idnits 2.17.1 draft-ietf-smime-rfc3278-update-04.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- ** It looks like you're using RFC 3978 boilerplate. You should update this to the boilerplate described in the IETF Trust License Policy document (see https://trustee.ietf.org/license-info), which is required now. -- Found old boilerplate from RFC 3978, Section 5.1 on line 16. -- Found old boilerplate from RFC 3978, Section 5.5, updated by RFC 4748 on line 1177. -- Found old boilerplate from RFC 3979, Section 5, paragraph 1 on line 1188. -- Found old boilerplate from RFC 3979, Section 5, paragraph 2 on line 1195. -- Found old boilerplate from RFC 3979, Section 5, paragraph 3 on line 1201. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- No issues found here. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust Copyright Line does not match the current year (Using the creation date from RFC3278, updated by this document, for RFC5378 checks: 1999-10-26) -- The document seems to lack a disclaimer for pre-RFC5378 work, but may have content which was first submitted before 10 November 2008. If you have contacted all the original authors and they are all willing to grant the BCP78 rights to the IETF Trust, then this is fine, and you can ignore this comment. If not, you may need to add the pre-RFC5378 disclaimer. (See the Legal Provisions document at https://trustee.ietf.org/license-info for more information.) -- The document date (May 6, 2008) is 5827 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- == Missing Reference: 'SEC1' is mentioned on line 587, but not defined == Missing Reference: 'SEC2' is mentioned on line 398, but not defined == Missing Reference: 'FIPS-180' is mentioned on line 570, but not defined == Missing Reference: 'FIPS' is mentioned on line 587, but not defined == Missing Reference: 'FIPS-186-2' is mentioned on line 587, but not defined -- Looks like a reference, but probably isn't: '0' on line 983 -- Looks like a reference, but probably isn't: '2' on line 984 ** Obsolete normative reference: RFC 3278 (Obsoleted by RFC 5753) ** Obsolete normative reference: RFC 3852 (Obsoleted by RFC 5652) Summary: 3 errors (**), 0 flaws (~~), 6 warnings (==), 9 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 S/MIME WG Sean Turner, IECA 2 Internet Draft Daniel Brown, Certicom 3 Intended Status: Informational May 6, 2008 4 Updates: 3278 (once approved) 5 Expires: November 6, 2008 7 Update to Use of Elliptic Curve Cryptography (ECC) Algorithms 8 in Cryptographic Message Syntax (CMS) 9 draft-ietf-smime-rfc3278-update-04.txt 11 Status of this Memo 13 By submitting this Internet-Draft, each author represents that any 14 applicable patent or other IPR claims of which he or she is aware 15 have been or will be disclosed, and any of which he or she becomes 16 aware will be disclosed, in accordance with Section 6 of BCP 79. 18 Internet-Drafts are working documents of the Internet Engineering 19 Task Force (IETF), its areas, and its working groups. Note that 20 other groups may also distribute working documents as Internet- 21 Drafts. 23 Internet-Drafts are draft documents valid for a maximum of six months 24 and may be updated, replaced, or obsoleted by other documents at any 25 time. It is inappropriate to use Internet-Drafts as reference 26 material or to cite them other than as "work in progress." 28 The list of current Internet-Drafts can be accessed at 29 http://www.ietf.org/ietf/1id-abstracts.txt 31 The list of Internet-Draft Shadow Directories can be accessed at 32 http://www.ietf.org/shadow.html 34 This Internet-Draft will expire on November 6, 2008. 36 Copyright Notice 38 Copyright (C) The IETF Trust (2008). 40 Abstract 42 RFC 3278 describes how to use Elliptic Curve Cryptography (ECC) 43 public-key algorithms in the Cryptographic Message Syntax (CMS). 44 This document updates RFC 3278 to add support for the SHA2 family of 45 hash algorithms, Elliptic Curve Digital Signature Algorithm (ECDSA) 46 224-512, and Key Derivation Functions (KDFs) that utilize SHA2 47 algorithms. 49 Discussion 51 This draft is being discussed on the 'ietf-smime' mailing list. To 52 subscribe, send a message to ietf-smime-request@imc.org with the 53 single word subscribe in the body of the message. There is a Web site 54 for the mailing list at . 56 Table of Contents 58 1. Introduction...................................................2 59 1.1. Overview of Changes to RFC 3278...........................2 60 1.2. Conventions Used in this Document.........................3 61 2. Updates to Paragraph 2.1.1.....................................3 62 3. Updates to Paragraph 3.1.1.....................................4 63 4. Updates to Paragraph 3.2.1.....................................4 64 5. Updates to Paragraph 5.........................................5 65 6. Updates to Paragraph 7.........................................6 66 7. Updates to Paragraph 8.1.......................................9 67 8. Updates to Paragraph 9........................................13 68 9. Changes to Security Considerations............................13 69 10. Add Annex A: 2004 ASN.1 Module...............................14 70 11. Security Considerations......................................25 71 12. IANA Considerations..........................................25 72 13. References...................................................25 73 13.1. Normative References....................................25 74 13.2. Informative References..................................26 76 1. Introduction 78 RFC 3278 describes how to use Elliptic Curve Cryptography (ECC) 79 public-key algorithms in the Cryptographic Message Syntax (CMS). 80 This document updates RFC 3278 to add support for the SHA2 family of 81 hash algorithms, Elliptic Curve Digital Signature Algorithm (ECDSA) 82 224-512, and Key Derivation Functions (KDFs) that utilize SHA2 83 algorithms. 85 1.1. Overview of Changes to RFC 3278 87 The following summarizes the changes: 89 - Paragraph 2.1.1 limited the digest algorithm to SHA-1. This 90 document expands the allowed algorithms to SHA-224, SHA-256, SHA- 91 384, and SHA-512. 93 - Paragraph 3.1.1 used SHA1 in the KDF with ECDH std and cofactor 94 methods. This document expands the set of allowed algorithms by 95 adding SHA-224, SHA-256, SHA-384, and SHA-512. 97 - Paragraph 3.1.2 used SHA1 in the KDF with ECMQV. This document 98 expands the set of allowed allowed algorithms by adding SHA-224, 99 SHA-256, SHA-384, and SHA-512. 101 - Paragraph 5 is updated to include requirements for hash algorithms 102 and recommendations for matching curves and hash algorithms. It 103 also was expanded to indicate which ECDH and ECMQV variants are 104 required. 106 - Paragraph 7 is updated to include S/MIME capabilities for ECDSA 107 with SHA-224, SHA-256, SHA-384, and SHA-512. It was also updated 108 to include S/MIME capabilities for ECDH and ECMQV using SHA2 109 algorithms as the KDF. 111 - Paragraph 8.1 listed the algorithm identifiers for SHA-1 and SHA-1 112 with ECDSA. This document adds algorithm identifiers for SHA-224, 113 SHA-256, SHA-384, and SHA-512 as well as SHA-224, SHA-256, SHA- 114 384, and SHA-512 with ECDSA. This document also updates the list 115 of algorithm identifiers for ECDH std, ECDH cofactor, and ECMQV 116 with SHA2 algorithms as the KDF. 118 - Paragraph 9 references need to be updated. 120 - Added ASN.1 module. 122 - Security considerations paragraph referring to definitions of SHA- 123 224, SHA-256, SHA-384, and SHA-512 needs to be deleted. 125 1.2. Conventions Used in this Document 127 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 128 "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this 129 document are to be interpreted as described in [MUST]. 131 2. Updates to Paragraph 2.1.1 133 Old: 135 digestAlgorithm MUST contain the algorithm identifier sha-1 (see 136 Section 8.1) which identifies the SHA-1 hash algorithm. 138 signatureAlgorithm contains the algorithm identifier ecdsa-with- 139 SHA1 (see Section 8.1) which identifies the ECDSA signature 140 algorithm. 142 New: 144 digestAlgorithm MUST contain the algorithm identifier of the hash 145 algorithm (see Section 8.1) which MUST be one of the following: 146 id-sha1 identifies the SHA-1 hash algorithm, id-sha224 identifies 147 the SHA-224 hash algorithm, id-sha256 identifies the SHA-256 hash 148 algorithm, id-sha384 identifies the SHA-384 algorithm, and id- 149 sha512 identifies the SHA-512 algorithm. 151 signatureAlgorithm contains the signature algorithm identifier 152 (see Section 8.1): ecdsa-with-SHA1, ecdsa-with-SHA224, ecdsa- 153 with-SHA256, ecdsa-with-SHA384, or ecdsa-with-SHA512. 155 3. Updates to Paragraph 3.1.1 157 Old: 159 keyEncryptionAlgorithm MUST contain the dhSinglePass-stdDH-sha1kdf- 160 scheme object identifier (see Section 8.1) if standard ECDH 161 primitive is used, or the dhSinglePass-cofactorDH-sha1kdf-scheme 162 object identifier (see Section 8.1) if the cofactor ECDH primitive 163 is used. The parameters field contains KeyWrapAlgorithm. The 164 KeyWrapAlgorithm is the algorithm identifier that indicates the 165 symmetric encryption algorithm used to encrypt the content- 166 encryption key (CEK) with the key-encryption key (KEK). 168 New: 170 keyEncryptionAlgorithm MUST contain the key encryption algorithm 171 object identifier (see Section 8.1). The parameters field contains 172 KeyWrapAlgorithm. The KeyWrapAlgorithm is the algorithm identifier 173 that indicates the symmetric encryption algorithm used to encrypt 174 the content-encryption key (CEK) with the key-encryption key (KEK). 175 Algorithm requirements are found in paragraph 5. 177 4. Updates to Paragraph 3.2.1 179 Old: 181 keyEncryptionAlgorithm MUST be the mqvSinglePass-sha1kdf-scheme 182 algorithm identifier (see Section 8.1), with the parameters field 183 KeyWrapAlgorithm. The KeyWrapAlgorithm indicates the symmetric 184 encryption algorithm used to encrypt the CEK with the KEK generated 185 using the 1-Pass ECMQV algorithm. 187 New: 189 keyEncryptionAlgorithm MUST be the key encryption algorithm 190 identifier (see Section 8.1), with the parameters field 191 KeyWrapAlgorithm. The KeyWrapAlgorithm indicates the symmetric 192 encryption algorithm used to encrypt the CEK with the KEK generated 193 using the 1-Pass ECMQV algorithm. Algorithm requirements are found 194 in paragraph 5. 196 5. Updates to Paragraph 5 198 Add the following to the end of the section: 200 Implementations of this specification MUST implement the SHA-256 201 hash algorithm. The SHA-1, SHA-224, SHA-384, SHA-512 hash 202 algorithms MAY be supported. 204 When ECDSA, ECDH, or ECMQV is used, it is RECOMMENDED that the 205 P-256 curve be used with SHA-256, the P-384 curve be used with 206 SHA-384, and the P-521 curve be used with SHA-512. 208 Implementations of this specification that support EnvelopedData 209 with ephemeral-static ECDH standard primitive MUST support the 210 dhSinglePass-stdDH-sha256kdf-scheme algorithm. They MUST also 211 support the id-aes128-wrap algorithm. The dhSinglePass-stdDH- 212 sha1kdf-scheme, dhSinglePass-stdDH-sha224kdf-scheme, 213 dhSinglePass-stdDH-sha384kdf-scheme, and dhSinglePass-stdDH- 214 sha512kdf-scheme algorithms MAY be supported. Likewise, the id- 215 alg-CMS3DESwrap, id-aes198-wrap, and id-aes256wrap MAY be 216 supported. 218 Implementations of this specification that support EnvelopedData 219 with ephemeral-static ECDH cofactor primitive MUST support the 220 dhSinglePass-cofactorDH-sha256kdf-scheme algorithm. They MUST 221 also support the id-aes128-wrap algorithm. The dhSinglePass- 222 cofactorDH-sha1kdf-scheme, dhSinglePass-cofactorDH-sha224kdf- 223 scheme, dhSinglePass-cofactorDH-sha384kdf-scheme, and 224 dhSinglePass-cofactorDH-sha512kdf-scheme algorithms MAY be 225 supported. Likewise, the id-alg-CMS3DESwrap, id-aes198-wrap, and 226 id-aes256wrap MAY be supported. 228 Implementations of this specification that support EnvelopedData 229 with ECMQV MUST support the mqvSinglePass-sha256kdf-scheme 230 algorithm. They MUST also support the id-aes128-wrap algorithm. 232 The mqvSinglePass-sha1kdf-scheme, mqvSinglePass-sha224kdf-scheme, 233 mqvSinglePass-sha384kdf-scheme, and mqvSinglePass-sha512kdf- 234 scheme algorithms MAY be supported. Likewise, the id-alg- 235 CMS3DESwrap, id-aes198-wrap, and id-aes256wrap MAY be supported. 237 Implementations of this specification that support 238 AuthenticatedData with ECMQV MUST support the 239 mqvSinglePass-sha256kdf-scheme algorithm. They MUST also support 240 the id-aes128-wrap algorithm. The mqvSinglePass-sha1kdf-scheme, 241 mqvSinglePass-sha224kdf-scheme, mqvSinglePass-sha384kdf-scheme, 242 and mqvSinglePass-sha512kdf-scheme algorithms MAY be supported. 243 Likewise, the id-alg-CMS3DESwrap, id-aes198-wrap, and id- 244 aes256wrap MAY be supported. 246 6. Updates to Paragraph 7 248 Old: 250 The SMIMECapability value to indicate support for the ECDSA 251 signature algorithm is the SEQUENCE with the capabilityID field 252 containing the object identifier ecdsa-with-SHA1 with NULL 253 parameters. The DER encoding is: 255 30 0b 06 07 2a 86 48 ce 3d 04 01 05 00 257 New: 259 The SMIMECapability value to indicate support for the ECDSA 260 signature algorithm is the SEQUENCE with the capabilityID field 261 containing the object identifiers ecdsa-with-SHA* object 262 identifiers (where * is 1, 224, 256, 384, or 512) all with NULL 263 parameters. The DER encodings are: 265 ecdsa-with-SHA1: 30 0b 06 07 2a 86 48 ce 3d 04 01 05 00 267 ecdsa-with-SHA224: 30 0c 06 08 2a 86 48 ce 3d 04 03 01 05 00 269 ecdsa-with-SHA256: 30 0c 06 08 2a 86 48 ce 3d 04 03 02 05 00 271 ecdsa-with-SHA384: 30 0c 06 08 2a 86 48 ce 3d 04 03 03 05 00 273 ecdsa-with-SHA512: 30 0c 06 08 2a 86 48 ce 3d 04 03 04 05 00 275 Old: 277 The SMIMECapability capabilityID object identifiers for the 278 supported key agreement algorithms in this document are 279 dhSinglePass-stdDH-sha1kdf-scheme, dhSinglePass-cofactorDH- 280 sha1kdf-scheme, and mqvSinglePass-sha1kdf-scheme. For each of 281 these SMIMECapability SEQUENCEs, the parameters field is present 282 and indicates the supported key-encryption algorithm with the 283 KeyWrapAlgorithm algorithm identifier. The DER encodings that 284 indicate capability of the three key agreement algorithms with 285 CMS Triple-DES key wrap are: 287 30 1c 06 09 2b 81 05 10 86 48 3f 00 02 30 0f 06 288 0b 2a 86 48 86 f7 0d 01 09 10 03 06 05 00 290 for ephemeral-static ECDH, 292 30 1c 06 09 2b 81 05 10 86 48 3f 00 03 30 0f 06 293 0b 2a 86 48 86 f7 0d 01 09 10 03 06 05 00 295 for ephemeral-static ECDH with cofactor method, and 297 30 1c 06 09 2b 81 05 10 86 48 3f 00 10 30 0f 06 298 0b 2a 86 48 86 f7 0d 01 09 10 03 06 05 00 300 for ECMQV. 302 New: 304 The SMIMECapability value to indicate support for 305 a) the standard ECDH key agreement algorithm, 306 b) the cofactor ECDH key agreement algorithm, or 307 c) the 1-Pass ECMQV key agreement algorithm 308 is a SEQUENCE with the capabilityID field containing the object 309 identifier 310 a) dhSinglePass-stdDH-sha*kdf-scheme, 311 b) dhSinglePass-cofactorDH-sha*kdf-scheme, or 312 c) mqvSinglePass-sha*kdf-scheme 313 respectively (where * is 1, 224, 256, 384, or 512) with the 314 parameters present. The parameters indicate the supported key- 315 encryption algorithm with the KeyWrapAlgorithm algorithm identifier. 317 Example DER encodings that indicate some capabilities are as follows 318 (KA is key agreement, KDF is key derivation function, and Wrap is key 319 wrap algorithm): 321 KA=ECDH standard KDF=SHA1 Wrap=3DES 323 30 1c 324 06 09 2b 81 05 10 86 48 3f 00 02 325 30 0f 326 06 0b 2a 86 48 86 f7 0d 01 09 10 03 06 327 05 00 329 KA=ECDH standard KDF=SHA256 Wrap=AES128 331 30 1a 332 06 09 2b 81 04 01 0B 01 333 30 0f 334 06 09 60 83 48 01 65 03 04 01 05 335 05 00 337 KA=ECDH standard KDF=SHA384 Wrap=AES256 339 30 1a 340 06 06 2b 81 04 01 0B 02 341 30 0f 342 06 09 60 83 48 01 65 03 04 01 2D 343 05 00 345 KA=ECDH cofactor KDF=SHA1 Wrap=3DES 347 30 1c 348 06 09 2b 81 05 10 86 48 3f 00 03 349 30 0f 350 06 0b 2a 86 48 86 f7 0d 01 09 10 03 06 351 05 00 353 KA=ECDH cofactor KDF=SHA256 Wrap=AES128 355 30 1a 356 06 06 2b 81 04 01 0E 01 357 30 0f 358 06 09 60 83 48 01 65 03 04 01 05 359 05 00 361 KA=ECDH cofactor KDF=SHA384 Wrap=AES256 363 30 1a 364 06 06 2b 81 04 01 0E 02 365 30 0f 366 06 09 60 83 48 01 65 03 04 01 2D 367 05 00 369 KA=ECMQV 1-Pass KDF=SHA1 Wrap=3DES 371 30 1c 372 06 09 2b 81 05 10 86 48 3f 00 10 373 30 0f 374 06 0b 2a 86 48 86 f7 0d 01 09 10 03 06 375 05 00 377 KA=ECMQV 1-Pass KDF=SHA256 Wrap=AES128 379 30 1a 380 06 06 2b 81 04 01 0F 01 381 30 0f 382 06 09 60 83 48 01 65 03 04 01 05 383 05 00 385 KA=ECMQV 1-Pass KDF=SHA384 Wrap=AES256 387 30 1a 388 06 06 2b 81 04 01 0F 02 389 30 0f 390 06 09 60 83 48 01 65 03 04 01 2D 391 05 00 393 7. Updates to Paragraph 8.1 395 Old: 397 The algorithm identifiers used in this document are taken from 398 [X9.62], [SEC1] and [SEC2]. 400 The following object identifier indicates the hash algorithm used 401 in this document: 403 sha-1 OBJECT IDENTIFIER ::= { iso(1) identified-organization(3) 404 oiw(14) secsig(3) algorithm(2) 26 } 406 New: 408 The following object identifier indicates the hash algorithm used 409 in this document: 411 id-sha1 OBJECT IDENTIFIER ::= { iso(1) identified- 412 organization(3) oiw(14) secsig(3) algorithm(2) 26 } 413 id-sha224 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) 414 country(16) us(840) organization(1) gov(101) csor(3) 415 nistalgorithm(4) hashalgs(2) 4 } 417 id-sha256 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) 418 country(16) us(840) organization(1) gov(101) csor(3) 419 nistalgorithm(4) hashalgs(2) 1 } 421 id-sha384 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) 422 country(16) us(840) organization(1) gov(101) csor(3) 423 nistalgorithm(4) hashalgs(2) 2 } 425 id-sha512 OBJECT IDENTIFIER ::= { joint-iso-itu-t(2) 426 country(16) us(840) organization(1) gov(101) csor(3) 427 nistalgorithm(4) hashalgs(2) 3 } 429 Old: 431 The following object identifier indicates the digital signature 432 algorithm used in this document: 434 ecdsa-with-SHA1 OBJECT IDENTIFIER ::= { ansi-x9-62 435 signatures(4) 1 } 437 When the object identifier ecdsa-with-SHA1 is used within an 438 algorithm identifier, the associated parameters field contains 439 NULL. 441 New: 443 The following object identifier indicates the digital signature 444 algorithm used in this document: 446 ecdsa-with-SHA1 OBJECT IDENTIFIER ::= { ansi-x9-62 447 signatures(4) 1 } 449 ecdsa-with-SHA224 OBJECT IDENTIFIER ::= { ansi-x9-62 450 signatures(4) ecdsa-with-SHA2(3) 1 } 452 ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { ansi-x9-62 453 signatures(4) ecdsa-with-SHA2(3) 2 } 455 ecdsa-with-SHA384 OBJECT IDENTIFIER ::= { ansi-x9-62 456 signatures(4) ecdsa-with-SHA2(3) 3 } 458 ecdsa-with-SHA512 OBJECT IDENTIFIER ::= { ansi-x9-62 459 signatures(4) ecdsa-with-SHA2(3) 4 } 461 When the object identifiers ecdsa-with-SHA1, ecdsa-with-SHA224, 462 ecdsa-with-SHA256, ecdsa-with-SHA384, or ecdsa-with-SHA512 are 463 used within an algorithm identifier, the associated parameters 464 field contains NULL. 466 Old: 468 The following object identifiers indicate the key agreement 469 algorithms used in this document: 471 dhSinglePass-stdDH-sha1kdf-scheme OBJECT IDENTIFIER ::= { 472 x9-63-scheme 2} 474 dhSinglePass-cofactorDH-sha1kdf-scheme OBJECT IDENTIFIER ::= { 475 x9-63-scheme 3} 477 mqvSinglePass-sha1kdf-scheme OBJECT IDENTIFIER ::= { 478 x9-63-scheme 16} 480 where 482 x9-63-scheme OBJECT IDENTIFIER ::= { iso(1) 483 identified-organization(3) tc68(133) country(16) x9(840) 484 x9-63(63) schemes(0) } 486 When the object identifiers are used here within an algorithm 487 identifier, the associated parameters field contains the CMS 488 KeyWrapAlgorithm algorithm identifier. 490 New: 492 The following object identifiers indicate the key agreement 493 algorithms used in this document: 495 dhSinglePass-stdDH-sha1kdf-scheme OBJECT IDENTIFIER ::= { 496 x9-63-scheme 2 } 498 dhSinglePass-stdDH-sha224kdf-scheme OBJECT IDENTIFIER ::= { 499 secg-scheme 11 0 } 501 dhSinglePass-stdDH-sha256kdf-scheme OBJECT IDENTIFIER ::= { 502 secg-scheme 11 1 } 504 dhSinglePass-stdDH-sha384kdf-scheme OBJECT IDENTIFIER ::= { 505 secg-scheme 11 2 } 507 dhSinglePass-stdDH-sha512kdf-scheme OBJECT IDENTIFIER ::= { 508 secg-scheme 11 3 } 510 dhSinglePass-cofactorDH-sha1kdf-scheme OBJECT IDENTIFIER ::= { 511 x9-63-scheme 3 } 513 dhSinglePass-cofactorDH-sha224kdf-scheme OBJECT IDENTIFIER ::= 514 { secg-scheme 14 0 } 516 dhSinglePass-cofactorDH-sha256kdf-scheme OBJECT IDENTIFIER ::= 517 { secg-scheme 14 1 } 519 dhSinglePass-cofactorDH-sha384kdf-scheme OBJECT IDENTIFIER ::= 520 { secg-scheme 14 2 } 522 dhSinglePass-cofactorDH-sha512kdf-scheme OBJECT IDENTIFIER ::= 523 { secg-scheme 14 3 } 525 mqvSinglePass-sha1kdf-scheme OBJECT IDENTIFIER ::= { 526 x9-63-scheme 16 } 528 mqvSinglePass-sha224kdf-scheme OBJECT IDENTIFIER ::= { 529 secg-scheme 15 0 } 531 mqvSinglePass-sha256kdf-scheme OBJECT IDENTIFIER ::= { 532 secg-scheme 15 1 } 534 mqvSinglePass-sha384kdf-scheme OBJECT IDENTIFIER ::= { 535 secg-scheme 15 2 } 537 mqvSinglePass-sha512kdf-scheme OBJECT IDENTIFIER ::= { 538 secg-scheme 15 3 } 540 where 542 x9-63-scheme OBJECT IDENTIFIER ::= { 543 iso(1) identified-organization(3) tc68(133) country(16) 544 x9(840) x9-63(63) schemes(0) } 546 and 548 secg-scheme OBJECT IDENTIFIER ::= { 549 iso(1) identified-organization(3) certicom(132) schemes(1) } 551 When the object identifiers are used here within an algorithm 552 identifier, the associated parameters field contains the CMS 553 KeyWrapAlgorithm algorithm identifier. 555 8. Updates to Paragraph 9 557 Add the following reference: 559 [SMIME-SHA2] Turner, S., "Using SHA2 Algorithms with 560 Cryptographic Message Syntax", work-in-progress. 562 Update the following references: 564 Old: 566 [PKI-ALG] Bassham, L., Housley R. and W. Polk, "Algorithms and 567 Identifiers for the Internet X.509 Public Key Infrastructure 568 Certificate and CRL Profile", RFC 3279, April 2002. 570 [FIPS-180] FIPS 180-1, "Secure Hash Standard", National Institute 571 of Standards and Technology, April 17, 1995. 573 New: 575 [PKI-ALG] Turner, S., Brown, D., Yiu, K., Housley, R., and W. 576 Polk,"Elliptic Curve Cryptography Subject Public Key 577 Information", work-in-progress. 579 [FIPS] FIPS 180-2, "Secure Hash Standard", National Institute of 580 Standards and Technology, August 1, 2002. 582 9. Changes to Security Considerations 584 Delete the following: 586 When 256, 384, and 512 bit hash functions succeed SHA-1 in future 587 revisions of [FIPS], [FIPS-186-2], [X9.62] and [SEC1], then they 588 can similarly succeed SHA-1 in a future revision of this 589 document. 591 10. Add Annex A: 2004 ASN.1 Module 593 Add the following section as Annex A ASN.1 Module. 595 This appendix provides the ASN.1 definitions for the structures 596 described in this specification using ASN.1 as defined in 597 [X.680,X.681]. 599 SMIMEECCAlgs-2008 600 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 601 smime(16) modules(0) TBD } 603 DEFINITIONS EXPLICIT TAGS ::= 605 BEGIN 607 -- EXPORTS ALL 609 IMPORTS 611 -- From [PKI-ALG] 613 ALGORITHM, algorithmIdentifier, MessageDigestAlgorithms, 614 SignatureAlgorithms 615 ow-sha1, ow-sha224, ow-sha256, ow-sha384, ow-sha512, 616 sa-ecdsaWithSHA1 617 FROM PKIXAlgs-2008 618 { iso(1) identified-organization(3) dod(6) internet(1) 619 security(5) mechanisms(5) pkix(7) id-mod(0) TBD } 621 -- From [RFC3565] 623 id-aes128-CBC, id-aes192-CBC, id-aes256-CBC, AES-IV 624 id-aes128-wrap, id-aes192-wrap, id-aes1256-wrap 625 FROM CMSAesRsaesOaep 626 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 627 smime(16) modules(0) id-mod-cms-aes(19) } 629 -- From [RFC5084] 631 id-aes128-CCM, id-aes192-CCM, id-aes256-CCM, CCMParameters 632 id-aes128-GCM, id-aes192-GCM, id-aes256-GCM, GCMParameters 633 FROM CMS-AES-CCM-and-AES-GCM 634 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 635 smime(16) modules(0) id-mod-cms-aes(32) } 637 -- From [RFC3852] 639 OriginatorPublicKey, UserKeyingMaterial 640 FROM CryptographicMessageSyntax2004 641 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 642 smime(16) modules(0) cms-2004(24) } 644 -- From [RFC3370] 646 hMAC-SHA1, id-alg-CMS3DESwrap, CBCParameter 647 FROM CryptographicMessageSyntaxAlgorithms 648 { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) 649 smime(16) modules(0) cmsalg-2001(16) } 651 ; 653 -- Constrains the SignedData digestAlgorithms field 654 -- Constrains the SignedData SignerInfo digestAlgorithm field 655 -- Constrains the AuthenticatedData digestAlgorithm field 657 MessageDigestAlgorithms ALGORITHM ::= { 658 ow-sha1 | 659 ow-sha224 | 660 ow-sha256 | 661 ow-sha384 | 662 ow-sha512, 663 ... -- Extensible 664 } 666 -- Constrains the SignedData SignerInfo signatureAlgorithm field 668 SignatureAlgorithms ALGORITHM ::= { 669 sa-ecdsaWithSHA1 | 670 sa-ecdsaWithSHA224 | 671 sa-ecdsaWithSHA256 | 672 sa-ecdsaWithSHA384 | 673 sa-ecdsaWithSHA512 , 674 ... -- Extensible 675 } 677 sa-ecdsa-with-SHA224 ALGORITHM ::= { 678 OID ecdsa-with-SHA224 PARMS NULL } 680 ecdsa-with-SHA224 OBJECT IDENTIFIER ::= { 681 iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 682 ecdsa-with-SHA2(3) 1 } 684 sa-ecdsa-with-SHA256 ALGORITHM ::= { 685 OID ecdsa-with-SHA256 PARMS NULL } 687 ecdsa-with-SHA256 OBJECT IDENTIFIER ::= { 688 iso(1) member-body(2) us(840)ansi-X9-62(10045) signatures(4) 689 ecdsa-with-SHA2(3) 2 } 691 sa-ecdsa-with-SHA384 ALGORITHM ::= { 692 OID ecdsa-with-SHA384 PARMS NULL } 694 ecdsa-with-SHA384 OBJECT IDENTIFIER ::= { 695 iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 696 ecdsa-with-SHA2(3) 3 } 698 sa-ecdsa-with-SHA512 ALGORITHM ::= { 699 OID ecdsa-with-SHA512 PARMS NULL } 701 ecdsa-with-SHA512 OBJECT IDENTIFIER ::= { 702 iso(1) member-body(2) us(840) ansi-X9-62(10045) signatures(4) 703 ecdsa-with-SHA2(3) 4 } 705 -- ECDSA Signature Value 706 -- Contents of SignatureValue OCTET STRING 708 ECDSA-Sig-Value ::= SEQUENCE { 709 r INTEGER, 710 s INTEGER 711 } 712 -- Constrains the EnvelopedData RecipientInfo KeyAgreeRecipientInfo 713 -- keyEncryption Algorithm field 714 -- Constrains the AuthenticatedData RecipientInfo 715 -- KeyAgreeRecipientInfo keyEncryption Algorithm field 716 -- Constrains the AuthEnvelopedData RecipientInfo 717 -- KeyAgreeRecipientInfo keyEncryption Algorithm field 719 -- DH variants are not used with AuthenticatedData or 720 -- AuthEnvelopedData 722 KeyAgreementAlgorithms ALGORITHM ::= { 723 kaa-dhSinglePass-stdDH-sha1kdf | 724 kaa-dhSinglePass-stdDH-sha224kdf | 725 kaa-dhSinglePass-stdDH-sha256kdf | 726 kaa-dhSinglePass-stdDH-sha384kdf | 727 kaa-dhSinglePass-stdDH-sha512kdf | 728 kaa-dhSinglePass-cofactorDH-sha1kdf | 729 kaa-dhSinglePass-cofactorDH-sha224kdf | 730 kaa-dhSinglePass-cofactorDH-sha256kdf | 731 kaa-dhSinglePass-cofactorDH-sha384kdf | 732 kaa-dhSinglePass-cofactorDH-sha512kdf | 733 kaa-mqvSinglePass-sha1kdf | 734 kaa-mqvSinglePass-sha224kdf | 735 kaa-mqvSinglePass-sha256kdf | 736 kaa-mqvSinglePass-sha384kdf | 737 kaa-mqvSinglePass-sha512kdf, 738 ... -- Extensible 739 } 741 x9-63-scheme OBJECT IDENTIFIER ::= { 742 iso(1) identified-organization(3) tc68(133) country(16) x9(840) 743 x9-63(63) schemes(0) } 745 secg-scheme OBJECT IDENTIFIER ::= { 746 iso(1) identified-organization(3) certicom(132) schemes(1) } 748 kaa-dhSinglePass-stdDH-sha1kdf ALGORITHM ::= { 749 OID dhSinglePass-stdDH-sha1kdf-scheme PARMS KeyWrapAlgorithms } 751 dhSinglePass-stdDH-sha1kdf-scheme OBJECT IDENTIFIER ::= { 752 x9-63-scheme 2 } 754 kaa-dhSinglePass-stdDH-sha224kdf ALGORITHM ::= { 755 OID dhSinglePass-stdDH-sha224kdf-scheme PARMS KeyWrapAlgorithms } 757 dhSinglePass-stdDH-sha224kdf-scheme OBJECT IDENTIFIER ::= { 758 secg-scheme 11 0 } 760 kaa-dhSinglePass-stdDH-sha256kdf ALGORITHM ::= { 761 OID dhSinglePass-stdDH-sha256kdf-scheme PARMS KeyWrapAlgorithms } 763 dhSinglePass-stdDH-sha256kdf-scheme OBJECT IDENTIFIER ::= { 764 secg-scheme 11 1 } 766 kaa-dhSinglePass-stdDH-sha384kdf ALGORITHM ::= { 767 OID dhSinglePass-stdDH-sha384kdf-scheme PARMS KeyWrapAlgorithms } 769 dhSinglePass-stdDH-sha384kdf-scheme OBJECT IDENTIFIER ::= { 770 secg-scheme 11 2 } 772 kaa-dhSinglePass-stdDH-sha512kdf ALGORITHM ::= { 773 OID dhSinglePass-stdDH-sha512kdf-scheme PARMS KeyWrapAlgorithms } 775 dhSinglePass-stdDH-sha512kdf-scheme OBJECT IDENTIFIER ::= { 776 secg-scheme 11 3 } 778 kaa-dhSinglePass-cofactorDH-sha1kdf ALGORITHM ::= { 779 OID dhSinglePass-cofactorDH-sha1kdf-scheme PARMS KeyWrapAlgorithms } 781 dhSinglePass-cofactorDH-sha1kdf-scheme OBJECT IDENTIFIER ::= { 782 x9-63-scheme 3 } 784 kaa-dhSinglePass-cofactorDH-sha224kdf ALGORITHM ::= { 785 OID dhSinglePass-cofactorDH-sha224kdf-scheme 786 PARMS KeyWrapAlgorithms } 788 dhSinglePass-cofactorDH-sha224kdf-scheme OBJECT IDENTIFIER ::= { 789 secg-scheme 14 0 } 791 kaa-dhSinglePass-cofactorDH-sha256kdf ALGORITHM ::= { 792 OID dhSinglePass-cofactorDH-sha256kdf-scheme 793 PARMS KeyWrapAlgorithms } 795 dhSinglePass-cofactorDH-sha256kdf-scheme OBJECT IDENTIFIER ::= { 796 secg-scheme 14 1 } 798 kaa-dhSinglePass-cofactorDH-sha384kdf ALGORITHM ::= { 799 OID dhSinglePass-cofactorDH-sha384kdf-scheme 800 PARMS KeyWrapAlgorithms } 802 dhSinglePass-cofactorDH-sha384kdf-scheme OBJECT IDENTIFIER ::= { 803 secg-scheme 14 2 } 805 kaa-dhSinglePass-cofactorDH-sha512kdf ALGORITHM ::= { 806 OID dhSinglePass-cofactorDH-sha512kdf-scheme 807 PARMS KeyWrapAlgorithms } 809 dhSinglePass-cofactorDH-sha512kdf-scheme OBJECT IDENTIFIER ::= { 810 secg-scheme 14 3 } 812 kaa-mqvSinglePass-sha1kdf ALGORITHM ::= { 813 OID mqvSinglePass-sha1kdf-scheme PARMS KeyWrapAlgorithms } 815 mqvSinglePass-sha1kdf-scheme OBJECT IDENTIFIER ::= { 816 x9-63-scheme 16 } 818 kaa-mqvSinglePass-sha224kdf ALGORITHM ::= { 819 OID mqvSinglePass-sha224kdf-scheme PARMS KeyWrapAlgorithms } 821 mqvSinglePass-sha224kdf-scheme OBJECT IDENTIFIER ::= { 822 secg-scheme 15 0 } 824 kaa-mqvSinglePass-sha256kdf ALGORITHM ::= { 825 OID mqvSinglePass-sha256kdf-scheme PARMS KeyWrapAlgorithms } 827 mqvSinglePass-sha256kdf-scheme OBJECT IDENTIFIER ::= { 828 secg-scheme 15 1 } 830 kaa-mqvSinglePass-sha384kdf ALGORITHM ::= { 831 OID mqvSinglePass-sha384kdf-scheme PARMS KeyWrapAlgorithms } 833 mqvSinglePass-sha384kdf-scheme OBJECT IDENTIFIER ::= { 834 secg-scheme 15 2 } 836 kaa-mqvSinglePass-sha512kdf ALGORITHM ::= { 837 OID mqvSinglePass-sha512kdf-scheme PARMS KeyWrapAlgorithms } 839 mqvSinglePass-sha512kdf-scheme OBJECT IDENTIFIER ::= { 840 secg-scheme 15 3 } 842 KeyWrapAlgorithms ALGORITHM ::= { 843 kwa-3des | 844 kwa-aes128 | 845 kwa-aes192 | 846 kwa-aes256, 847 ... -- Extensible 848 } 850 kwa-3des ALGORITHM :: = { 851 OID id-alg-CMS3DESwrap PARMS NULL } 853 kwa-aes128 ALGORITHM ::= { 854 OID id-aes128-wrap PARMS ABSENT } 856 kwa-aes192 ALGORITHM ::= { 857 OID id-aes192-wrap PARMS ABSENT } 859 kwa-aes256 ALGORITHM ::= { 860 OID id-aes256-wrap PARMS ABSENT } 862 -- Constrains the EnvelopedData EncryptedContentInfo encryptedContent 863 -- field 865 ContentEncryptionAlgorithms ALGORITHM ::= { 866 cea-des-ede3-cbc | 867 cea-aes128-cbc | 868 cea-aes192-cbc | 869 cea-aes256-cbc | 870 cea-aes128-ccm | 871 cea-aes192-ccm | 872 cea-aes256-ccm | 873 cea-aes128-gcm | 874 cea-aes128-gcm | 875 cea-aes128-gcm, 876 ... -- Extensible 877 } 879 cea-des-ede3-cbc ALGORITHM ::= { 880 OID des-ede3-cbc PARMS CBCParameter } 882 cea-aes128-cbc ALGORITHM ::= { 883 OID id-aes128-CBC PARMS AES-IV } 885 cea-aes192-cbc ALGORITHM ::= { 886 OID id-aes192-CBC PARMS AES-IV } 888 cea-aes256-cbc ALGORITHM ::= { 889 OID id-aes256-CBC PARMS AES-IV } 891 cea-aes128-ccm ALGORITHM ::= { 892 OID id-aes128-CCM PARMS CCMParameters } 894 cea-aes192-ccm ALGORITHM ::= { 895 OID id-aes192-CCM PARMS CCMParameters } 897 cea-aes256-ccm ALGORITHM ::= { 898 OID id-aes256-CCM PARMS CCMParameters } 900 cea-aes128-gcm ALGORITHM ::= { 901 OID id-aes128-GCM PARMS GCMParameters } 903 cea-aes192-gcm ALGORITHM ::= { 904 OID id-aes192-GCM PARMS GCMParameters } 906 cea-aes256-gcm ALGORITHM ::= { 907 OID id-aes256-GCM PARMS GCMParameters } 909 -- Constrains the AuthenticatedData 910 -- MessageAuthenticationCodeAlgorithm field 911 -- Constrains the AuthEnvelopedData 912 -- MessageAuthenticationCodeAlgorithm field 914 MessageAuthenticationCodeAlgorithms ALGORITHM ::= { 915 maca-sha1 | 916 maca-sha224 | 917 maca-sha256 | 918 maca-sha384 | 919 maca-sha512, 920 ... -- Extensible 921 } 923 maca-sha1 ALGORITHM ::= { 924 OID hMAC-SHA1 PARMS NULL } 926 maca-sha224 ALGORITHM ::= { 927 OID id-hmacWithSHA224 PARMS NULL } 929 -- Would love to import the HMAC224-512 OIDS but they're not in a 930 -- module (that I could find) 932 id-hmacWithSHA224 OBJECT IDENTIFIER ::= { 933 iso(1) member-body(2) us(840) rsadsi(113549) rsadsi(2) 8 } 935 maca-sha256 ALGORITHM ::= { 936 OID id-hmacWithSHA256 PARMS NULL } 938 id-hmacWithSHA256 OBJECT IDENTIFIER ::= { 939 iso(1) member-body(2) us(840) rsadsi(113549) rsadsi(2) 9 } 941 maca-sha384 ALGORITHM ::= { 942 OID id-hmacWithSHA384 PARMS NULL } 944 id-hmacWithSHA384 OBJECT IDENTIFIER ::= { 945 iso(1) member-body(2) us(840) rsadsi(113549) rsadsi(2) 10 } 947 maca-sha512 ALGORITHM ::= { 948 OID id-hmacWithSHA512 PARMS NULL } 950 id-hmacWithSHA512 OBJECT IDENTIFIER ::= { 951 iso(1) member-body(2) us(840) rsadsi(113549) rsadsi(2) 11 } 953 -- Constraints on KeyAgreeRecipientInfo OriginatorIdentifierOrKey 954 -- OriginatorPublicKey algorithm field 956 -- PARMS are NULL 958 OriginatorPKAlgorithms ALGORITHM ::= { 959 opka-ec, 960 ... -- Extensible 961 } 963 opka-ec AGLORITHM ::={ 964 OID id-ecPublicKey PARMS NULL } 966 -- Format for both ephemeral and static public keys 968 ECPoint ::= OCTET STRING 970 -- Format of KeyAgreeRecipientInfo ukm field when used with 971 -- ECDH or ECmqv 973 MQVuserKeyingMaterial ::= SEQUENCE { 974 ephemeralPublicKey OriginatorPublicKey, 975 addedukm [0] EXPLICIT UserKeyingMaterial OPTIONAL 976 } 978 -- Format for ECDH and ECMQV key-encryption keys when using 979 -- EnvelopedData or AuthenticatedData 981 ECC-CMS-SharedInfo ::= SEQUENCE { 982 keyInfo AlgorithmIdentifier { KeyWrapAlgorithms }, 983 entityUInfo [0] EXPLICIT OCTET STRING OPTIONAL, 984 suppPubInfo [2] EXPLICIT OCTET STRING 985 } 986 SMIME-CAPS ::= CLASS { 987 &Type OPTIONAL, 988 &id OBJECT IDENTIFIER UNIQUE 989 } 990 WITH SYNTAX {TYPE &Type IDENTIFIED BY &id } 992 SMIMECapability ::= SEQUENCE { 993 capabilityID SMIME-CAPS.&id({SMimeCapsSet}), 994 parameters SMIME-CAPS. 995 &Type({SMimeCapsSet}{@capabilityID}) OPTIONAL 996 } 998 SMimeCapsSet SMIME-CAPS ::= { 999 cap-ecdsa-with-SHA1 | 1000 cap-ecdsa-with-SHA224 | 1001 cap-ecdsa-with-SHA256 | 1002 cap-ecdsa-with-SHA384 | 1003 cap-ecdsa-with-SHA512 | 1004 cap-dhSinglePass-stdDH-sha1kdf | 1005 cap-dhSinglePass-stdDH-sha224kdf | 1006 cap-dhSinglePass-stdDH-sha256kdf | 1007 cap-dhSinglePass-stdDH-sha384kdf | 1008 cap-dhSinglePass-stdDH-sha512kdf | 1009 cap-dhSinglePass-cofactorDH-sha1kdf | 1010 cap-dhSinglePass-cofactorDH-sha224kdf | 1011 cap-dhSinglePass-cofactorDH-sha256kdf | 1012 cap-dhSinglePass-cofactorDH-sha384kdf | 1013 cap-dhSinglePass-cofactorDH-sha512kdf | 1014 cap-mqvSinglePass-sha1kdf | 1015 cap-mqvSinglePass-sha224kdf | 1016 cap-mqvSinglePass-sha256kdf | 1017 cap-mqvSinglePass-sha384kdf | 1018 cap-mqvSinglePass-sha512kdf, 1019 ... -- Extensible 1020 } 1022 cap-ecdsa-with-SHA1 SMIME-CAPS ::= { 1023 TYPE NULL IDENTIFIED BY ecdsa-with-SHA1 } 1025 cap-ecdsa-with-SHA224 SMIME-CAPS ::= { 1026 TYPE NULL IDENTIFIED BY ecdsa-with-SHA224 } 1028 cap-ecdsa-with-SHA256 SMIME-CAPS ::= { 1029 TYPE NULL IDENTIFIED BY ecdsa-with-SHA256 } 1031 cap-ecdsa-with-SHA384 SMIME-CAPS ::= { 1032 TYPE NULL IDENTIFIED BY ecdsa-with-SHA384 } 1034 cap-ecdsa-with-SHA512 SMIME-CAPS ::= { 1035 TYPE NULL IDENTIFIED BY ecdsa-with-SHA512 } 1037 cap-dhSinglePass-stdDH-sha1kdf SMIME-CAPS ::= { 1038 TYPE KeyWrapAlgorithms IDENTIFIED BY dhSinglePass-stdDH-sha1kdf } 1040 cap-dhSinglePass-stdDH-sha224kdf SMIME-CAPS ::= { 1041 TYPE KeyWrapAlgorithms IDENTIFIED BY dhSinglePass-stdDH-sha224kdf } 1043 cap-dhSinglePass-stdDH-sha256kdf SMIME-CAPS ::= { 1044 TYPE KeyWrapAlgorithms IDENTIFIED BY dhSinglePass-stdDH-sha256kdf } 1046 cap-dhSinglePass-stdDH-sha384kdf SMIME-CAPS ::= { 1047 TYPE KeyWrapAlgorithms IDENTIFIED BY dhSinglePass-stdDH-sha384kdf } 1049 cap-dhSinglePass-stdDH-sha512kdf SMIME-CAPS ::= { 1050 TYPE KeyWrapAlgorithms IDENTIFIED BY dhSinglePass-stdDH-sha512kdf } 1052 cap-dhSinglePass-cofactorDH-sha1kdf SMIME-CAPS ::= { 1053 TYPE KeyWrapAlgorithms 1054 IDENTIFIED BY dhSinglePass-cofactorDH-sha1kdf } 1056 cap-dhSinglePass-cofactorDH-sha224kdf SMIME-CAPS ::= { 1057 TYPE KeyWrapAlgorithms 1058 IDENTIFIED BY dhSinglePass-cofactorDH-sha224kdf } 1060 cap-dhSinglePass-cofactorDH-sha256kdf SMIME-CAPS ::= { 1061 TYPE KeyWrapAlgorithms 1062 IDENTIFIED BY dhSinglePass-cofactorDH-sha256kdf } 1064 cap-dhSinglePass-cofactorDH-sha384kdf SMIME-CAPS ::= { 1065 TYPE KeyWrapAlgorithms 1066 IDENTIFIED BY dhSinglePass-cofactorDH-sha384kdf } 1068 cap-dhSinglePass-cofactorDH-sha512kdf SMIME-CAPS ::= { 1069 TYPE KeyWrapAlgorithms 1070 IDENTIFIED BY dhSinglePass-cofactorDH-sha512kdf } 1072 cap-mqvSinglePass-sha1kdf SMIME-CAPS ::= { 1073 TYPE KeyWrapAlgorithms IDENTIFIED BY mqvSinglePass-sha1kdf } 1075 cap-mqvSinglePass-sha224kdf SMIME-CAPS ::= { 1076 TYPE KeyWrapAlgorithms IDENTIFIED BY mqvSinglePass-sha224kdf } 1078 cap-mqvSinglePass-sha256kdf SMIME-CAPS ::= { 1079 TYPE KeyWrapAlgorithms IDENTIFIED BY mqvSinglePass-sha256kdf } 1081 cap-mqvSinglePass-sha384kdf SMIME-CAPS ::= { 1082 TYPE KeyWrapAlgorithms IDENTIFIED BY mqvSinglePass-sha384kdf } 1084 cap-mqvSinglePass-sha512kdf SMIME-CAPS ::= { 1085 TYPE KeyWrapAlgorithms IDENTIFIED BY mqvSinglePass-sha512kdf } 1087 END 1089 11. Security Considerations 1091 No new security considerations to those already specified in 1092 [RFC3278], [SMIME-SHA2], and [PKI-ALG]. 1094 12. IANA Considerations 1096 None: All identifiers are already registered. Please remove this 1097 section prior to publication as an RFC. 1099 13. References 1101 13.1. Normative References 1103 [MUST] Bradner, S., "Key words for use in RFCs to Indicate 1104 Requirement Levels", RFC 2119, BCP 14, March 1997. 1106 [PKI-ALG] Turner, S., Brown, D., Yiu, K., Housley, R., and W. 1107 Polk, "Elliptic Curve Cryptography Subject Public Key 1108 Information", work-in-progress. 1110 [SMIME-SHA2] Turner, S., "Using SHA2 Algorithms with Cryptographic 1111 Message Syntax", work-in-progress. 1113 [RFC3278] Blake-Wilson, S., Brown, D., and P. Lambert, "Use of 1114 Elliptic Curve Cryptography (ECC) Algorithms in 1115 Cryptographic Message Syntax (CMS)", RFC 3278, April 1116 2002. 1118 [RFC3370] Housley, R., "Cryptographic Message Syntax (CMS) 1119 Algorithms", RFC 3370, August 2002. 1121 [RFC3565] Schaad, J., "Use of the Advanced Encryption Standard 1122 (AES) Encryption Algorithm in Cryptographic Message 1123 Syntax (CMS)", RFC 3565, July 2003. 1125 [RFC3852] Housley, R., "Cryptographic Message Syntax (CMS)", 1126 RFC 3852, July 2004. 1128 [RFC5084] Housley, R., "Using AES-CCM and AES-GCM Authenticated 1129 Encryption in the Cryptographic Message Syntax (CMS)", 1130 RFC 5084, November 2007. 1132 [X.680] ITU-T Recommendation X.680: Information Technology - 1133 Abstract Syntax Notation One, 1997. 1135 [X.681] ITU-T Recommendation X.680: Information Technology - 1136 Abstract Syntax Notation One: Information Object 1137 Spcification, 1997. 1139 13.2. Informative References 1141 None. 1143 Author's Addresses 1145 Sean Turner 1147 IECA, Inc. 1148 3057 Nutley Street, Suite 106 1149 Fairfax, VA 22031 1150 USA 1152 Email: turners@ieca.com 1154 Daniel R. L. Brown 1156 Certicom Corp 1157 5520 Explorer Drive #400 1158 Mississauga, ON L4W 5L1 1159 CANADA 1161 Email: dbrown@certicom.com 1163 Full Copyright Statement 1165 Copyright (C) The IETF Trust (2008). 1167 This document is subject to the rights, licenses and restrictions 1168 contained in BCP 78, and except as set forth therein, the authors 1169 retain all their rights. 1171 This document and the information contained herein are provided on an 1172 "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS 1173 OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY, THE IETF TRUST AND 1174 THE INTERNET ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS 1175 OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF 1176 THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED 1177 WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. 1179 Intellectual Property 1181 The IETF takes no position regarding the validity or scope of any 1182 Intellectual Property Rights or other rights that might be claimed to 1183 pertain to the implementation or use of the technology described in 1184 this document or the extent to which any license under such rights 1185 might or might not be available; nor does it represent that it has 1186 made any independent effort to identify any such rights. Information 1187 on the procedures with respect to rights in RFC documents can be 1188 found in BCP 78 and BCP 79. 1190 Copies of IPR disclosures made to the IETF Secretariat and any 1191 assurances of licenses to be made available, or the result of an 1192 attempt made to obtain a general license or permission for the use of 1193 such proprietary rights by implementers or users of this 1194 specification can be obtained from the IETF on-line IPR repository at 1195 http://www.ietf.org/ipr. 1197 The IETF invites any interested party to bring to its attention any 1198 copyrights, patents or patent applications, or other proprietary 1199 rights that may cover technology that may be required to implement 1200 this standard. Please address the information to the IETF at 1201 ietf-ipr@ietf.org. 1203 Acknowledgment 1205 Funding for the RFC Editor function is provided by the IETF 1206 Administrative Support Activity (IASA).