifiers indicate the key agreement 485 algorithms used in this document: 487 dhSinglePass-stdDH-sha1kdf-scheme OBJECT IDENTIFIER ::= { 488 x9-63-scheme 2 } 490 dhSinglePass-stdDH-sha224kdf-scheme OBJECT IDENTIFIER ::= { 491 x9-63-scheme TBD } 493 dhSinglePass-stdDH-sha256kdf-scheme OBJECT IDENTIFIER ::= { 494 x9-63-scheme TBD } 496 dhSinglePass-stdDH-sha384kdf-scheme OBJECT IDENTIFIER ::= { 497 x9-63-scheme TBD } 499 dhSinglePass-stdDH-sha512kdf-scheme OBJECT IDENTIFIER ::= { 500 x9-63-scheme TBD } 502 dhSinglePass-cofactorDH-sha1kdf-scheme OBJECT IDENTIFIER ::= { 503 x9-63-scheme 3 } 505 dhSinglePass-cofactorDH-sha224kdf-scheme OBJECT IDENTIFIER ::= 506 { x9-63-scheme TBD } 508 dhSinglePass-cofactorDH-sha256kdf-scheme OBJECT IDENTIFIER ::= 509 { x9-63-scheme TBD } 511 dhSinglePass-cofactorDH-sha384kdf-scheme OBJECT IDENTIFIER ::= 512 { x9-63-scheme TBD } 514 dhSinglePass-cofactorDH-sha512kdf-scheme OBJECT IDENTIFIER ::= 515 { x9-63-scheme TBD } 517 mqvSinglePass-sha1kdf-scheme OBJECT IDENTIFIER ::= { 518 x9-63-scheme 16 } 520 mqvSinglePass-sha224kdf-scheme OBJECT IDENTIFIER ::= { 521 x9-63-scheme TBD } 523 mqvSinglePass-sha256kdf-scheme OBJECT IDENTIFIER ::= { 524 x9-63-scheme TBD } 526 mqvSinglePass-sha384kdf-scheme OBJECT IDENTIFIER ::= { 527 x9-63-scheme TBD } 529 mqvSinglePass-sha512kdf-scheme OBJECT IDENTIFIER ::= { 530 x9-63-scheme TBD } 532 where 534 x9-63-scheme OBJECT IDENTIFIER ::= { 535 iso(1) identified-organization(3) tc68(133) country(16) x9(840) 536 x9-63(63) schemes(0) } 538 When the object identifiers are used here within an algorithm 539 identifier, the associated parameters field contains the CMS 540 KeyWrapAlgorithm algorithm identifier. 542 8. Updates to Paragraph 9 544 Add the following reference: 546 [SMIME-SHA2] Turner, S., "Using SHA2 Algorithms with 547 Cryptographic Message Syntax", work-in-progress. 549 Update the following references: 551 Old: 553 [PKI-ALG] Bassham, L., Housley R. and W. Polk, "Algorithms and 554 Identifiers for the Internet X.509 Public Key Infrastructure 555 Certificate and CRL Profile", RFC 3279, April 2002. 557 [FIPS-180] FIPS 180-1, "Secure Hash Standard", National Institute 558 of Standards and Technology, April 17, 1995. 560 New: 562 [PKI-ALG] Turner, S., Brown, D., Yiu, K., Housley, R., and W. 563 Polk," Elliptic Curve Cryptography Subject Public Key 564 Information", work-in-progress. 566 [FIPS] FIPS 180-2, "Secure Hash Standard", National Institute of 567 Standards and Technology, August 1, 2002. 569 9. Changes to Security Considerations 571 Delete the following: 573 When 256, 384, and 512 bit hash functions succeed SHA-1 in future 574 revisions of [FIPS], [FIPS-186-2], [X9.62] and [SEC1], then they 575 can similarly succeed SHA-1 in a future revision of this 576 document. 578 10. Add Annex A: ASN.1 Module 580 Add the following section as Annex A ASN.1 Module. 582 SMIMEECCAlgs-2008 583 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 584 smime(16) modules(0) TBD } 586 DEFINITIONS EXPLICIT TAGS ::= 588 BEGIN 590 -- EXPORTS ALL 592 IMPORTS 594 ALGORITHM, algorithmIdentifier, MessageDigestAlgorithms, 595 SignatureAlgorithms 596 ow-sha1, ow-sha224, ow-sha256, ow-sha384, ow-sha512, 597 sa-ecdsaWithSHA1 598 FROM PKIXAlgs-2008 599 { iso(1) identified-organization(3) dod(6) internet(1) 600 security(5) mechanisms(5) pkix(7) id-mod(0) TBD } 602 id-aes128-CBC, id-aes192-CBC, id-aes256-CBC, AES-IV 603 id-aes128-wrap, id-aes192-wrap, id-aes1256-wrap 604 FROM CMSAesRsaesOaep 605 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 606 smime(16) modules(0) id-mod-cms-aes(19) } 608 id-aes128-CCM, id-aes192-CCM, id-aes256-CCM, CCMParameters 609 id-aes128-GCM, id-aes192-GCM, id-aes256-GCM, GCMParameters 610 FROM CMS-AES-CCM-and-AES-GCM 611 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 612 smime(16) modules(0) id-mod-cms-aes(32) } 614 OriginatorPublicKey, UserKeyingMaterial 615 FROM CryptographicMessageSyntax2004 616 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 617 smime(16) modules(0) cms-2004(24) } 619 hMAC-SHA1, id-alg-CMS3DESwrap, CBCParameter 620 FROM CryptographicMessageSyntaxAlgorithms 621 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 622 smime(16) modules(0) cmsalg-2001(16) } 624 ; 625 -- Constrains the SignedData digestAlgorithms field 626 -- Constrains the SignedData SignerInfo digestAlgorithm field 627 -- Constrains the AuthenticatedData digestAlgorithm field 629 MessageDigestAlgorithms ALGORITHM :: { 630 ow-sha1 | 631 ow-sha224 | 632 ow-sha256 | 633 ow-sha384 | 634 ow-sha512, 635 ... -- Extensible 636 } 638 -- Constrains the SignedData SignerInfo signatureAlgorithm field 640 SignatureAlgorithms ALGORITHM :: { 641 sa-ecdsaWithSHA1 | 642 sa-ecdsaWithSHA224 | 643 sa-ecdsaWithSHA256 | 644 sa-ecdsaWithSHA384 | 645 sa-ecdsaWithSHA512 , 646 ... -- Extensible 647 } 649 sa-ecdsa-with-SHA224 ALGORITHM ::= { 650 OID ecdsa-with-SHA224 PARMS NULL } 652 ecdsa-with-SHA224 OBJECT IDENTIFIER ::= { 653 iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 654 ecdsa-with-SHA2(3) 1 } 656 sa-ecdsa-with-SHA256 ALGORITHM ::= { 657 OID ecdsa-with-SHA256 PARMS NULL } 659 ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { 660 iso(1) member-body(2) us(840)ansi-X9-62(10045) signatures(4) 661 ecdsa-with-SHA2(3) 2 } 663 sa-ecdsa-with-SHA384 ALGORITHM ::= { 664 OID ecdsa-with-SHA384 PARMS NULL } 666 ecdsa-with-SHA384 OBJECT IDENTIFIER ::= { 667 iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 668 ecdsa-with-SHA2(3) 3 } 670 sa-ecdsa-with-SHA512 ALGORITHM ::= { 671 OID ecdsa-with-SHA512 PARMS NULL } 673 ecdsa-with-SHA512 OBJECT IDENTIFIER ::= { 674 iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 675 ecdsa-with-SHA2(3) 4 } 677 -- ECDSA Signature Value 678 -- Contents of SignatureValue OCTET STRING 680 ECDSA-Sig-Value ::= SEQUENCE { 681 r INTEGER, 682 s INTEGER 683 } 685 -- Constrains the EnvelopedData RecipientInfo KeyAgreeRecipientInfo 686 -- keyEncryption Algorithm field 687 -- Constrains the AuthenticatedData RecipientInfo 688 -- KeyAgreeRecipientInfo keyEncryption Algorithm field 689 -- Constrains the AuthEnvelopedData RecipientInfo 690 -- KeyAgreeRecipientInfo keyEncryption Algorithm field 692 -- DH variants are not used with AuthenticatedData or 693 -- AuthEnvelopedData 695 KeyAgreementAlgorithms ALGORITHM ::= { 696 kaa-dhSinglePass-stdDH-sha1kdf | 697 kaa-dhSinglePass-stdDH-sha224kdf | 698 kaa-dhSinglePass-stdDH-sha256kdf | 699 kaa-dhSinglePass-stdDH-sha384kdf | 700 kaa-dhSinglePass-stdDH-sha512kdf | 701 kaa-dhSinglePass-cofactorDH-sha1kdf | 702 kaa-dhSinglePass-cofactorDH-sha224kdf | 703 kaa-dhSinglePass-cofactorDH-sha256kdf | 704 kaa-dhSinglePass-cofactorDH-sha384kdf | 705 kaa-dhSinglePass-cofactorDH-sha512kdf | 706 kaa-mqvSinglePass-sha1kdf | 707 kaa-mqvSinglePass-sha224kdf | 708 kaa-mqvSinglePass-sha256kdf | 709 kaa-mqvSinglePass-sha384kdf | 710 kaa-mqvSinglePass-sha512kdf, 711 ... -- Extensible 712 } 714 x9-63-scheme OBJECT IDENTIFIER ::= { 715 iso(1) identified-organization(3) tc68(133) country(16) x9(840) 716 x9-63(63) schemes(0) } 718 kaa-dhSinglePass-stdDH-sha1kdf ALGORITHM ::= { 719 OID dhSinglePass-stdDH-sha1kdf-scheme PARMS KeyWrapAlgorithms } 721 dhSinglePass-stdDH-sha1kdf-scheme OBJECT IDENTIFIER ::= { 722 x9-63-scheme 2 } 724 kaa-dhSinglePass-stdDH-sha224kdf ALGORITHM ::= { 725 OID dhSinglePass-stdDH-sha224kdf-scheme PARMS KeyWrapAlgorithms } 727 dhSinglePass-stdDH-sha224kdf-scheme OBJECT IDENTIFIER ::= { 728 x9-63-scheme TBD } 730 kaa-dhSinglePass-stdDH-sha256kdf ALGORITHM ::= { 731 OID dhSinglePass-stdDH-sha256kdf-scheme PARMS KeyWrapAlgorithms } 733 dhSinglePass-stdDH-sha256kdf-scheme OBJECT IDENTIFIER ::= { 734 x9-63-scheme TBD } 736 kaa-dhSinglePass-stdDH-sha384kdf ALGORITHM ::= { 737 OID dhSinglePass-stdDH-sha384kdf-scheme PARMS KeyWrapAlgorithms } 739 dhSinglePass-stdDH-sha384kdf-scheme OBJECT IDENTIFIER ::= { 740 x9-63-scheme TBD } 742 kaa-dhSinglePass-stdDH-sha512kdf ALGORITHM ::= { 743 OID dhSinglePass-stdDH-sha512kdf-scheme PARMS KeyWrapAlgorithms } 745 dhSinglePass-stdDH-sha512kdf-scheme OBJECT IDENTIFIER ::= { 746 x9-63-scheme TBD } 748 kaa-dhSinglePass-cofactorDH-sha1kdf ALGORITHM ::= { 749 OID dhSinglePass-cofactorDH-sha1kdf-scheme PARMS KeyWrapAlgorithms } 751 dhSinglePass-cofactorDH-sha1kdf-scheme OBJECT IDENTIFIER ::= { 752 x9-63-scheme 3 } 754 kaa-dhSinglePass-cofactorDH-sha224kdf ALGORITHM ::= { 755 OID dhSinglePass-cofactorDH-sha224kdf-scheme 756 PARMS KeyWrapAlgorithms } 758 dhSinglePass-cofactorDH-sha224kdf-scheme OBJECT IDENTIFIER ::= { 759 x9-63-scheme TBD } 761 kaa-dhSinglePass-cofactorDH-sha256kdf ALGORITHM ::= { 762 OID dhSinglePass-cofactorDH-sha256kdf-scheme 763 PARMS KeyWrapAlgorithms } 765 dhSinglePass-cofactorDH-sha256kdf-scheme OBJECT IDENTIFIER ::= { 766 x9-63-scheme TBD } 768 kaa-dhSinglePass-cofactorDH-sha384kdf ALGORITHM ::= { 769 OID dhSinglePass-cofactorDH-sha384kdf-scheme 770 PARMS KeyWrapAlgorithms } 772 dhSinglePass-cofactorDH-sha384kdf-scheme OBJECT IDENTIFIER ::= { 773 x9-63-scheme TBD } 775 kaa-dhSinglePass-cofactorDH-sha512kdf ALGORITHM ::= { 776 OID dhSinglePass-cofactorDH-sha512kdf-scheme 777 PARMS KeyWrapAlgorithms } 779 dhSinglePass-cofactorDH-sha512kdf-scheme OBJECT IDENTIFIER ::= { 780 x9-63-scheme TBD } 782 kaa-mqvSinglePass-sha1kdf ALGORITHM ::= { 783 OID mqvSinglePass-sha1kdf-scheme PARMS KeyWrapAlgorithms } 785 mqvSinglePass-sha1kdf-scheme OBJECT IDENTIFIER ::= { 786 x9-63-scheme 16 } 788 kaa-mqvSinglePass-sha224kdf ALGORITHM ::= { 789 OID mqvSinglePass-sha224kdf-scheme PARMS KeyWrapAlgorithms } 791 mqvSinglePass-sha224kdf-scheme OBJECT IDENTIFIER ::= { 792 x9-63-scheme TBD } 794 kaa-mqvSinglePass-sha256kdf ALGORITHM ::= { 795 OID mqvSinglePass-sha256kdf-scheme PARMS KeyWrapAlgorithms } 797 mqvSinglePass-sha256kdf-scheme OBJECT IDENTIFIER ::= { 798 x9-63-scheme TBD } 800 kaa-mqvSinglePass-sha384kdf ALGORITHM ::= { 801 OID mqvSinglePass-sha384kdf-scheme PARMS KeyWrapAlgorithms } 803 mqvSinglePass-sha384kdf-scheme OBJECT IDENTIFIER ::= { 804 x9-63-scheme TBD } 806 kaa-mqvSinglePass-sha512kdf ALGORITHM ::= { 807 OID mqvSinglePass-sha512kdf-scheme PARMS KeyWrapAlgorithms } 809 mqvSinglePass-sha512kdf-scheme OBJECT IDENTIFIER ::= { 810 x9-63-scheme TBD } 812 KeyWrapAlgorithms ALGORITHM ::= { 813 kwa-3des | 814 kwa-aes128 | 815 kwa-aes192 | 816 kwa-aes256, 817 ... -- Extensible 818 } 820 kwa-3des ALGORITHM :: = { 821 OID id-alg-CMS3DESwrap PARMS NULL } 823 kwa-aes128 ALGORITHM ::= { 824 OID id-aes128-wrap PARMS ABSENT } 826 kwa-aes192 ALGORITHM ::= { 827 OID id-aes192-wrap PARMS ABSENT } 829 kwa-aes256 ALGORITHM ::= { 830 OID id-aes256-wrap PARMS ABSENT } 832 -- Constrains the EnvelopedData EncryptedContentInfo encryptedContent 833 -- field 835 ContentEncryptionAlgorithms ALGORITHM ::= { 836 cea-des-ede3-cbc | 837 cea-aes128-cbc | 838 cea-aes192-cbc | 839 cea-aes256-cbc | 840 cea-aes128-ccm | 841 cea-aes192-ccm | 842 cea-aes256-ccm | 843 cea-aes128-gcm | 844 cea-aes128-gcm | 845 cea-aes128-gcm, 846 ... -- Extensible 847 } 849 cea-des-ede3-cbc ALGORITHM ::= { 850 OID des-ede3-cbc PARMS CBCParameter } 852 cea-aes128-cbc ALGORITHM ::= { 853 OID id-aes128-CBC PARMS AES-IV } 855 cea-aes192-cbc ALGORITHM ::= { 856 OID id-aes192-CBC PARMS AES-IV } 858 cea-aes256-cbc ALGORITHM ::= { 859 OID id-aes256-CBC PARMS AES-IV } 861 cea-aes128-ccm ALGORITHM ::= { 862 OID id-aes128-CCM PARMS CCMParameters } 864 cea-aes192-ccm ALGORITHM ::= { 865 OID id-aes192-CCM PARMS CCMParameters } 867 cea-aes256-ccm ALGORITHM ::= { 868 OID id-aes256-CCM PARMS CCMParameters } 870 cea-aes128-gcm ALGORITHM ::= { 871 OID id-aes128-GCM PARMS GCMParameters } 873 cea-aes192-gcm ALGORITHM ::= { 874 OID id-aes192-GCM PARMS GCMParameters } 876 cea-aes256-gcm ALGORITHM ::= { 877 OID id-aes256-GCM PARMS GCMParameters } 879 -- Constrains the AuthenticatedData 880 -- MessageAuthenticationCodeAlgorithm field 881 -- Constrains the AuthEnvelopedData 882 -- MessageAuthenticationCodeAlgorithm field 884 MessageAuthenticationCodeAlgorithms ALGORITHM ::= { 885 maca-sha1 | 886 maca-sha224 | 887 maca-sha256 | 888 maca-sha384 | 889 maca-sha512, 890 ... -- Extensible 891 } 893 maca-sha1 ALGORITHM ::= { 894 OID hMAC-SHA1 PARMS NULL } 896 maca-sha224 ALGORITHM ::= { 897 OID id-hmacWithSHA224 PARMS NULL } 899 -- Would love to import the HMAC224-512 OIDS but they're not in a 900 -- module (that I could find) 902 id-hmacWithSHA224 OBJECT IDENTIFIER ::= { 903 iso(1) member-body(2) us(840) rsadsi(113549) rsadsi(2) 8 } 905 maca-sha256 ALGORITHM ::= { 906 OID id-hmacWithSHA256 PARMS NULL } 908 id-hmacWithSHA256 OBJECT IDENTIFIER ::= { 909 iso(1) member-body(2) us(840) rsadsi(113549) rsadsi(2) 9 } 911 maca-sha384 ALGORITHM ::= { 912 OID id-hmacWithSHA384 PARMS NULL } 914 id-hmacWithSHA384 OBJECT IDENTIFIER ::= { 915 iso(1) member-body(2) us(840) rsadsi(113549) rsadsi(2) 10 } 917 maca-sha512 ALGORITHM ::= { 918 OID id-hmacWithSHA512 PARMS NULL } 920 id-hmacWithSHA512 OBJECT IDENTIFIER ::= { 921 iso(1) member-body(2) us(840) rsadsi(113549) rsadsi(2) 11 } 923 -- Constraints on KeyAgreeRecipientInfo OriginatorIdentifierOrKey 924 -- OriginatorPublicKey algorithm field 926 -- PARMS are NULL 928 OriginatorPKAlgorithms ALGORITHM ::= { 929 opka-ec, 930 ... -- Extensible 931 } 933 opka-ec AGLORITHM ::={ 934 OID id-ecPublicKey PARMS NULL } 936 -- Format for both ephemeral and static public keys 938 ECPoint ::= OCTET STRING 940 -- Format of KeyAgreeRecipientInfo ukm field when used with 941 -- ECDH or ECmqv 943 MQVuserKeyingMaterial ::= SEQUENCE { 944 ephemeralPublicKey OriginatorPublicKey, 945 addedukm [0] EXPLICIT UserKeyingMaterial OPTIONAL 946 } 947 -- Format for ECDH and ECMQV key-encryption keys when using 948 -- EnvelopedData or AuthenticatedData 950 ECC-CMS-SharedInfo ::= SEQUENCE { 951 keyInfo AlgorithmIdentifier { KeyWrapAlgorithms }, 952 entityUInfo [0] EXPLICIT OCTET STRING OPTIONAL, 953 suppPubInfo [2] EXPLICIT OCTET STRING 954 } 956 SMIME-CAPS ::= CLASS { 957 &Type OPTIONAL, 958 &id OBJECT IDENTIFIER UNIQUE 959 } 960 WITH SYNTAX {TYPE &Type IDENTIFIED BY &id } 962 SMIMECapability ::= SEQUENCE { 963 capabilityID SMIME-CAPS.&id({SMimeCapsSet}), 964 parameters SMIME-CAPS. 965 &Type({SMimeCapsSet}{@capabilityID}) OPTIONAL 966 } 968 SMimeCapsSet SMIME-CAPS ::= { 969 cap-ecdsa-with-SHA1 | 970 cap-ecdsa-with-SHA224 | 971 cap-ecdsa-with-SHA256 | 972 cap-ecdsa-with-SHA384 | 973 cap-ecdsa-with-SHA512 | 974 cap-dhSinglePass-stdDH-sha1kdf | 975 cap-dhSinglePass-stdDH-sha224kdf | 976 cap-dhSinglePass-stdDH-sha256kdf | 977 cap-dhSinglePass-stdDH-sha384kdf | 978 cap-dhSinglePass-stdDH-sha512kdf | 979 cap-dhSinglePass-cofactorDH-sha1kdf | 980 cap-dhSinglePass-cofactorDH-sha224kdf | 981 cap-dhSinglePass-cofactorDH-sha256kdf | 982 cap-dhSinglePass-cofactorDH-sha384kdf | 983 cap-dhSinglePass-cofactorDH-sha512kdf | 984 cap-mqvSinglePass-sha1kdf | 985 cap-mqvSinglePass-sha224kdf | 986 cap-mqvSinglePass-sha256kdf | 987 cap-mqvSinglePass-sha384kdf | 988 cap-mqvSinglePass-sha512kdf, 989 ... -- Extensible 990 } 992 cap-ecdsa-with-SHA1 SMIME-CAPS ::= { 993 TYPE NULL IDENTIFIED BY ecdsa-with-SHA1 } 995 cap-ecdsa-with-SHA224 SMIME-CAPS ::= { 996 TYPE NULL IDENTIFIED BY ecdsa-with-SHA224 } 998 cap-ecdsa-with-SHA256 SMIME-CAPS ::= { 999 TYPE NULL IDENTIFIED BY ecdsa-with-SHA256 } 1001 cap-ecdsa-with-SHA384 SMIME-CAPS ::= { 1002 TYPE NULL IDENTIFIED BY ecdsa-with-SHA384 } 1004 cap-ecdsa-with-SHA512 SMIME-CAPS ::= { 1005 TYPE NULL IDENTIFIED BY ecdsa-with-SHA512 } 1007 cap-dhSinglePass-stdDH-sha1kdf SMIME-CAPS ::= { 1008 TYPE KeyWrapAlgorithms IDENTIFIED BY dhSinglePass-stdDH-sha1kdf } 1010 cap-dhSinglePass-stdDH-sha224kdf SMIME-CAPS ::= { 1011 TYPE KeyWrapAlgorithms IDENTIFIED BY dhSinglePass-stdDH-sha224kdf } 1013 cap-dhSinglePass-stdDH-sha256kdf SMIME-CAPS ::= { 1014 TYPE KeyWrapAlgorithms IDENTIFIED BY dhSinglePass-stdDH-sha256kdf } 1016 cap-dhSinglePass-stdDH-sha384kdf SMIME-CAPS ::= { 1017 TYPE KeyWrapAlgorithms IDENTIFIED BY dhSinglePass-stdDH-sha384kdf } 1019 cap-dhSinglePass-stdDH-sha512kdf SMIME-CAPS ::= { 1020 TYPE KeyWrapAlgorithms IDENTIFIED BY dhSinglePass-stdDH-sha512kdf } 1022 cap-dhSinglePass-cofactorDH-sha1kdf SMIME-CAPS ::= { 1023 TYPE KeyWrapAlgorithms 1024 IDENTIFIED BY dhSinglePass-cofactorDH-sha1kdf } 1026 cap-dhSinglePass-cofactorDH-sha224kdf SMIME-CAPS ::= { 1027 TYPE KeyWrapAlgorithms 1028 IDENTIFIED BY dhSinglePass-cofactorDH-sha224kdf } 1030 cap-dhSinglePass-cofactorDH-sha256kdf SMIME-CAPS ::= { 1031 TYPE KeyWrapAlgorithms 1032 IDENTIFIED BY dhSinglePass-cofactorDH-sha256kdf } 1034 cap-dhSinglePass-cofactorDH-sha384kdf SMIME-CAPS ::= { 1035 TYPE KeyWrapAlgorithms 1036 IDENTIFIED BY dhSinglePass-cofactorDH-sha384kdf } 1038 cap-dhSinglePass-cofactorDH-sha512kdf SMIME-CAPS ::= { 1039 TYPE KeyWrapAlgorithms 1040 IDENTIFIED BY dhSinglePass-cofactorDH-sha512kdf } 1042 cap-mqvSinglePass-sha1kdf SMIME-CAPS ::= { 1043 TYPE KeyWrapAlgorithms IDENTIFIED BY mqvSinglePass-sha1kdf } 1045 cap-mqvSinglePass-sha224kdf SMIME-CAPS ::= { 1046 TYPE KeyWrapAlgorithms IDENTIFIED BY mqvSinglePass-sha224kdf } 1048 cap-mqvSinglePass-sha256kdf SMIME-CAPS ::= { 1049 TYPE KeyWrapAlgorithms IDENTIFIED BY mqvSinglePass-sha256kdf } 1051 cap-mqvSinglePass-sha384kdf SMIME-CAPS ::= { 1052 TYPE KeyWrapAlgorithms IDENTIFIED BY mqvSinglePass-sha384kdf } 1054 cap-mqvSinglePass-sha512kdf SMIME-CAPS ::= { 1055 TYPE KeyWrapAlgorithms IDENTIFIED BY mqvSinglePass-sha512kdf } 1057 END 1059 11. Security Considerations 1061 No new security considerations to those already specified in 1062 [RFC3278], [SMIME-SHA2], and [PKI-ALG]. 1064 12. IANA Considerations 1066 None: All identifiers are already registered. Please remove this 1067 section prior to publication as an RFC. 1069 13. References 1071 13.1. Normative References 1073 [MUST] Bradner, S., "Key words for use in RFCs to Indicate 1074 Requirement Levels", RFC 2119, BCP 14, March 1997. 1076 [PKI-ALG] Turner, S., Brown, D., Yiu, K., Housley, R., and W. 1077 Polk, "Elliptic Curve Cryptography Subject Public Key 1078 Information", work-in-progress. 1080 [SMIME-SHA2] Turner, S., "Using SHA2 Algorithms with Cryptographic 1081 Message Syntax", work-in-progress. 1083 [RFC3278] Blake-Wilson, S., Brown, D., and P. Lambert, "Use of 1084 Elliptic Curve Cryptography (ECC) Algorithms in 1085 Cryptographic Message Syntax (CMS)", RFC 3278, April 1086 2002. 1088 13.2. Informative References 1090 None. 1092 Author's Addresses 1094 Sean Turner 1096 IECA, Inc. 1097 3057 Nutley Street, Suite 106 1098 Fairfax, VA 22031 1099 USA 1101 Email: turners@ieca.com 1103 Daniel R. L. Brown 1105 Certicom Corp 1106 5520 Explorer Drive #400 1107 Mississauga, ON L4W 5L1 1108 CANADA 1110 Email: dbrown@certicom.com 1112 Full Copyright Statement 1114 Copyright (C) The IETF Trust (2008). 1116 This document is subject to the rights, licenses and restrictions 1117 contained in BCP 78, and except as set forth therein, the authors 1118 retain all their rights. 1120 This document and the information contained herein are provided on an 1121 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 1122 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 1123 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 1124 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 1125 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 1126 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 1128 Intellectual Property 1130 The IETF takes no position regarding the validity or scope of any 1131 Intellectual Property Rights or other rights that might be claimed to 1132 pertain to the implementation or use of the technology described in 1133 this document or the extent to which any license under such rights 1134 might or might not be available; nor does it represent that it has 1135 made any independent effort to identify any such rights. Information 1136 on the procedures with respect to rights in RFC documents can be 1137 found in BCP 78 and BCP 79. 1139 Copies of IPR disclosures made to the IETF Secretariat and any 1140 assurances of licenses to be made available, or the result of an 1141 attempt made to obtain a general license or permission for the use of 1142 such proprietary rights by implementers or users of this 1143 specification can be obtained from the IETF on-line IPR repository at 1144 http://www.ietf.org/ipr. 1146 The IETF invites any interested party to bring to its attention any 1147 copyrights, patents or patent applications, or other proprietary 1148 rights that may cover technology that may be required to implement 1149 this standard. Please address the information to the IETF at 1150 ietf-ipr@ietf.org. 1152 Acknowledgment 1154 Funding for the RFC Editor function is provided by the IETF 1155 Administrative Support Activity (IASA).