draft-ietf-smime-ecc-05.txt   draft-ietf-smime-ecc-06.txt 
INTERNET-DRAFT Simon Blake-Wilson, Certicom Corp INTERNET-DRAFT Simon Blake-Wilson, Certicom Corp
draft-ietf-smime-ecc-05.txt Daniel R. L. Brown, Certicom Corp draft-ietf-smime-ecc-06.txt Daniel R. L. Brown, Certicom Corp
Paul Lambert, Cosine Communications Paul Lambert, Cosine Communications
7 May, 2001 Expires: 6 November, 2001 7 May, 2001 Expires: 6 November, 2001
Use of ECC Algorithms in CMS Use of ECC Algorithms in CMS
Status of this Memo Status of this Memo
This document is an Internet-Draft and is in full conformance with This document is an Internet-Draft and is in full conformance with
all provisions of Section 10 of RFC2026. Internet-Drafts are all provisions of Section 10 of RFC2026. Internet-Drafts are
working documents of the Internet Engineering Task Force (IETF), working documents of the Internet Engineering Task Force (IETF),
skipping to change at page 9, line 35 skipping to change at page 9, line 35
Furthermore, in order to encourage interoperability, Furthermore, in order to encourage interoperability,
implementations SHOULD use the elliptic curve domain parameters implementations SHOULD use the elliptic curve domain parameters
specified by ANSI [X9.62], NIST [FIPS-186-2] and SECG [SEC2]. specified by ANSI [X9.62], NIST [FIPS-186-2] and SECG [SEC2].
6 Certificates using ECC 6 Certificates using ECC
Internet X.509 certificates [PKI] can be used in conjunction with Internet X.509 certificates [PKI] can be used in conjunction with
this specification to distribute agents' public keys. The use of this specification to distribute agents' public keys. The use of
ECC algorithms and keys within X.509 certificates is specified in ECC algorithms and keys within X.509 certificates is specified in
[PKI-ALG]. More details can be found in [SEC3]. [PKI-ALG].
7 SMIMECapabilities Attribute and ECC 7 SMIMECapabilities Attribute and ECC
A sending agent MAY announce to receiving agents that it supports A sending agent MAY announce to receiving agents that it supports
one or more of the ECC algorithms in this document by using the one or more of the ECC algorithms in this document by using the
SMIMECapabilities signed attribute [MSG, Section 2.5.2]. SMIMECapabilities signed attribute [MSG, Section 2.5.2].
The SMIMECapability value to indicate support for the ECDSA The SMIMECapability value to indicate support for the ECDSA
signature algorithm is the SEQUENCE with the capabilityID field signature algorithm is the SEQUENCE with the capabilityID field
containing the object identifier ecdsa-with-SHA1 with NULL containing the object identifier ecdsa-with-SHA1 with NULL
skipping to change at page 14, line 27 skipping to change at page 14, line 27
[CMS-KEA] J. Pawling, "CMS KEA and SKIPJACK Conventions", RFC [CMS-KEA] J. Pawling, "CMS KEA and SKIPJACK Conventions", RFC
2876, July 2000. 2876, July 2000.
[MSG] B. Ramsdell, "S/MIME Version 3 Message Specification", [MSG] B. Ramsdell, "S/MIME Version 3 Message Specification",
RFC 2633, June 1999. RFC 2633, June 1999.
[CMS-DH] E. Rescorla, "Diffie-Hellman Key Agreement Method", [CMS-DH] E. Rescorla, "Diffie-Hellman Key Agreement Method",
RFC 2631, June 1999. RFC 2631, June 1999.
[SEC1] SECG, "Elliptic Curve Cryptography", Standards for [SEC1] SECG, "Elliptic Curve Cryptography", Standards for
Efficient Cryptography Group, 2000. Efficient Cryptography Group, 2000. Available from
www.secg.org/collateral/sec1.pdf.
[SEC2] SECG, "Recommended Elliptic Curve Domain Parameters", [SEC2] SECG, "Recommended Elliptic Curve Domain Parameters",
Standards for Efficient Cryptography Group, 2000. Standards for Efficient Cryptography Group, 2000.
Available from www.secg.org/collateral/sec2.pdf.
Security Considerations Security Considerations
This specification is based on [CMS], [X9.62] and [SEC1] and the This specification is based on [CMS], [X9.62] and [SEC1] and the
appropriate security considerations of those documents apply. appropriate security considerations of those documents apply.
In addition, implementors of AuthenticatedData should be aware of In addition, implementors of AuthenticatedData should be aware of
the concerns expressed in [BON] when using AuthenticatedData to the concerns expressed in [BON] when using AuthenticatedData to
send messages to more than one recipient. Also, users of MQV send messages to more than one recipient. Also, users of MQV
should be aware of the vulnerability in [K]. should be aware of the vulnerability in [K].
skipping to change at page 15, line 44 skipping to change at page 15, line 44
e-mail: sblakewi@certicom.com e-mail: sblakewi@certicom.com
Daniel R. L. Brown Daniel R. L. Brown
Certicom Corp Certicom Corp
5520 Explorer Drive #400 5520 Explorer Drive #400
Mississauga, ON L4W 5L1 Mississauga, ON L4W 5L1
e-mail: dbrown@certicom.com e-mail: dbrown@certicom.com
Paul Lambert Paul Lambert
Director of Security Applications
CoSine Communications
1200 Bridge Parkway
Redwood City, CA, 94065
http://www.cosinecom.com
e-mail: plambert@cosinecom.com e-mail: plambert@sprintmail.com
Full Copyright Statement Full Copyright Statement
Copyright (C) The Internet Society (2001). All Rights Reserved. Copyright (C) The Internet Society (2001). All Rights Reserved.
This document and translations of it may be copied and furnished to This document and translations of it may be copied and furnished to
others, and derivative works that comment on or otherwise explain others, and derivative works that comment on or otherwise explain
it or assist in its implementation may be prepared, copied, it or assist in its implementation may be prepared, copied,
published and distributed, in whole or in part, without restriction published and distributed, in whole or in part, without restriction
of any kind, provided that the above copyright notice and this of any kind, provided that the above copyright notice and this
 End of changes. 

This html diff was produced by rfcdiff 1.25, available from http://www.levkowetz.com/ietf/tools/rfcdiff/