draft-ietf-smime-gost-03.txt   draft-ietf-smime-gost-04.txt 
S/MIME Working Group Serguei Leontiev, CRYPTO-PRO S/MIME Working Group Serguei Leontiev, CRYPTO-PRO
Internet Draft Gregory Chudov, CRYPTO-PRO Internet Draft Gregory Chudov, CRYPTO-PRO
Expires August 5, 2005 February 5, 2005 Expires January 18, 2006 July 18, 2005
Intended Category: Informational Intended Category: Informational
Using the GOST 28147-89, GOST R 34.11-94, Using the GOST 28147-89, GOST R 34.11-94,
GOST R 34.10-94 and GOST R 34.10-2001 algorithms with the GOST R 34.10-94 and GOST R 34.10-2001 algorithms with the
Cryptographic Message Syntax (CMS) Cryptographic Message Syntax (CMS)
<draft-ietf-smime-gost-03.txt> <draft-ietf-smime-gost-04.txt>
Status of this Memo Status of this Memo
By submitting this Internet-Draft, I certify that any applicable By submitting this Internet-Draft, each author represents that any
patent or other IPR claims of which I am aware have been disclosed, applicable patent or other IPR claims of which he or she is aware
and any of which I become aware will be disclosed, in accordance with have been or will be disclosed, and any of which he or she becomes
RFC 3668. aware will be disclosed, in accordance with Section 6 of BCP 79.
This document is an Internet Draft and is subject to all provisions Internet-Drafts are working documents of the Internet Engineering
of Section 10 of RFC2026. Internet Drafts are working documents of Task Force (IETF), its areas, and its working groups. Note that
the Internet Engineering Task Force (IETF), its areas, and its other groups may also distribute working documents as Internet-
working groups. Note that other groups may also distribute working Drafts.
documents as Internet Drafts. Internet Drafts are draft documents
valid for a maximum of 6 months and may be updated, replaced, or Internet-Drafts are draft documents valid for a maximum of six months
obsoleted by other documents at any time. It is inappropriate to use and may be updated, replaced, or obsoleted by other documents at any
Internet Drafts as reference material or to cite them other than as a time. It is inappropriate to use Internet-Drafts as reference
"work in progress". material or to cite them other than a "work in progress."
The list of current Internet Drafts can be accessed at The list of current Internet Drafts can be accessed at
http://www.ietf.org/1id-abstracts.html http://www.ietf.org/1id-abstracts.html
The list of Internet Draft Shadow Directories can be accessed at The list of Internet Draft Shadow Directories can be accessed at
http://www.ietf.org/shadow.html http://www.ietf.org/shadow.html
Copyright (C) The Internet Society (2005). All Rights Reserved. Copyright Notice
Copyright (C) The Internet Society (2005).
Abstract Abstract
This document describes the conventions for using cryptographic This document describes the conventions for using cryptographic
algorithms GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001, GOST R algorithms GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001, GOST R
34.11-94, along with Cryptographic Message Syntax (CMS). The CMS is 34.11-94, along with Cryptographic Message Syntax (CMS). The CMS is
used for digital signature, digest, authentication and encryption used for digital signature, digest, authentication and encryption
arbitrary message contents. arbitrary message contents.
Table of Contents Table of Contents
skipping to change at page 2, line 14 skipping to change at page 2, line 17
1.2 Terminology. . . . . . . . . . . . . . . . . . . . . . . 3 1.2 Terminology. . . . . . . . . . . . . . . . . . . . . . . 3
2 Message Digest Algorithms. . . . . . . . . . . . . . . . 3 2 Message Digest Algorithms. . . . . . . . . . . . . . . . 3
2.1 Message Digest Algorithm GOST R 34.11-94 . . . . . . . . 3 2.1 Message Digest Algorithm GOST R 34.11-94 . . . . . . . . 3
3 Signature Algorithms . . . . . . . . . . . . . . . . . . 4 3 Signature Algorithms . . . . . . . . . . . . . . . . . . 4
3.1 Signature Algorithm GOST R 34.10-94. . . . . . . . . . . 4 3.1 Signature Algorithm GOST R 34.10-94. . . . . . . . . . . 4
3.2 Signature Algorithm GOST R 34.10-2001. . . . . . . . . . 4 3.2 Signature Algorithm GOST R 34.10-2001. . . . . . . . . . 4
4 Key Management Algorithms. . . . . . . . . . . . . . . . 5 4 Key Management Algorithms. . . . . . . . . . . . . . . . 5
4.1 Key Agreement Algorithms . . . . . . . . . . . . . . . . 5 4.1 Key Agreement Algorithms . . . . . . . . . . . . . . . . 5
4.1.1 Key Agreement Algorithm Based on GOST R 34.10-94/2001 4.1.1 Key Agreement Algorithm Based on GOST R 34.10-94/2001
Public Keys . . . . . . . . . . . . . . . . . . . . . . . . . . 5 Public Keys . . . . . . . . . . . . . . . . . . . . . . . . . . 5
4.2 Key Transport Algorithms. .. . . . . . . . . . . . . . . 6 4.2 Key Transport Algorithms. .. . . . . . . . . . . . . . . 7
4.2.1 Key Transport Algorithm Based on GOST R 34.10-94/2001 4.2.1 Key Transport Algorithm Based on GOST R 34.10-94/2001
Public Keys . . . . . . . . . . . . . . . . . . . . . . . . . . 7 Public Keys . . . . . . . . . . . . . . . . . . . . . . . . . . 7
5 Content Encryption Algorithms. . . . . . . . . . . . . . 8 5 Content Encryption Algorithms. . . . . . . . . . . . . . 8
5.1 Key-Encryption Key Algorithm GOST 28147-89 . . . . . . . 8 5.1 Key-Encryption Key Algorithm GOST 28147-89 . . . . . . . 8
6 MAC Algorithms . . . . . . . . . . . . . . . . . . . . . 8 6 MAC Algorithms . . . . . . . . . . . . . . . . . . . . . 9
6.1 HMAC with GOST R 34.11-94. . . . . . . . . . . . . . . . 9 6.1 HMAC with GOST R 34.11-94. . . . . . . . . . . . . . . . 9
7 Using with S/MIME. . . . . . . . . . . . . . . . . . . . 9 7 Using with S/MIME. . . . . . . . . . . . . . . . . . . . 9
7.1 Parameter micalg . . . . . . . . . . . . . . . . . . . . 9 7.1 Parameter micalg . . . . . . . . . . . . . . . . . . . . 9
7.2 Atribute SMIMECapabilities . . . . . . . . . . . . . . . 9 7.2 Atribute SMIMECapabilities . . . . . . . . . . . . . . . 9
8 Security Considerations. . . . . . . . . . . . . . . . . 10 8 Security Considerations. . . . . . . . . . . . . . . . . 10
9 Appendix Examples. . . . . . . . . . . . . . . . . . . . 11 9 Appendix Examples. . . . . . . . . . . . . . . . . . . . 11
9.1 Signed message . . . . . . . . . . . . . . . . . . . . . 11 9.1 Signed message . . . . . . . . . . . . . . . . . . . . . 11
9.2 Enveloped message using Key Agreement. . . . . . . . . . 12 9.2 Enveloped message using Key Agreement. . . . . . . . . . 12
9.3 Enveloped message using Key Transport. . . . . . . . . . 15 9.3 Enveloped message using Key Transport. . . . . . . . . . 14
10 Appendix ASN.1 Modules . . . . . . . . . . . . . . . . . 17 10 Appendix ASN.1 Modules . . . . . . . . . . . . . . . . . 17
10.1 GostR3410-EncryptionSyntax . . . . . . . . . . . . . . . 19 10.1 GostR3410-EncryptionSyntax . . . . . . . . . . . . . . . 17
10.2 GostR3410-94-SignatureSyntax . . . . . . . . . . . . . . 21 10.2 GostR3410-94-SignatureSyntax . . . . . . . . . . . . . . 19
10.3 GostR3410-2001-SignatureSyntax . . . . . . . . . . . . . 22 10.3 GostR3410-2001-SignatureSyntax . . . . . . . . . . . . . 20
11 References . . . . . . . . . . . . . . . . . . . . . . . 23 11 References . . . . . . . . . . . . . . . . . . . . . . . 21
Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 25 Acknowledgments . . . . . . . . . . . . . . . . . . . . . . . . 23
Author's Address. . . . . . . . . . . . . . . . . . . . . . . . 25 Author's Address. . . . . . . . . . . . . . . . . . . . . . . . 23
Full Copyright Statement. . . . . . . . . . . . . . . . . . . . 27 Full Copyright Statement. . . . . . . . . . . . . . . . . . . . 25
1 Introduction 1 Introduction
The Cryptographic Message Syntax [CMS] is used for digital signature, The Cryptographic Message Syntax [CMS] is used for digital signature,
digest, authentication and encryption arbitrary message contents. digest, authentication and encryption of arbitrary message contents.
This companion specification describes the usage of cryptographic This companion specification describes the use of cryptographic
algorithms GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001 and hash algorithms GOST 28147-89, GOST R 34.10-94, GOST R 34.10-2001 and GOST
algorithm GOST R 34.11-94 in CMS, proposed by CRYPTO-PRO Company for R 34.11-94 in CMS, as proposed by the CRYPTO-PRO Company for "Russian
"Russian Cryptographic Software Compatibility Agreement" community. Cryptographic Software Compatibility Agreement" community. This
This document does not describe those cryptographic algorithms; they document does not describe these cryptographic algorithms; they are
are defined in corresponding national standards. defined in corresponding national standards.
The CMS values are generated using ASN.1 [X.208-88], using BER- The CMS values are generated using ASN.1 [X.208-88], using BER-
encoding [X.209-88]. Algorithm identifiers (which include ASN.1 encoding [X.209-88]. This document specifies the algorithm
object identifiers) identify cryptographic algorithms, and some identifiers for each algorithm, including ASN.1 for object
algorithms require additional parameters. When needed, parameters identifiers and any associated parameters.
are specified with an ASN.1 structure. The algorithm identifier for
each algorithm is specified, and when needed, the parameter structure The fields in the CMS employed by each algorithm are identified.
is specified. The fields in the CMS employed by each algorithm are
identified.
1.2 Terminology 1.2 Terminology
In this document, the key words MUST, MUST NOT, REQUIRED, SHOULD, The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
SHOULD NOT, RECOMMENDED, and MAY are to be interpreted as described "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
in [RFC 2119]. document are to be interpreted as described in [RFC2119].
2 Message Digest Algorithms 2 Message Digest Algorithms
This section specifies the conventions for using digest algorithm This section specifies the conventions for using the digest algorithm
GOST R 34.11-94 employed by CMS. GOST R 34.11-94 employed by CMS.
Digest values are located in the DigestedData digest field and the Digest values are located in the DigestedData digest field and the
Message Digest authenticated attribute. In addition, digest values Message Digest authenticated attribute. In addition, digest values
are input to signature algorithms. are input to signature algorithms.
2.1 Message Digest Algorithm GOST R 34.11-94 2.1 Message Digest Algorithm GOST R 34.11-94
Hash function GOST R 34.11-94 has been developed by "GUBS of Federal Hash function GOST R 34.11-94 has been developed by "GUBS of Federal
Agency Government Communication and Information" and "All-Russian Agency Government Communication and Information" and "All-Russian
Scientific and Research Institute of Standardization". The algorithm Scientific and Research Institute of Standardization". The algorithm
GOST R 34.11-94 produces a 256-bit hash value of the arbitrary finite GOST R 34.11-94 produces a 256-bit hash value of the arbitrary finite
bit length input. This document does not contain GOST R 34.11-94 full bit length input. This document does not contain the full GOST R
specification, which can be found in [GOSTR3411] in Russian. 34.11-94 specification, which can be found in [GOSTR3411] in Russian.
[Schneier95] ch. 18.11, p. 454. contain the brief technical [Schneier95] ch. 18.11, p. 454. contains a brief technical
description in English. description in English.
id-CryptoPro OBJECT IDENTIFIER ::= id-CryptoPro OBJECT IDENTIFIER ::=
{ iso(1) member-body(2) ru(643) rans(2) cryptopro(2) } { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) }
id-CryptoPro-algorithms OBJECT IDENTIFIER ::= id-CryptoPro-algorithms OBJECT IDENTIFIER ::=
id-CryptoPro id-CryptoPro
The hash algorithm GOST R 34.11-94 has the following identifier: The hash algorithm GOST R 34.11-94 has the following identifier:
id-GostR3411-94 OBJECT IDENTIFIER ::= id-GostR3411-94 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms gostr3411(9) } { id-CryptoPro-algorithms gostr3411(9) }
The AlgorithmIdentifier parameters field MUST be present, and the The AlgorithmIdentifier parameters field MUST be present, and the
parameters field MUST contain NULL. Implementations MAY accept the parameters field MUST contain NULL. Implementations MAY accept the
GOST R 34.11-94 AlgorithmIdentifiers with absent parameters as well GOST R 34.11-94 AlgorithmIdentifiers with absent parameters as well
as NULL parameters. as NULL parameters.
This function is always used with default parameter set This function is always used with default parameters
gostR3411CryptoProParamSetAI (see section 8.2 of [CPALGS]). gostR3411CryptoProParamSetAI (see section 8.2 of [CPALGS]).
When Message Digest authenticated attribute is present, DigestedData When Message Digest authenticated attribute is present, DigestedData
digest contains 32-byte digest in little-endian representation: digest contains a 32-byte digest in little-endian representation:
GostR3411-94-Digest ::= OCTET STRING (SIZE (32)) GostR3411-94-Digest ::= OCTET STRING (SIZE (32))
3 Signature Algorithms 3 Signature Algorithms
This section specifies the CMS procedures for GOST R 34.10-94 and This section specifies the CMS procedures for GOST R 34.10-94 and
GOST R 34.10-2001 signature algorithms. GOST R 34.10-2001 signature algorithms.
Signature algorithm identifiers are located in the SignerInfo Signature algorithm identifiers are located in the SignerInfo
signatureAlgorithm field of SignedData. Also, signature algorithm signatureAlgorithm field of SignedData. Also, signature algorithm
skipping to change at page 4, line 33 skipping to change at page 4, line 33
Signature values are located in the SignerInfo signature field of Signature values are located in the SignerInfo signature field of
SignedData. Also, signature values are located in the SignerInfo SignedData. Also, signature values are located in the SignerInfo
signature field of countersignature attributes. signature field of countersignature attributes.
3.1 Signature Algorithm GOST R 34.10-94 3.1 Signature Algorithm GOST R 34.10-94
GOST R 34.10-94 has been developed by "GUBS of Federal Agency GOST R 34.10-94 has been developed by "GUBS of Federal Agency
Government Communication and Information" and "All-Russian Scientific Government Communication and Information" and "All-Russian Scientific
and Research Institute of Standardization". This signature algorithm and Research Institute of Standardization". This signature algorithm
MUST be used conjointly with GOST R 34.11-94 message digest MUST be used conjointly with GOST R 34.11-94 message digest
algorithm. This document does not contain GOST R 34.10-94 standard algorithm. This document does not contain the full GOST R 34.10-94
description, which is fully described in [GOSTR341094] in Russian, specification, which is fully described in [GOSTR341094] in Russian,
and brief description in English could be found in [Schneier95] ch. and a brief description in English can be found in [Schneier95] ch.
20.3, p. 495. 20.3, p. 495.
For a signature algorithm identifier, GOST R 34.10-94 public key The GOST R 34.10-94 signature algorithm has the following public key
algorithm OID [CPPK] is used: algorithm identifier [CPPK]:
id-GostR3410-94-signatute OBJECT IDENTIFIER ::= id-GostR3410-94 id-GostR3410-94-signature OBJECT IDENTIFIER ::= id-GostR3410-94
Signature algorithm GOST R 34.10-94 generates digital signature in Signature algorithm GOST R 34.10-94 generates a digital signature in
the form of a binary 512-bit vector (<r'>256||<s>256). the form of a binary 512-bit vector (<r'>256||<s>256).
signatureValue contains its little endian representation. signatureValue contains its little endian representation.
GostR3410-94-Signature ::= OCTET STRING (SIZE (64)) GostR3410-94-Signature ::= OCTET STRING (SIZE (64))
3.2 Signature Algorithm GOST R 34.10-2001 3.2 Signature Algorithm GOST R 34.10-2001
GOST R 34.10-2001 has been developed by "GUBS of Federal Agency GOST R 34.10-2001 has been developed by "GUBS of Federal Agency
Government Communication and Information" and "All-Russian Scientific Government Communication and Information" and "All-Russian Scientific
and Research Institute of Standardization". This signature algorithm and Research Institute of Standardization". This signature algorithm
MUST be used conjointly with GOST R 34.11-94. This document does not MUST be used conjointly with GOST R 34.11-94. This document does not
contain GOST R 34.10-2001 standard description, which is fully contain the full GOST R 34.10-2001 specification, which is fully
described in [GOSTR34102001]. described in [GOSTR341001].
For a signature algorithm identifier, GOST R 34.10-2001 public key The signature algorithm GOST R 34.10-2001 has the following public
algorithm OID [CPPK] is used: key algorithm identifier from [CPPK]:
id-GostR3410-2001-signatute OBJECT IDENTIFIER ::= id-GostR3410-2001 id-GostR3410-2001-signature OBJECT IDENTIFIER ::= id-GostR3410-2001
Signature algorithm GOST R 34.10-2001 generates digital signature in Signature algorithm GOST R 34.10-2001 generates a digital signature
the form of a binary 512-bit vector (<r'>256||<s>256). in the form of a binary 512-bit vector (<r'>256||<s>256).
signatureValue contains its little endian representation. signatureValue contains its little endian representation.
GostR3410-2001-Signature ::= OCTET STRING (SIZE (64)) GostR3410-2001-Signature ::= OCTET STRING (SIZE (64))
4 Key Management Algorithms 4 Key Management Algorithms
This chapter describes the key agreement and key transport This chapter describes the key agreement and key transport
algorithms, based on VKO GOST R 34.10-94 and VKO GOST R 34.10-2001 algorithms, based on VKO GOST R 34.10-94 and VKO GOST R 34.10-2001
key derivation algorithms, CryptoPro and GOST 28147-89 key wrap key derivation algorithms, and the CryptoPro and GOST 28147-89 key
algorithms, described in [CPALGS]. They MUST be used only with wrap algorithms, described in [CPALGS]. They MUST be used only with
content encryption algorithm GOST 28147-89, defined in section 5 of content encryption algorithm GOST 28147-89, defined in section 5 of
this document. this document.
4.1 Key Agreement Algorithms 4.1 Key Agreement Algorithms
This section specifies the conventions employed by CMS This section specifies the conventions employed by CMS
implementations that support key agreement using both VKO GOST R implementations that support key agreement using both VKO GOST R
34.10-94 and VKO GOST R 34.10-2001 algorithms, described in [CPALGS]. 34.10-94 and VKO GOST R 34.10-2001 algorithms, described in [CPALGS].
Key agreement algorithm identifiers are located in the EnvelopedData Key agreement algorithm identifiers are located in the EnvelopedData
skipping to change at page 6, line 42 skipping to change at page 6, line 42
encryptedKey MUST encapsulate Gost28147-89-EncryptedKey, where encryptedKey MUST encapsulate Gost28147-89-EncryptedKey, where
maskKey MUST be absent. maskKey MUST be absent.
Gost28147-89-EncryptedKey ::= SEQUENCE { Gost28147-89-EncryptedKey ::= SEQUENCE {
encryptedKey Gost28147-89-Key, encryptedKey Gost28147-89-Key,
maskKey [0] IMPLICIT Gost28147-89-Key maskKey [0] IMPLICIT Gost28147-89-Key
OPTIONAL, OPTIONAL,
macKey Gost28147-89-MAC macKey Gost28147-89-MAC
} }
Using the secret key, corresponding to originatorKey publicKey, and Using the secret key, corresponding to the originatorKey publicKey,
recipient's public key, algorithm VKO GOST R 34.10-94 or VKO GOST R and the recipient's public key, the algorithm VKO GOST R 34.10-94 or
34.10-2001 (described in [CPALGS]) is applied to produce KEK. VKO GOST R 34.10-2001 (described in [CPALGS]) is applied to produce
the KEK.
Then key wrap algorithm, specified by encryptionParamSet, is applied Then the key wrap algorithm, specified by encryptionParamSet, is
to produce CEK_ENC, CEK_MAC, and IV. GostR3410-TransportParameters applied to produce CEK_ENC, CEK_MAC, and IV.
encryptionParamSet is used for all encryption operations. GostR3410-TransportParameters encryptionParamSet is used for all
encryption operations.
The resulting encrypted key (CEK_ENC) is placed in The resulting encrypted key (CEK_ENC) is placed in
Gost28147-89-EncryptedKey encryptedKey field, it's mac (CEK_MAC) is Gost28147-89-EncryptedKey encryptedKey field, its mac (CEK_MAC) is
placed in Gost28147-89-EncryptedKey macKey field, and synchrovector placed in Gost28147-89-EncryptedKey macKey field, and synchrovector
(IV) is placed in GostR3410-TransportParameters ukm field. (IV) is placed in GostR3410-TransportParameters ukm field.
4.2 Key Transport Algorithms 4.2 Key Transport Algorithms
This section specifies the conventions employed by CMS This section specifies the conventions employed by CMS
implementations that support key transport using both VKO GOST R implementations that support key transport using both VKO GOST R
34.10-94 and VKO GOST R 34.10-2001 algorithms, described in [CPALGS]. 34.10-94 and VKO GOST R 34.10-2001 algorithms, described in [CPALGS].
Key transport algorithm identifiers are located in the EnvelopedData Key transport algorithm identifiers are located in the EnvelopedData
skipping to change at page 7, line 50 skipping to change at page 8, line 4
sessionEncryptedKey Gost28147-89-EncryptedKey, sessionEncryptedKey Gost28147-89-EncryptedKey,
transportParameters transportParameters
[0] IMPLICIT GostR3410-TransportParameters OPTIONAL [0] IMPLICIT GostR3410-TransportParameters OPTIONAL
} }
GostR3410-TransportParameters ::= SEQUENCE { GostR3410-TransportParameters ::= SEQUENCE {
encryptionParamSet OBJECT IDENTIFIER, encryptionParamSet OBJECT IDENTIFIER,
ephemeralPublicKey [0] IMPLICIT SubjectPublicKeyInfo OPTIONAL, ephemeralPublicKey [0] IMPLICIT SubjectPublicKeyInfo OPTIONAL,
ukm OCTET STRING ukm OCTET STRING
} }
Using the secret key, corresponding to the
Using the secret key, corresponding to GostR3410-TransportParameters GostR3410-TransportParameters ephemeralPublicKey, and the recipient's
ephemeralPublicKey, and recipient's public key, algorithm VKO GOST R public key, the algorithm VKO GOST R 34.10-94 or VKO GOST R
34.10-94 or VKO GOST R 34.10-2001 (described in [CPALGS]) is applied 34.10-2001 (described in [CPALGS]) is applied to produce the KEK.
to produce KEK.
Then key wrap algorithm, specified by encryptionParamSet, is applied Then key wrap algorithm, specified by encryptionParamSet, is applied
to produce CEK_ENC, CEK_MAC, and IV. GostR3410-TransportParameters to produce CEK_ENC, CEK_MAC, and IV. GostR3410-TransportParameters
encryptionParamSet is used for all encryption operations. encryptionParamSet is used for all encryption operations.
The resulting encrypted key (CEK_ENC) is placed in The resulting encrypted key (CEK_ENC) is placed in
Gost28147-89-EncryptedKey encryptedKey field, it's mac (CEK_MAC) is Gost28147-89-EncryptedKey encryptedKey field, its mac (CEK_MAC) is
placed in Gost28147-89-EncryptedKey macKey field, and synchrovector placed in Gost28147-89-EncryptedKey macKey field, and synchrovector
(IV) is placed in GostR3410-TransportParameters ukm field. (IV) is placed in GostR3410-TransportParameters ukm field.
5 Content Encryption Algorithms 5 Content Encryption Algorithms
This section specifies the conventions employed by CMS This section specifies the conventions employed by CMS
implementations that support content encryption using GOST 28147-89. implementations that support content encryption using GOST 28147-89.
Content encryption algorithm identifiers are located in the Content encryption algorithm identifiers are located in the
EnvelopedData EncryptedContentInfo contentEncryptionAlgorithm and the EnvelopedData EncryptedContentInfo contentEncryptionAlgorithm and the
skipping to change at page 9, line 13 skipping to change at page 9, line 13
} }
Gost28147-89-IV ::= OCTET STRING (SIZE (8)) Gost28147-89-IV ::= OCTET STRING (SIZE (8))
encryptionParamSet specifies the set of corresponding encryptionParamSet specifies the set of corresponding
Gost28147-89-ParamSetParameters (see section 8.1 of [CPALGS]) Gost28147-89-ParamSetParameters (see section 8.1 of [CPALGS])
6 MAC Algorithms 6 MAC Algorithms
This section specifies the conventions employed by CMS This section specifies the conventions employed by CMS
implementations that support the message authentication code (MAC) implementations that support the message authentication code (MAC)
based on GOST R 34.11-94 HMAC. This MAC can also be used as a based on GOST R 34.11-94.
pseudo-random function with 256 bits (32 bytes) internal state size,
which can be used to derive keys.
MAC algorithm identifiers are located in the AuthenticatedData MAC algorithm identifiers are located in the AuthenticatedData
macAlgorithm field. macAlgorithm field.
MAC values are located in the AuthenticatedData mac field MAC values are located in the AuthenticatedData mac field.
6.1 HMAC with GOST R 34.11-94 6.1 HMAC with GOST R 34.11-94
HMAC_GOSTR3411 (K,text) function is based on hash function GOST R HMAC_GOSTR3411 (K,text) function is based on hash function GOST R
34.11-94, as defined in [HMAC]. See [CPALGS], section 3 for details. 34.11-94, as defined in section 3 of [CPALGS].
OID for HMAC_GOSTR3411, defined by this document: This document specifies the following OID for this algorithm:
id-HMACGostR3411-94 OBJECT IDENTIFIER ::= id-HMACGostR3411-94 OBJECT IDENTIFIER ::=
{ id-CryptoPro-algorithms hmacgostr3411(10) } { id-CryptoPro-algorithms hmacgostr3411(10) }
This algorithm has the same parameters, as GOST R 34.11-94 digest This algorithm has the same parameters, as GOST R 34.11-94 digest
algorithm, and uses the same OIDs for their identification (see algorithm, and uses the same OIDs for their identification (see
[CPPK]). [CPPK]).
7 Using with S/MIME 7 Using with S/MIME
This section defines use of the algorithms defined in this document This section defines use of the algorithms defined in this document
together with S/MIME [RFC 2633]. together with S/MIME [RFC 3851].
7.1 Parameter micalg 7.1 Parameter micalg
When using the algorithms defined in this document, micalg parameter When using the algorithms defined in this document, micalg parameter
SHOULD be set to "gostr3411-94" or MAY be set to "unknown". SHOULD be set to "gostr3411-94" or it MAY be set to "unknown".
7.2 Attribute SMIMECapabilities 7.2 Attribute SMIMECapabilities
S/MIME message, which uses the algorithms defined in this document, The SMIMECapability value which indicates support for the GOST R
should contain the list of algorithm identifiers for digest and 34.11-94 digest algorithm is the SEQUENCE with the capabilityID field
encryption algorithms, defined in this document, with their
parameters, in it's SMIMECapabilities attribute.
The SMIMECapability value to indicate support for the GOST R 34.11-94
digest algorithm is the SEQUENCE with the capabilityID field
containing the object identifier id-GostR3411-94 and no parameters. containing the object identifier id-GostR3411-94 and no parameters.
The DER encoding is: The DER encoding is:
30 08 06 06 2A 85 03 02 02 09 30 08 06 06 2A 85 03 02 02 09
The SMIMECapability value which indicates support for the GOST
28147-89 encryption algorithm is the SEQUENCE with the capabilityID
field containing the object identifier id-Gost28147-89 and no
parameters. The DER encoding is:
The SMIMECapability value to indicate support for the GOST 28147-89 30 08 06 06 2A 85 03 02 02 15
encryption algorithm is the SEQUENCE with the capabilityID field
containing the object identifier id-Gost28147-89 and no parameters.
The DER encoding is:
30 08 06 06 2A 85 03 02 02 09
If the sender wishes to indicate support for specific parameter set, If the sender wishes to indicate support for a specific parameter
SMIMECapability parameters MUST contain Gost28147-89-Parameters set, SMIMECapability parameters MUST contain the
structure. Recipient MUST ignore the Gost28147-89-Parameters iv Gost28147-89-Parameters structure. Recipients MUST ignore the
field, and assume that the sender supports parameters, specified in Gost28147-89-Parameters iv field, and assume that the sender supports
Gost28147-89-Parameters encryptionParamSet field. parameters, specified in Gost28147-89-Parameters encryptionParamSet
field.
The DER encoding for the SMIMECapability, indicating support for GOST The DER encoding for the SMIMECapability, indicating support for GOST
28147-89 with id-Gost28147-89-CryptoPro-A-ParamSet (see [CPALGS]) is: 28147-89 with id-Gost28147-89-CryptoPro-A-ParamSet (see [CPALGS]) is:
30 1D 06 06 2A 85 03 02 02 15 30 13 04 08 00 00 30 1D 06 06 2A 85 03 02 02 15 30 13 04 08 00 00
00 00 00 00 00 00 06 07 2A 85 03 02 02 1F 01 00 00 00 00 00 00 06 07 2A 85 03 02 02 1F 01
8 Security Considerations 8 Security Considerations
Conforming applications MUST use unique values for ukm and iv. Conforming applications MUST use unique values for ukm and iv.
Recipients MAY verify that ukm and iv, specified by the sender, are Recipients MAY verify that ukm and iv, specified by the sender, are
unique. unique.
It is RECCOMENDED, that applications verify signature values and It is RECCOMENDED that software applications verify signature values,
subject public keys to conform to [GOSTR34102001], [GOSTR341094] subject public keys and algorithm parameters to conform to
standards prior to their use. [GOSTR341001] [GOSTR341094] standards prior to their use.
Cryptographic algorithm parameters affect rigidity of algorithms. Cryptographic algorithm parameters affect rigidity of algorithms.
The use of parameters, which are not listed in [CPALGS], is NOT The use of parameters not listed in [CPALGS] is NOT RECOMENDED (see
RECOMENDED (see Security Considerations section of [CPALGS]). Security Considerations section of [CPALGS]).
Use of the same key for signature and key derivation is NOT Use of the same key for signature and key derivation is NOT
RECOMMENDED. When signed CMS document is used as analogue to a RECOMMENDED. When signed CMS documents are used as an analogue to a
manual signing, in the context of Russian Federal Digital Signature manual signing, in the context of Russian Federal Digital Signature
Law [RFDSL], signer certificate MUST contain keyUsage extension, it Law [RFDSL], signer certificate MUST contain the keyUsage extension,
MUST be critical, and keyUsage MUST NOT include keyEncipherment or it MUST be critical, and keyUsage MUST NOT include keyEncipherment or
keyAgreement. Application SHOULD be submited for examination by an keyAgreement. Application SHOULD be submited for examination by an
authorized agency in appropriate levels of target_of_evaluation authorized agency in appropriate levels of target_of_evaluation
(TOE), according to [RFDSL], [RFLLIC] and [CRYPTOLIC]. (TOE), according to [RFDSL], [RFLLIC] and [CRYPTOLIC].
9 Appendix Examples 9 Appendix Examples
9.1 Signed message 9.1 Signed message
0 30 296: SEQUENCE { 0 30 296: SEQUENCE {
4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2) 4 06 9: OBJECT IDENTIFIER signedData (1 2 840 113549 1 7 2)
skipping to change at page 18, line 28 skipping to change at page 18, line 28
FROM PKIX1Explicit88 {iso(1) identified-organization(3) FROM PKIX1Explicit88 {iso(1) identified-organization(3)
dod(6) internet(1) security(5) mechanisms(5) pkix(7) dod(6) internet(1) security(5) mechanisms(5) pkix(7)
id-mod(0) id-pkix1-explicit-88(1)} id-mod(0) id-pkix1-explicit-88(1)}
; ;
-- CMS/PKCS#7 key transport algorithm & parameters -- CMS/PKCS#7 key transport algorithm & parameters
-- OID for CMS/PKCS#7 Key transport is id-GostR3410-94 from -- OID for CMS/PKCS#7 Key transport is id-GostR3410-94 from
-- GostR3410-94-PKISyntax or id-GostR3410-2001 from -- GostR3410-94-PKISyntax or id-GostR3410-2001 from
-- GostR3410-2001-PKISyntax -- GostR3410-2001-PKISyntax
-- Parameters for CMS/PKCS#7 Key transport are -- Parameters for CMS/PKCS#7 Key transport are
-- GostR3410-94-PublicKeyParameters from -- GostR3410-94-PublicKeyParameters from
-- GostR3410-94-PKISyntax with encryptionParameterOID -- GostR3410-94-PKISyntax with encryptionParameterOID or
or
-- GostR3410-2001-PublicKeyParameters from -- GostR3410-2001-PublicKeyParameters from
-- GostR3410-2001-PKISyntax with encryptionParameterOI -- GostR3410-2001-PKISyntax with encryptionParameterOID
D
-- Algorithm for CMS/PKCS#7 Key transport iare -- Algorithm for CMS/PKCS#7 Key transport iare
-- GostR3410-94-PublicKeyAlgorithms from -- GostR3410-94-PublicKeyAlgorithms from
-- GostR3410-94-PKISyntax or -- GostR3410-94-PKISyntax or
-- GostR3410-2001-PublicKeyAlgorithms from -- GostR3410-2001-PublicKeyAlgorithms from
-- GostR3410-2001-PKISyntax -- GostR3410-2001-PKISyntax
-- SMIMECapability for CMS/PKCS#7 Key transport are -- SMIMECapability for CMS/PKCS#7 Key transport are
-- id-GostR3410-94 from GostR3410-94-PKISyntax or -- id-GostR3410-94 from GostR3410-94-PKISyntax or
-- id-GostR3410-2001 from GostR3410-2001-PKISyntax -- id-GostR3410-2001 from GostR3410-2001-PKISyntax
id-GostR3410-94-KeyTransportSMIMECapability id-GostR3410-94-KeyTransportSMIMECapability
OBJECT IDENTIFIER ::= id-GostR3410-94 OBJECT IDENTIFIER ::= id-GostR3410-94
id-GostR3410-2001-KeyTransportSMIMECapability id-GostR3410-2001-KeyTransportSMIMECapability
OBJECT IDENTIFIER ::= id-GostR3410-2001 OBJECT IDENTIFIER ::= id-GostR3410-2001
GostR3410-KeyTransport ::= GostR3410-KeyTransport ::=
SEQUENCE { SEQUENCE {
sessionEncryptedKey Gost28147-89-EncryptedKey, sessionEncryptedKey Gost28147-89-EncryptedKey,
transportParameters [0] IMPLICIT GostR3410-TransportPar transportParameters [0]
ameters OPTIONAL IMPLICIT GostR3410-TransportParameters OPTIONAL
} }
GostR3410-TransportParameters ::= GostR3410-TransportParameters ::=
SEQUENCE { SEQUENCE {
encryptionParamSet encryptionParamSet
OBJECT IDENTIFIER ( OBJECT IDENTIFIER (
id-Gost28147-89-TestParamSet | -- Only for id-Gost28147-89-TestParamSet |
testing purposes -- Only for testing purposes
id-Gost28147-89-CryptoPro-A-ParamSet | id-Gost28147-89-CryptoPro-A-ParamSet |
id-Gost28147-89-CryptoPro-B-ParamSet | id-Gost28147-89-CryptoPro-B-ParamSet |
id-Gost28147-89-CryptoPro-C-ParamSet | id-Gost28147-89-CryptoPro-C-ParamSet |
id-Gost28147-89-CryptoPro-D-ParamSet | id-Gost28147-89-CryptoPro-D-ParamSet |
id-Gost28147-89-CryptoPro-Simple-A-ParamSet | id-Gost28147-89-CryptoPro-Simple-A-ParamSet |
id-Gost28147-89-CryptoPro-Simple-B-ParamSet | id-Gost28147-89-CryptoPro-Simple-B-ParamSet |
id-Gost28147-89-CryptoPro-Simple-C-ParamSet | id-Gost28147-89-CryptoPro-Simple-C-ParamSet |
id-Gost28147-89-CryptoPro-Simple-D-ParamSet id-Gost28147-89-CryptoPro-Simple-D-ParamSet
), ),
ephemeralPublicKey [0] IMPLICIT SubjectPublicKeyInfo ephemeralPublicKey [0]
OPTIONAL, IMPLICIT SubjectPublicKeyInfo OPTIONAL,
ukm OCTET STRING ( SIZE(8) ) ukm OCTET STRING ( SIZE(8) )
} }
GostR3410-KeyEncryptionAlgorithms GostR3410-KeyEncryptionAlgorithms
ALGORITHM-IDENTIFIER ::= { ALGORITHM-IDENTIFIER ::= {
{ GostR3410-94-PublicKeyParameters IDENTIFIED BY { GostR3410-94-PublicKeyParameters IDENTIFIED BY
id-GostR3410-94 } | id-GostR3410-94 } |
{ GostR3410-2001-PublicKeyParameters IDENTIFIED BY { GostR3410-2001-PublicKeyParameters IDENTIFIED BY
id-GostR3410-2001 } id-GostR3410-2001 }
} }
END -- GostR3410-EncryptionSyntax END -- GostR3410-EncryptionSyntax
skipping to change at page 21, line 13 skipping to change at page 21, line 11
-- GOST R 34.10-2001 signature algorithms and parameters -- GOST R 34.10-2001 signature algorithms and parameters
GostR3410-2001-CMSSignatureAlgorithms GostR3410-2001-CMSSignatureAlgorithms
ALGORITHM-IDENTIFIER ::= { ALGORITHM-IDENTIFIER ::= {
{ GostR3410-2001-PublicKeyParameters IDENTIFIED BY { GostR3410-2001-PublicKeyParameters IDENTIFIED BY
id-GostR3410-2001 } id-GostR3410-2001 }
} }
END -- GostR3410-2001-SignatureSyntax END -- GostR3410-2001-SignatureSyntax
11 References 11 References
[GOST28147] "Cryptographic Protection for Data Processing Sys- Normative references:
tem", GOST 28147-89, Gosudarstvennyi Standard of
USSR, Government Committee of the USSR for Standards, [GOST28147] "Cryptographic Protection for Data Processing System",
1989. (In Russian); GOST 28147-89, Gosudarstvennyi Standard of USSR, Gov-
ernment Committee of the USSR for Standards, 1989. (In
Russian);
[GOSTR341094] "Information technology. Cryptographic Data Security. [GOSTR341094] "Information technology. Cryptographic Data Security.
Produce and check procedures of Electronic Digital Produce and check procedures of Electronic Digital Sig-
Signatures based on Asymmetric Cryptographic Algo- natures based on Asymmetric Cryptographic Algorithm.",
rithm.", GOST R 34.10-94, Gosudarstvennyi Standard of GOST R 34.10-94, Gosudarstvennyi Standard of Russian
Russian Federation, Government Committee of the Rus- Federation, Government Committee of the Russia for
sia for Standards, 1994. (In Russian); Standards, 1994. (In Russian);
[GOSTR34102001] "Information technology. Cryptographic data security. [GOSTR341001] "Information technology. Cryptographic data security.
Signature and verification processes of [electronic] Signature and verification processes of [electronic]
digital signature.", GOST R 34.10-2001, Gosudarstven- digital signature.", GOST R 34.10-2001, Gosudarstvennyi
nyi Standard of Russian Federation, Government Com- Standard of Russian Federation, Government Committee of
mittee of the Russia for Standards, 2001. (In Rus- the Russia for Standards, 2001. (In Russian);
sian);
[GOSTR341194] "Information technology. Cryptographic Data Security. [GOSTR341194] "Information technology. Cryptographic Data Security.
Hashing function.", GOST R 34.10-94, Gosudarstvennyi Hashing function.", GOST R 34.10-94, Gosudarstvennyi
Standard of Russian Federation, Government Committee Standard of Russian Federation, Government Committee of
of the Russia for Standards, 1994. (In Russian); the Russia for Standards, 1994. (In Russian);
[Schneier95] B. Schneier, Applied cryptography, second edition,
John Wiley & Sons, Inc., 1995;
[RFC 3280] Housley, R., Polk, W., Ford, W. and D. Solo, [RFC 3280] Housley, R., Polk, W., Ford, W. and D. Solo,
"Internet X.509 Public Key Infrastructure Certificate "Internet X.509 Public Key Infrastructure Certificate
and Certificate Revocation List (CRL) Profile", RFC and Certificate Revocation List (CRL) Profile", RFC
3280, April 2002. 3280, April 2002.
[RFC 3279] Algorithms and Identifiers for the Internet X.509 [RFC 3279] Algorithms and Identifiers for the Internet X.509 Pub-
Public Key Infrastructure Certificate and Certificate lic Key Infrastructure Certificate and Certificate
Revocation List (CRL) Profile. L. Bassham, W. Revocation List (CRL) Profile. L. Bassham, W.
Polk, R. Housley. April 2002. Polk, R. Housley. April 2002.
[RFC 2119] Bradner, S., "Key Words for Use in RFCs to Indi- [RFC 2119] Bradner, S., "Key Words for Use in RFCs to Indi-
cateRequirement Levels", BCP 14, RFC 2119, March cateRequirement Levels", BCP 14, RFC 2119, March 1997.
1997.
[CMS] R. Housley, "Cryptographic Message Syntax", RFC 3369, [CMS] R. Housley, "Cryptographic Message Syntax", RFC 3369,
August 2002 August 2002
[X.208-88] CCITT. Recommendation X.208: Specification of [RFC 3851] B. Ramsdell, "Secure/Multipurpose Internet Mail Exten-
Abstract Syntax Notation One (ASN.1). 1988. sions (S/MIME) Version 3.1 Message Specification", RFC
3851. July 2004
[X.208-88] CCITT. Recommendation X.208: Specification of Abstract
Syntax Notation One (ASN.1). 1988.
[X.209-88] CCITT. Recommendation X.209: Specification of Basic [X.209-88] CCITT. Recommendation X.209: Specification of Basic
Encoding Rules for Abstract Syntax Notation One Encoding Rules for Abstract Syntax Notation One
(ASN.1). 1988.. (ASN.1). 1988..
[CPPK] S. Leontiev, D. Shefanovskij, "Algorithms and Identi- [CPPK] S. Leontiev, D. Shefanovskij, "Using the GOST R
fiers for the Internet X.509 Public Key Infrastruc- 34.10-94, GOST R 34.10-2001 and GOST R 34.11-94 algo-
ture Certificates and Certificate Revocation List rithms with the Internet X.509 Public Key Infrastruc-
(CRL), corresponding to the algorithms GOST R ture Certificate and CRL Profile.", draft-ietf-pkix-
34.10-94, GOST R 34.10-2001, GOST R 34.11-94", draft- gost-cppk-02.txt
ietf-pkix-gost-cppk-02.txt
[CPALGS] V. Popov, I. Kurepkin, S. Leontiev "Additional cryp- [CPALGS] V. Popov, I. Kurepkin, S. Leontiev "Additional crypto-
tographic algorithms for use with GOST 28147-89, GOST graphic algorithms for use with GOST 28147-89, GOST R
R 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 34.10-94, GOST R 34.10-2001, and GOST R 34.11-94 algo-
algorithms.", draft-popov-cryptopro-cpalgs-02.txt rithms.", draft-popov-cryptopro-cpalgs-03.txt
[HMAC] H. Krawczyk, M. Bellare, R. Canetti, "HMAC: Keyed- Informative references:
Hashing for Message Authentication", RFC 2104 Febru-
ary 1997. [Schneier95] B. Schneier, Applied cryptography, second edition,
John Wiley & Sons, Inc., 1995;
[RFDSL] "Russian Federal Digital Signature Law", 10 Jan 2002 [RFDSL] "Russian Federal Digital Signature Law", 10 Jan 2002
N1-FZ N1-FZ
[RFLLIC] "Russian Federal Law on Licensing of Selected Activ-
ity Categories", 08 Aug 2001 N 128-FZ
[RFLLIC] "Russian Federal Law on Licensing of Selected Activity
Categories", 08 Aug 2001 N 128-FZ
[CRYPTOLIC] "Russian Federal Goverment Regulation on Licensing of [CRYPTOLIC] "Russian Federal Goverment Regulation on Licensing of
Selected Activity Categories in Cryptography Area", Selected Activity Categories in Cryptography Area", 23
23 Sep 2002 N 691 Sep 2002 N 691
Acknowledgments Acknowledgments
This document was created in accordance with "Russian Cryptographic This document was created in accordance with "Russian Cryptographic
Software Compatibility Agreement", signed by FGUE STC "Atlas", Software Compatibility Agreement", signed by FGUE STC "Atlas",
CRYPTO-PRO, Factor-TC, MD PREI, Infotecs GmbH, SPRCIS (SPbRCZI), CRYPTO-PRO, Factor-TC, MD PREI, Infotecs GmbH, SPRCIS (SPbRCZI),
Cryptocom, R-Alpha. The aim of this agreement is to achieve mutual Cryptocom, R-Alpha. The aim of this agreement is to achieve mutual
compatibility of the products and solutions. compatibility of the products and solutions.
The authors wish to thank: The authors wish to thank:
skipping to change at page 24, line 14 skipping to change at page 24, line 11
Gregory Chudov Gregory Chudov
CRYPTO-PRO CRYPTO-PRO
38, Obraztsova, 38, Obraztsova,
Moscow, 127018, Russian Federation Moscow, 127018, Russian Federation
EMail: chudov@cryptopro.ru EMail: chudov@cryptopro.ru
Alexandr Afanasiev Alexandr Afanasiev
Factor-TC Factor-TC
office 711, 14, Presnenskij val, office 711, 14, Presnenskij val,
Moscow, 123557, Russian Federation Moscow, 123557, Russian Federation
EMail: aaaf@factor-ts.ru EMail: afa@factor-ts.ru
Nikolaj Nikishin Nikolaj Nikishin
Infotecs GmbH Infotecs GmbH
p/b 35, 80-5, Leningradskij prospekt, p/b 35, 80-5, Leningradskij prospekt,
Moscow, 125315, Russian Federation Moscow, 125315, Russian Federation
EMail: nikishin@infotecs.ru EMail: nikishin@infotecs.ru
Boleslav Izotov Boleslav Izotov
FGUE STC "Atlas" FGUE STC "Atlas"
38, Obraztsova, 38, Obraztsova,
skipping to change at page 25, line 5 skipping to change at page 24, line 49
office 239, 51, Leninskij prospekt, office 239, 51, Leninskij prospekt,
Moscow, 119991, Russian Federation Moscow, 119991, Russian Federation
EMail: igus@cryptocom.ru EMail: igus@cryptocom.ru
Anatolij Erkin Anatolij Erkin
SPRCIS (SPbRCZI) SPRCIS (SPbRCZI)
1, Obrucheva, 1, Obrucheva,
St.Petersburg, 195220, Russian Federation St.Petersburg, 195220, Russian Federation
EMail: erkin@nevsky.net EMail: erkin@nevsky.net
Full Copyright Statement Intellectual Property Statement
The IETF takes no position regarding the validity or scope of any
Intellectual Property Rights or other rights that might be claimed to
pertain to the implementation or use of the technology described in
this document or the extent to which any license under such rights
might or might not be available; nor does it represent that it has
made any independent effort to identify any such rights. Information
on the procedures with respect to rights in RFC documents can be
found in BCP 78 and BCP 79.
Copyright (C) The Internet Society (2005). This document is subject Copies of IPR disclosures made to the IETF Secretariat and any
to the rights, licenses and restrictions contained in BCP 78, and assurances of licenses to be made available, or the result of an
except as set forth therein, the authors retain all their rights. attempt made to obtain a general license or permission for the use of
such proprietary rights by implementers or users of this
specification can be obtained from the IETF on-line IPR repository at
http://www.ietf.org/ipr.
The IETF invites any interested party to bring to its attention any
copyrights, patents or patent applications, or other proprietary
rights that may cover technology that may be required to implement
this standard. Please address the information to the IETF at ietf-
ipr@ietf.org.
Disclaimer of Validity
This document and the information contained herein are provided on an This document and the information contained herein are provided on an
"AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS "AS IS" basis and THE CONTRIBUTOR, THE ORGANIZATION HE/SHE REPRESENTS
OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET OR IS SPONSORED BY (IF ANY), THE INTERNET SOCIETY AND THE INTERNET
ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED, ENGINEERING TASK FORCE DISCLAIM ALL WARRANTIES, EXPRESS OR IMPLIED,
INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE
INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED
WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
Full Copyright Statement
Copyright (C) The Internet Society (2005). This document is subject
to the rights, licenses and restrictions contained in BCP 78, and
except as set forth therein, the authors retain all their rights.
Acknowledgment
Funding for the RFC Editor function is currently provided by the
Internet Society.
Expires January 2006
 End of changes. 

This html diff was produced by rfcdiff 1.25, available from http://www.levkowetz.com/ietf/tools/rfcdiff/